The company’s research shows that 86% of Australia’s top 250 websites cant tell the difference between a human using a web browser and a bot running a script, leaving them vulnerable to credential stuffing attacks.
Researchers focused on the industries most often targeted by bot attacks such as retail, property, wagering, finance, airlines, utilities, and health insurance. The researchers loaded the sites’ login pages using automation tools and the results showed that 90% of the websites failed to detect those automated logins.
Also, 86% of the tested websites failed to detect differences between types of scripts injected/tools used. Credential stuffing is the one kind of attack where it is easier for the bad guys to build a return on investment, encouraging them to spend money to evade detection, Kasada’s lead field engineer added.
The Paypers is the Netherlands-based leading independent source of news and intelligence for professional in the global payment community.
The Paypers provides a wide range of news and analysis products aimed at keeping the ecommerce, fintech, and payment professionals informed about the latest developments in the industry.
Current themes
No part of this site can be reproduced without explicit permission of The Paypers (v2.7).
Privacy Policy / Cookie Statement
Copyright