Part 10/12:

Cybercriminals may target these platforms to steal user credentials, which are often reused across multiple accounts. For instance, a breach at a niche pet grooming site could lead hackers to access a user’s BNPL account if they reuse the same login details. Hackers can then perform account takeovers, potentially orchestrating fraudulent transactions or collecting personal information over extended periods without detection.

Experts recommend that consumers choose BNPL providers that employ multi-factor authentication (MFA), such as SMS verification, to strengthen account security. Additionally, users should practice good cybersecurity hygiene: avoid reusing passwords, enable MFA on email and financial accounts, and remain cautious about sharing sensitive information online.