Credential farming - harvest and re-use

​Credentials are the lifeblood of cyber-attacks. Access to users accounts opens up lots of potential attack vectors for a bad actor. They could use the account to attack people in your address book, they can understand when payments will be made to initiate BEC attacks, they can access all of the users files and upload their own malware to cloud repositories, and they can also move laterally within a business by emailing colleagues from the genuine account meaning the email content will likely not be fully scanned but also inherently trusted. It is important that users know and understand how vulnerable they can be from this type of attack, and how easy they are to perform. This video shows how easy it can be for an attacker to take a user’s credentials and also check if the credential pair are used in other accounts, an attack known as credential stuffing. It may not be the corporate account that is initially targeted, but if a user uses the same password on their Facebook account as they do to log into your network they may be opening up blind spots in your infrastructure.