Hackers have made drastic changes trying to bypass security checks when attacking APIs. However, the attacks are not only focused on the API, there are individual attacks on falsification of financial service companies. Criminals pay close attention to the security of financial services, while adapting their attack patterns.

https://www.helpnetsecurity.com/2020/02/20/credential-abuse-attacks/