Over time passwords have become a ubiquitous part of our digital activities. They’re something we expect to create and manage for all of our accounts, and yet with all of our online accounts, having unique passwords can be difficult. Despite this, they remain the most common way of locking unauthorized persons out of our systems and away from our sensitive …
Disney and the Password Reuse Problem
Disney+ Launch: A whole new world of excellent content, the same password reuse problem Consumers and critics alike have long clamored for the Disney+ streaming service, however, its recent launch has once again exposed the risks with password reuse. Even a mega-brand like Disney has password risks. An investigation found that less than 48 hours after launch, thousands of exposed …
Protecting Loyalty Accounts and Rewards Programs
According to LoyaltyOne, a loyalty advisory company, in the US, there are at least 3.8 billion rewards memberships, which equates to about 10 per consumer. Companies create loyalty programs for their customers because it decreases customer attrition while also giving the company more information on each customer for data mining and partnerships. One key challenge for companies is protecting those …
Are gaming companies and forums taking security seriously?
Many gaming companies and gaming-related websites prioritize user experience and easy access above security and strong authentication. They have found that increasing friction at login can drive customer attrition… which then translates into decreased revenue. But are they taking security seriously enough? This is a theme Enzoic’s CTO, Mike Wilson, recently explored in a conversation with Threatpost’s Tom Spring. The …
Questions To Ask When Considering A Credential Screening Solution
Credential screening providers are critical business partners who help mitigate the risks of cyberattacks and choosing the right one can prevent exposure of additional risks. Depending on how the data is handled, you can introduce more or less risk into your environment. We hope this article is valuable in helping you determine which credential screening provider is right for your …
The Costs and Risks of Account Takeover
Account takeover (ATO) attacks result in billions of dollars of fraud and damage to brand reputation each year. These are the costs and risks associated with ATO. Defining ATO Let’s start by defining ATO. Account takeover is a form of online identity theft in which a cybercriminal illegally gains access to a victim’s account, such as a bank account or …
Credential Stuffing Attacks vs. Brute Force Attacks
The Open Web Application Security Project (OWASP), a non-profit that is dedicated to web application security, classifies credential stuffing as a subset of brute force attacks. However, in practice, the two types of cyber-attacks use very different methods to accomplish an account takeover and fraud. To explore how credential stuffing attacks and brute force attacks differ, we need to understand …