Credential stuffing attacks are becoming more of a problem for financial sectors. Botnets can initiate many fraudulent login attempts acting as a DDoS attack. The attack works by attempting to login into multiple online services using usernames and passwords gathered from data breaches. According to researchers, “The success of the endeavor depends on the common practice of users having the same password for multiple accounts.” Attackers automate the attacks and use botnets that distribute the login activity among infected systems. There have been over 30 billion malicious login attempts from November 2017-June 2018. In just one week, there were 315,178 fraudulent login attempts from roughly 20,000 IP addresses of 1,750 ISPs (Internet Service Providers). There were 4,382 different user agents observed in the attack.