“Conducting credential stuffing attacks are easy, low-risk, and deliver high return on investment, if successful,” added Leo Pate, an application security consultant with nVisium, an application security provider in Herndon, Va.

“From a criminal point-of-view, many platforms don’t offer strong security controls, like multi-factor authentication, or users simply do not take advantage of them, even if available, thereby resulting in a higher rate of successful compromise,” he told TechNewsWorld.

Read entire article here