Menu ---
  • Home
  • About Me
  • Subscribe
  • Contact Me
Frank on Fraud

Frank on Fraud

Retailers Alerting Consumers About Reused Passwords

October 12, 2016

50% of consumers use the same password on their Facebook accounts, that they do on their Linkedin accounts and other services such as Uber, Amazon and Netflix.

This is a real bad idea.  A horrible idea actually, which puts consumers at heightened risk of identity theft, banking fraud and online fraud.  How bad of an idea is it?  I would suggest you read this excellent article by Naked Security that analyzes the risk that consumers take on when they engage in this practice.

In the article they analyzed about 5 million GMAIL account credentials that were hacked.  When wordpress was analyzed, they found 600,000 wordpress pages and of that, 100,000 of those sites were using the exact same credentials that consumers used to login into their Gmail accounts.

Everyone knows that hackers are routinely engaging in brute force attacks with BotNets to test credentials from big data breaches at Yahoo, Adobe, Linkedin on other websites.  There brute force attacks are behind the rise in account takeover and online fraud that have been plaguing the banking industry.

Amazon And Others Are Alerting Consumers

The Fraud Experts at Amazon, Facebook and Netflix are not content to wait for the fraudsters to test these hacked credentials on their sites and instead have taken proactive measures to stop it before they do.

In a report released this week, Amazon is notifying hundreds of thousands of Amazon Consumers to change their passwords immediately.  The proactive notification it is believed is a result of Amazon getting access to list of user-name and password combinations that were breached in some of the recent breaches – DropBox, Yahoo, Linkedin.

After analyzing the combinations they were able to match username and password combinations that matched Amazon users.  By proactively telling those consumers to change their passwords, Amazon was limiting their exposure by hundreds of millions of dollars from account takeover.

Amazon isn’t the first to do this.  Reports are that Facebook regularly prowls the internet scanning for large breaches.  When they find a large breach, they attempt to gain information from as many username and password combinations that they can.  They bounce those up against their own credentials and notify the Facebook member to change their password.

Mark Zuckerberg Likes to Protect Facebook Users

5268782208_f685e1fd7b_b

You can read what Facebook’s policy is on searching for hacked credentials right on their blog post – Facebook Security.

I for one applaud these service providers proactive stance on protecting their consumers and users accounts.  It’s great to see the industry using data and data sharing to prevent future fraud.

Thanks for reading.

Site Footer

About Me

About Me

I am Frank McKenna. I am a fraud fighter from San Diego California.

Recent Post

  • Telegram Check Fraudster Stole $1.2 Million In Funds
    May 28, 2023
  • Report – 300% Spike In Fake Documents Detected In 2022
    May 23, 2023
  • Code Red – Close To 1 In Every 3 PPP Loans Had Fraud Flags
    May 21, 2023

My Life

frankiefoto

View

May 25

Open
Spirit Day at school and he’s taking it to 100%

frankiefoto

View

May 21

Open
LEGOLAND

frankiefoto

View

Apr 15

Open
Tu picked the coconut herself for Finn

frankiefoto

View

Apr 14

Open
Regent Resort Phu Quoc Island

frankiefoto

View

Apr 14

Open
Staying cool

frankiefoto

View

Apr 13

Open
Island boy, just trying to get by

frankiefoto

View

Apr 12

Open
A pier on the beach

frankiefoto

View

Apr 12

Open
Island life Vietnam

frankiefoto

View

Apr 11

Open
Phu Quoc Island Vietnam drinking coconut juice
Load More... Follow on Instagram