Credential stuffing
What is Credential Stuffing and how can you protect yourself against it?
Cyber-attacks are evolving and becoming more sophisticated every day. One of the latest attacks allows hackers to access members’ accounts using their stolen passwords, via a method known as Credential Stuffing.
Credential stuffing is a type of cyber-attack whereby cyber criminals collect stolen usernames and passwords available on the dark web from previous data breaches, and then attempt to use those credentials on other websites or services. If an affected user uses the same password across multiple accounts, a successful credential stuffing attack could compromise all of their accounts.
To protect against this type of attack, it is important to follow the cyber security advice as given by the Australian Government with 3 easy steps:
- Set up multi-factor authentication to add an extra layer of security to your online accounts.
- Create strong and unique passphrases of 14 or more characters long. These passphrases should be different for each account you hold.
- Install software updates regularly to keep your devices secure.
Please refer to the Australian Government’s best cyber practices and protect yourself online at cyber.gov.au
How MLC is protecting your future
At MLC, your security is our priority. We use Multi Factor Authentication across our websites and mobile apps and continuously monitor for suspicious online activity.
From time to time, you may be asked to verify your identify when logging in. This additional step helps ensure that only you can access your account.
This verification involves sending you a one-time passcode to your mobile or email. We will never ask you to provide this passcode to us.