WebsiteGear Logo Log In
New User? Sign Up
About | Contact | FAQ
HOME ACCOUNT PRODUCTS NEWS ARTICLES DIRECTORY CLASSIFIEDS FORUMS TOOLS
* Post a FREE Ad on WebsiteGear Classifieds !
  Home News Website Related Website Revenue Wednesday, April 24, 2024 
Add Press Release News | News Feeds Feeds | Email This News Email


Akamai Security Research: Loyalty Programs Continue to be Targeted by Criminals as Account Data is Easily Sold or Traded
Thursday, October 29, 2020

Retail, Hospitality, Travel industries were hit with over 63 billion credential stuffing and 4 billion web application attacks in last two years

CAMBRIDGE, Mass., Oct. 21, 2020 /PRNewswire/ -- Akamai (NASDAQ: AKAM) the intelligent edge platform for security and delivering digital experiences, today published the State of the Internet / Security report: Loyalty for Sale - Retail and Hospitality Fraud. The report details criminal activity targeting the retail, travel, and hospitality sectors with attacks of all types and sizes between July 2018 and June 2020. The report also includes numerous examples of criminal ads from the darknet illustrating how they cash in on the results from successful attacks and the corresponding data theft.

"Criminals are not picky -- anything that can be accessed can be used in some way," said Steve Ragan, Akamai security researcher and author of the State of the Internet / Security report. "This is why credential stuffing has become so popular over the past few years. These days, retail and loyalty profiles contain a smorgasbord of personal information, and in some cases financial information too. All of this data can be collected, sold, and traded or even compiled for extensive profiles that can later be used for crimes such as identity theft."

During the COVID-19 pandemic-related lockdowns in Q1 2020, criminals took advantage of the worldwide situation and circulated password combination lists, targeting each of the commerce industries featured in the report. It was during this time that criminals started recirculating old credential lists in an effort to identify new vulnerable accounts, leading to a significant uptick in criminal inventory and sales related to loyalty programs.

Between July 2018 and June 2020, Akamai observed more than 100 billion credential stuffing attacks in total. In the commerce category - comprising the retail, travel, and hospitality industries - there were 63,828,642,449 recorded. More than 90% of the attacks in the commerce category targeted the retail industry.

Credential stuffing isn't the only way that criminals target the retail, travel, and hospitality industries. They target organizations in these industries at the source using SQL Injection (SQLi) and Local File Inclusion (LFI) attacks. Between July 2018 and June 2020, Akamai observed 4,375,711,860 web attacks against retail, travel, and hospitality, accounting for 41% of the overall attack volume across all industries. Within this data set, 83% of those web attacks targeted the retail sector alone. SQLi attacks are an evident favorite among criminals, accounting for just under 79% of the total web application attacks against retail, travel, and hospitality.

As the global economy prepares for a holiday shopping season, it does so in an environment that has changed radically due to the pandemic. Consumers will not be standing outside of brick and mortar stores waiting for the latest deals in the same way they have in the past. They're going to log-in, collect their reward points, and maybe use loyalty programs to gain some discounts or other perks just for being a member.

Considering everything that goes into a successful loyalty program, and the information people need to provide in order to take part, the criminals have everything they need to get started in a number of crime-related ventures, from account takeovers, to straight-up identity theft. So, while an individual's loyalty to a merchant, airline, or hotel chain might not literally be for sale, there's a good chance the account associated with such programs might be.

"All businesses need to adapt to external events, whether it's a pandemic, a competitor, or an active and intelligent attacker," Ragan concluded. "Some of the top loyalty programs targeted require nothing more than a mobile number and a numeric password, while others rely on easily obtained information as a means of authentication. There is an urgent need for better identity controls and countermeasures to prevent attacks against APIs and server resources."

The Akamai 2020 State of the Internet / Security report, Loyalty for Sale - Retail and Hospitality Fraud is available here. In addition, Akamai will host a webinar on Thursday, October 22 at 11:00 a.m. ET where Akamai security experts discuss the findings of this latest report. To register for the webinar, visit here.

For additional information, the security community can access, engage with, and learn from Akamai's threat researchers and the insight that the Akamai Intelligent Edge Platform affords into the evolving threat landscape, visit Akamai's Threat Research Hub.

About Akamai

Akamai secures and delivers digital experiences for the world's largest companies. Akamai's intelligent edge platform surrounds everything, from the enterprise to the cloud, so customers and their businesses can be fast, smart, and secure. Top brands globally rely on Akamai to help them realize competitive advantage through agile solutions that extend the power of their multi-cloud architectures. Akamai keeps decisions, apps and experiences closer to users than anyone -- and attacks and threats far away. Akamai's portfolio of edge security, web and mobile performance, enterprise access and video delivery solutions is supported by unmatched customer service, analytics and 24/7/365 monitoring. To learn why the world's top brands trust Akamai, visit www.akamai.com, blogs.akamai.com, or @Akamai on Twitter. You can find our global contact information at www.akamai.com/locations.


     Contacts:



     Tim Whitman                    
     Tom Barth



     Media Relations                
     Investor Relations



     617-444-3019                   
     617-274-7130



     
              twhitman@akamai.com 
     
              tbarth@akamai.com

View original content to download multimedia:http://www.prnewswire.com/news-releases/akamai-security-research-loyalty-programs-continue-to-be-targeted-by-criminals-as-account-data-is-easily-sold-or-traded-301156579.html

SOURCE Akamai Technologies, Inc.



Email This News Email | Submit To Slashdot Slashdot | Submit To Digg.com Digg | Submit To del.icio.us Del.icio.us | News Feeds Feeds

RELATED NEWS ARTICLES
Nav Commercial Fluid Power Provides Notification of Data Security Incident | Apr 24, 2024
Nav G. Robert Harvey honors his father's service in World War II | Apr 24, 2024
Nav Forter Strengthens its Trust Platform with a Wave of Innovations | Apr 24, 2024
Nav REBOUND ORTHOPEDICS & NEUROSURGERY NOTICE OF DATA SECURITY EVENT | Apr 24, 2024
Nav GREEN DIAMOND RESOURCE COMPANY PROVIDES NOTICE OF DATA EVENT | Apr 24, 2024
Nav The Xbox Mastercard, Issued by Barclays, Now Available in the U.S. with More Value | Apr 24, 2024
Nav Group-IB takes part in a global operation to cripple Canadian Phishing-as-a-Service provider LabHost | Apr 24, 2024
Nav Baozun Files Annual Reports for Fiscal Year 2023 | Apr 24, 2024
Nav Author Natasha Burell releases 'St John the Ambulance Cat' | Apr 24, 2024
Nav Stefan R. Oehl releases 'Kawasaki Superbikes: Z1000 R and Z1100 R' | Apr 24, 2024
NEWS SEARCH
Survey Software
Survey Software
Click Tracking Software
Click Tracking
Poll Software
Poll Software
Rating Software
Rating Software
FEATURED NEWS | POPULAR NEWS
Submit News | View More News View More News
Copyright © 2003-2024 WebsiteGear Inc. All rights reserved. WEBSITEGEAR® is a registered trademark of WebsiteGear Inc.