New research by a cybersecurity firm says 43% of web login attempts are malicious.
The Register has a write-up on this today:
... two main types of such attacks: "bursty, high-speed login attempts" to break into people's accounts, and "low and slow attempts to avoid apprehension by spreading login tries across longer time periods," again to gain unauthorized access to profiles and systems.
The web hosting giant even reckons it may be underestimating the problem because it only gathered data from websites that use an email address as a username, which included no less than six billion login attempts over two months. Banks typically require you to select a username rather than an email and are often the most persistent focus of attackers attention, for obvious reasons, so are likely missing from this dataset.
