The biggest attack is persistent login tokens that are stored on a device, eg. Discord has an issue with malware (disguised as DMs from random people asking "do you want to try out a beta for my game") that steals the login token from appdata, using it to purchase a bunch of gifted nitro and perpetuate the scam via that user's account.