Phishing attacks used to be the work of hobbyists, but now professional fraudsters are leveraging stolen credentials to compromise multiple accounts.
Credential-stuffing schemes rely on the widespread, irresponsible practice of using the same login credentials to access multiples accounts.
A cybercriminal going by the name DetoxRansome claims to have stolen user credentials from Bitdefender and is now holding the information for ransom.
The Syrian Electronic Army gave Forbes and the rest of the Internet an ugly new reason to not use the same login information across multiple accounts.
Between key-logging malware, phishing schemes and e-commerce sites, there are many ways cyber criminals can steal corporate credentials and commit fraud.
Maintaining the security of POS systems is a growing concern: The Dexter malware has been found to target customers' payment information.
Sometimes, credential theft isn't flagged by banks' typical risk engines and can only be detected by malware prevention tools such as Trusteer Pinpoint.
Users who submit data to phishing emails can see the integrity of that information compromised by a fraudster within a 'goldern hour' of 60 minutes.