Protect Yourself From Credential Stuffing

Security and Fraud

If you are reusing the same username and password for multiple apps and websites—you may be at risk of a potential cyber threat called credential stuffing.

What is credential stuffing?

Credential stuffing occurs when hackers use stolen information, such as usernames and passwords from database breaches or phishing software from one account, and attempt to gain access to another. The hackers prey on people’s habit of using the same usernames and passwords for multiple sites. Using automated tools, they run large amounts of stolen information across multiple sites looking to find the same usernames and passwords being used elsewhere. Once they find a match, they can monetize the personal and financial information they gather.

Credential stuffing attacks are on the rise and it’s important for you to know how to protect your information online.

​Choose a unique username and password for your Centris accounts.

Do not be tempted to reuse a login and password from another account. Because data breaches are so common, it makes it easy for fraudsters to run automated scripts with this information to try to crack other sites. If you’re currently using a username and password you use elsewhere, consider changing it now. And even if you’re not and you notice your login and password aren’t that creative, think about making a change to something more complex. Log into Centris online or mobile banking and select Security Preferences from the Settings menu to do so.

**While no breaches have happened at Centris, attackers may try to use data from other breaches to gain access to your online banking. If you received a security alert regarding an invalid login attempt to your Centris account and it was not you, please change your username and password as soon as possible. This may indicate that a fraudster is trying to access your account.

Security Tip

Centris has set up secure access codes that get emailed or texted to you to help prevent against fraudsters that may have your username and/or password. Please NEVER give this code to anyone. Fraudsters will sometimes spoof Centris’ phone number so it may appear like it is a Centris representative asking for this code. We will NEVER ask you for this code.

Use complex usernames.

Members who have easy-to-guess usernames may be vulnerable with this scam. Using an email address or just your first and last names is easy for someone to guess. Let your creativity shine and make your login name a phrase only you would know, but easy enough for you to remember.

Change passwords frequently.

Even if you have complicated, hard-to-guess passwords, it is a best practice to change them regularly. This is especially important for sites where the loss would be personally and/or financially devastating.

Consider using a password manager.

We get it. With so many sites out there, how can anyone remember a fresh login and password every time? A password manager can make it easier. Just remember one login and one password and let the manager be your brain. It’s important, however, that if you use a password manager you use a complex username and password, a duo you’ve not used elsewhere.

As a reminder, Centris will NEVER contact you asking for your account number, credit or debit card number, Personal Identification Number (PIN), or online banking username or password. If someone emails or calls you asking for this information, hang up and contact the credit union immediately at 402-697-6665.

<a href="https://www.centrisfcu.org/blog/author/centris/" target="_self">centris</a>

centris

Author

You May Also Like

Investment Scams: What to Look for & How to Avoid Them

Investment Scams: What to Look for & How to Avoid Them

Investment scams and get-rich-quick schemes are currently on the rise. In 2023, the FBI’s Internet Crime Complaint Center (IC3) reported $4.57 billion in losses due to investment scams. Scammers prey on the hopes of individuals looking for financial security,...

How to Protect Yourself from Internet Shopping Scams

How to Protect Yourself from Internet Shopping Scams

In 2023, consumers reported $752 million dollars lost because of online retail scams. With the rise in internet shopping fraud, we’ve put together a list of what to look for before buying something from an online store, how to protect yourself when purchasing online...

Protect Yourself from Fake QR Code Scams

Protect Yourself from Fake QR Code Scams

Quick response codes also known as QR codes, are everywhere these days. Many restaurants use them for their menus, airlines use them for checking into your flight, and concerts or sporting events for admission tickets. While these codes are more prevalent...