E-commerce sites are constantly hit by bots using stolen credentials to try to take over accounts. The attacks have escalated in the past four years, with as many as 135 organizations dealing with such attacks in countries including South Korea, Vietnam, Malaysia, Indonesia and Japan. The hackers capitalize largely on the fact that most people don’t use different passwords for different web services. The attackers collect account credentials from phishing schemes and load them into “account checkers,” which are simple, automated scripts.”]
Source: https://www.cuinfosecurity.com/account-takeover-bane-e-commerce-a-9142