The volume of global fraud attacks has surged 100% over the past two years to reach 700 million in 2017 alone, according to ThreatMetrix.
The fraud prevention firm protects 1.4 billion users around the world and analyzes 100 million transactions each day, so its insight into the current landscape is invaluable.
In its ThreatMetrix Cybercrime Report 2017: A Year in Review it claims that fraudsters are moving away from using stolen credit and debit cards as these have a relatively short shelf life. Account creation attacks, carried out using a collection of stolen identity data, are now becoming more popular, with more than one-in-nine of all new accounts opened last year fraudulent.
Automated bots are also becoming an increasingly popular way for fraudsters to test stolen identities, in order to increase their value on the dark web, or else to hijack existing accounts or open new ones.
They are frequently used in “low and slow” attacks designed to evade Web App Firewalls (WAFs), ThreatMetrix claimed.
The firm blocked 1.5 billion bot attacks in 2017, with some retailers experiencing daily traffic which is 90% comprised of bots.
EMEA continues to be a hotbed for fraud, accounting for around 50% of all attacks spotted by ThreatMetrix last year. It also experienced an 80% increase in automated bot attacks.
As always, the continued deluge of data breach incidents is fueling the rise in global fraud, with spikes in fraud levels clearly linked to major incidents. ThreatMetrix claimed to have spotted “unprecedented spikes in irregular behavior” immediately after the Equifax breach.
With data breach incidents now becoming commonplace, the focus should be on protecting downstream fraud so that leaked data can’t be used by online scammers, ThreatMetrix argued.
“With the volume and complexity of attacks increasing daily, businesses need to accurately differentiate customers from criminals in real time, without impacting transaction speeds or introducing unnecessary friction,” said ThreatMetrix VP, Vanita Pandey.
“By looking beyond static data – and drilling down to the dynamic intricacies of how people transact online – companies can continue to grow their digital businesses with confidence.”