Sign up for The Paypers newsletter Follow The Paypers on LinkedIn Follow The Paypers on Twitter Follow The Paypers on Facebook
The Paypers, paypers, Insight in payments, News, Reports, Events
 advertisement
Digital Identity, Security & Online Fraud

Research: majority of Australia's top 250 websites can't detect bot attacks

Thursday 18 April 2019 | 10:27 AM CET

Most organisations can’t spot automated credential stuffing attacks, according to security company Kasada.

The company’s research shows that 86% of Australia’s top 250 websites can't tell the difference between a human using a web browser and a bot running a script, leaving them vulnerable to credential stuffing attacks.

Researchers focused on the industries most often targeted by bot attacks such as retail, property, wagering, finance, airlines, utilities, and health insurance. The researchers loaded the sites’ login pages using automation tools and the results showed that 90% of the websites failed to detect those automated logins.

Also, 86% of the tested websites failed to detect differences between types of scripts injected/tools used. Credential stuffing is the one kind of attack where it is easier for the bad guys to build a return on investment, encouraging them to spend money to evade detection, Kasada’s lead field engineer added.

More: Link
 advertisement
 advertisement
 advertisement
 advertisement