Hackers are breaking into online loyalty card accounts using stolen credentials or easily obtainable information, and then not only ransacking the profiles' balances but also harvesting victims' personal data for subsequent identity theft, Akamai has warned.
In its Loyalty for Sale – Retail and Hospitality Fraud report published today, Akamai reckoned that ne'er-do-wells began actively targeting retail, travel, and hospitality sectors with a wave of credential-stuffing attacks that accelerated as the COVID-19 pandemic forced most retail activity onto the web.
Credential stuffing is where a miscreant obtains usernames and passwords from one hacked website, and then plugs those details into another website and gains access to accounts sharing the same login details. It's why you should use a unique password for each site and service you use online: if one customer database is leaked, it shouldn't lead to the unlocking of all your other accounts.
..
Support the originator by clicking the read the rest link below.
