Another rapid growing attack technique among online accounts is through password spraying. Password Spraying targets a large number of accounts/usernames and loops them with a highly common or simple password.
How Does It Work?
Attacker collects multiple usernames
Try a single simple password such as P@ssword123 or Qwerty123, against the collected lists of usernames (one password to many accounts).
Repeat the process, utilizing another different password, but will give a "break-time" in-between so as to stay below the account lockout threshold.