Web Fraud - Password Sharing Across Accounts

Description

This search is used to identify user accounts that share a common password.

Content Mapping

This content is not mapped to any local saved search. Add mapping


Use Case

Other

Category

Abuse,

Alert Volume

This search is used to identify user accounts that share a common password.

SPL Difficulty

None

Journey

Stage 1

   Help

Web Fraud - Password Sharing Across Accounts Help

We need to start with a dataset that allows us to see the values of usernames and passwords that users are submitting to the website hosting the Magento2 e-commerce platform (commonly found in the HTTP form_data field). A tokenized or hashed value of a password is acceptable and certainly preferable to a clear-text password. Common data sources used for this detection are customized Apache logs, customized IIS, and Splunk Stream.

   Search

Open in Search