2021 Credential Stuffing Report

Fraud

Attack Types

Credential Stuffing

Cybercrime

Shape Security & F5 Labs

Nov 15, 2021

Whitepapers

Despite consensus about best practices, industry behaviors around password storage remain poor. Plaintext storage of passwords is responsible for the greatest number of spilled credentials by far, and the widely discredited hashing algorithm MD5 remains surprisingly prevalent.

Organizations remain weak at detecting and discovering intrusions and data exfiltration. Median time to discovering a credential spill between 2018 and 2020 was 120 days; the average time to discovery was 327 days. Often spills are discovered on the dark web before organizations detect or disclose a breach.

Some content is hidden, to be able to see it login here Login

Tagged:

Blue-tinted background of a man watching a webinar

Host a Webinar with the MRC

Help the MRC community stay current on relevant fraud, payments, and law enforcement topics.

Submit a Request

Publish Your Document with the MRC

Feature your case studies, surveys, and whitepapers in the MRC Resource Center.

Submit Your Document

Related Resources

Mar 13, 2028

MRC Vegas 2028 Join MRC Vegas 2028, the leading fraud prevention and payments event, 16-19 March at ARIA Resort & Casino, Las Vegas. Network with industry leaders and explore cutting-edge solutions in the payment processing space.

Mar 15, 2027

MRC Vegas 2027 Join the global payments and fraud prevention community at MRC Vegas 2027, 15-18 March, at ARIA Resort & Casino. Connect with industry leaders and gain insights to combat fraud and drive payment innovation.

Mar 16, 2026

MRC Vegas 2026 Save the Date for MRC Vegas 2026! Join us from 16-19 March 2026 at ARIA Resort & Casino in Las Vegas for the premier payments and fraud prevention conference. Discover cutting-edge insights from industry leaders, engage in expert panels, and network with peers.

Mar 05, 2025

Fraud in the Fast Lane, Navigating First-Party Fraud and "Gaming" the System, presented by AtData In the race to maintain customer loyalty and drive sales, merchants are facing an escalating challenge: first-party fraud. With social media platforms amplifying the spread of “lifehacks” and “how-to” guides that can border on fraud, businesses must stay ahead of this evolving threat.

Nov 12, 2024

MRC Welcome & Sponsor Intro | AI's Journey to Generative AI : Unveiling the History, Myths, and Global Impact on Fraud and Payments Generative AI, like ChatGPT, has become a central focus for merchants looking to stay competitive in a rapidly evolving digital landscape.

Nov 12, 2024

Generative AI in Cybersecurity: Defending Against Evolving Threats Explore the transformative impact of Generative AI on cybersecurity, focusing on its role in predicting, detecting, and responding to modern cyber threats.

Nov 12, 2024

Generative AI for e-Commerce: 4 Use Cases to Address Business Challenges and Mitigate Risks Beyond Transaction Fraud Generative AI transforms the payments industry by improving transaction processes, fraud detection, customer support, and operational efficiency. Industry leaders are leveraging AI to optimize payment systems and reduce risks.

Nov 12, 2024

Global Generative AI Regulations and Ethical Concerns: A Cross-Region Overview As generative AI (GenAI) technology rapidly advances, regulatory efforts are underway across regions, including the U.S., EU, APAC, ANZ, and LATAM/Brazil.

Dec 05, 2023

DataDome - 2023 U.S. Bot Security Report DataDome's new study finds that a staggering 68% of US websites are unprotected against simple bot attacks, highlighting how vulnerable US businesses are to automated online threats. E-commerce sites are particularly exposed.

Aug 11, 2023

2023 UK Bot Security Report 2 in 3 UK Websites Are Unprotected Against Simple Bot Attacks.

Dec 05, 2022

2022 Southeast Asia Digital Commerce Insights While the region’s recovery after a turbulent period is well underway, businesses now find themselves in a more complex environment. How nimble and flexible is your business in adopting new payments to stay on top of market shifts and fraud risks? See how you compare.

May 17, 2022

2022 MRC Global Fraud and Payments Survey This illuminating report, produced by the Merchant Risk Council, Cybersource and Verifi, provides the latest industry fraud trends, fraud management methods, and payment strategies used by merchants globally, along with a robust set of performance benchmarks that can help with the optimization of payments and fraud management and prevention practices.

Jan 08, 2025

Breaking Down the 2024 Chargeback Field Report Every merchant who processes card-not-present transactions experiences at least some chargebacks. Sellers, however, seldom see the scope of the problem beyond their own claims.

Jan 08, 2025

Building a Scalable Fraud Engine, Optimizing Cost and Performance for Subscriber Growth In a rapidly growing subscription business, maintaining a proactive fraud posture is critical to optimizing both cost and effectiveness.

Dec 11, 2024

How Merchants Can Combat the Rising Tide of ATO Attacks Account Takeover (ATO) attacks are increasing in complexity and frequency, posing serious risks to online businesses and their customers.

Nov 20, 2024

Payments 3.0: The Custom, Distributed Payments Ecosystem Early payment processing was conducted through legacy institution-backed payment processors (PSPs). Payments 2.0 signaled the arrival of more modern PSPs, ready to serve high-growth merchants.

Nov 22, 2024

What 19th century economic thinking can teach us about 21st century payments and how ecommerce players ought to respond Accepting local payment methods and choosing methods that meet your business and customers' needs are different. Download the report to implement your local payment methods with data in mind.

Nov 22, 2024

Choosing the right Local Payment Methods - How to select and onboard the Local Payment Methods that will make the biggest difference to your online sales How to select and onboard the right local payment methods to make the biggest difference to your online sales.

Aug 30, 2024

Navigating Experience, Security, and the Next Frontier of Identity - Experian's 2024 U.S. Identity & Fraud Report Experian’s 2024 U.S. Identity and Fraud Report provides a snapshot of the current fraud landscape, shifting consumer expectations and actionable insights into how you can prioritize future fraud prevention technology investments.

Aug 14, 2024

Confidence in Every Transaction: A blueprint for payment success Ecommpay recently surveyed UK merchants to better understand theirpain points. Our findings revealed that 43% of merchants stated their biggest payment challenge is keeping up with the latest technologies and payment trends, but other factors relating to the day-to-day running of their business are preventing them from dedicating as much time to this as they’d like, such as the impact of the cost of living crisis, gaining access to funding, and finding the right talent.

View All Resources