Fraudsters Band Together, Shift to Bot Attacks

Written by

Fraudsters are joining together to create fraud rings, sharing knowledge with each other and leveraging automation to attack at scale, according to a new report from Forter.

Forter’s latest Fraud Attack Index found that attackers have been increasingly targeting e-commerce businesses with bot attacks resulting in an increase in fraud for the second year in a row. The year saw a 26% increase in fraud rings among bad actors, who are increasingly banding together to commit fraud. In addition, fraudsters are shifting from one-off attacks toward the use of bots, with which they are able to run automated scams, such as mass logins, performing upwards of 100 attacks per second. 

The rate of increase differs by sector, with the food and beverage industry seeing the greatest spike. According to the report fraud in food and beverage e-commerce grew by 60% in total for 2017, but in Q4 2018, fraud increased to 79%.

“In general, the popularity of this industry with criminals is due to its use as a payment testing zone – fraudsters testing out cards or wallets to see if they can get away with the purchase. Once successful, they know it is worth trying for a higher ticket order elsewhere,” the report said.

Additional spikes in fraud were noted in the electronics industry, which was up 79%, as well as apparel and accessories, which increased by 47%. “Apparel remains popular with fraudsters because it is easy to resell, and attempts to buy in bulk are not suspicious as is the case in many other industries,” the report said.

Interestingly, the report also found that cyber-criminals are not actually using all the data that has been stolen in breaches. The air travel industry surprisingly saw fraud attack rates decrease 29% between Q4 2017 and Q4 2018, indicating that data from the 2018 breaches in the sector hasn’t yet been used to scam merchants and customers, according to the report.

What’s hot on Infosecurity Magazine?