Fraud & Risk

Global Retailer Credential Stuffing Case Study


Case Study

In early 2018, one of the world’s largest retailers identified they were being frequently targeted by credential stuffing attacks. Using breached username and passwords, threat actors were gaining access to customer accounts to make fraudulent purchases, costing the tune of millions of pounds per month. Attackers can then sell on the validated account via the Dark Web.

The fraudulent activity not only cost the retailer directly, but also put the brand’s reputation at risk. Customers were continually locked out of accounts, asked to verify their legitimacy or required to reset their usernames and passwords following an attack, leaving many users feeling frustrated.

Netacea describes what measures were implemented to prevent credential stuffing to protect the retailer from both volumetric and low and slow credential stuffing attacks, freeing up their SOC team to focus on new and emerging threats.

Global Retailer Credential Stuffing Case Study

Download Now