Fraud Attempts Soar 113% in Q4

Written by

Attempted online fraud jumped 113% year-on-year in the final quarter of 2017, to hit a massive 251 million attacks, with e-commerce firms hit particularly hard, according to ThreatMetrix.

The fraud prevention company analyzed 7.6 billion transactions to compile its Q4 2017 Cybercrime Report.

The firm claimed that companies are most exposed to fraud during the period straight after a major data breach but before it has been reported or detected.

Given that Q4 covers the busy Christmas shopping period, it’s perhaps no surprise that e-commerce firms came under particular scrutiny from the fraudsters. Almost 193 million transactions were rejected by ThreatMetrix as fraudulent, a 173% increase on the same time in 2016.

However, fraudsters seem to be eschewing payment fraud in favor of account takeover and creation attacks.

In fact, e-commerce account creation and login attacks were four times more likely than payment fraud, with the log-in attack rate growing 294% compared to the same quarter in 2015.

Automated bots are playing an ever-increasing role in fraud, used on an unprecedented scale again during Q4, according to the report. There were 34 million bot attacks during the peak festive shopping period alone, rising to 800 million for the quarter.

They’re increasingly used for more than merely to test stolen credentials, the firm's VP, Vanita Pandey, told Infosecurity.

"In the wake of mass breaches, fraudsters use bots to carry our mass credential testing to verify that stolen credentials work, in order to carry out downstream attacks on high value transactions — or to build a more complete stolen identity to sell on. These attacks are high volume and we have seen a spike in these originating from developing nations. We have seen certain sectors, such as charity as a big target, as they are not as likely to have advanced bot detection technologies in place,” she explained.

"Alternatively, we see ‘low and slow’ attacks which are a bit more sophisticated. They are looking to use these stolen identities to perform account takeover etc, but as most companies have protections in place that can detect large-scale bot attacks, these are lower volume and looking to appear like legitimate traffic. They are looking to mimic real human behavior as closely as possible.”

Also last quarter, Russia and Vietnam emerged as top five attack originators, alongside the UK, US and Germany. However, more attacks are said to originate in Europe than anywhere else.

What’s hot on Infosecurity Magazine?