It’s getting close to tax time in the US, which means cyber criminals are targeting popular tax programs. Recently, Intuit, the creators of TurboTax, warned that attackers were trying to reuse stolen credentials to log into the popular online tax application. Whenever criminals steal password databases or credentials leak online, attackers commonly try to use these stolen emails and passwords to log onto other sites, in an attack we call credential stuffing. Watch the video below to learn more about this TurboTax attack and why you should use different passwords at every site you visit.
Episode Runtime: 3:22
Direct YouTube Link: https://www.youtube.com/watch?v=cWQEbd1JoYU
EPISODE REFERENCES:
- TurboTax hit with credential stuffing attack – Dark Reading
- Intuit’s letter to affected customers [PDF] – Vermont.gov
—Corey Nachreiner, CISSP (@SecAdept)
Leave a Reply