Global fraud attempts soared again in the first quarter of the year, rising 62% year-on-year to hit 210 million, according to ThreatMetrix.
The fraud prevention firm has insight into 1.4 billion anonymized digital identities and makes 110 million daily authentication decisions, so it’s able to provide valuable insight into industry trends.
This intelligence appear to be indicating more attacks on mobile channels and increasing use of bots to test stolen credentials en masse and commit fraud such as account takeovers in “low and slow” attacks designed to mimic human behavior.
Over half (58%) of all account creations are now done on a mobile device, and attacks on mobile account creations grew 150% since the start of 2017, according to the vendor’s Cybercrime Report for Q1 2018.
ThreatMetrix also pointed to a record one billion bot attacks spotted by its Digital Identity Network this quarter, 100 million of which were from mobile devices. The rise was fueled in part by activity from new and emerging countries including Egypt, South Korea, Ecuador, Ukraine and Vietnam.
The biggest impact of bot activity was felt in the e-commerce sector, which accounted for a massive 820 million attacks: 10-times the rate of similar attacks on financial services.
In fact, the report highlighted e-commerce as a potential weak link in the global anti-fraud chain.
Fraudulent new account registrations increased more than 30% year-on-year in the sector as scammers took advantage of the relatively lax anti-fraud measures online vendors have in place to test stolen credentials. ThreatMetrix claimed these tests often led to further attacks on other sectors.
“Billions of online users are generating huge swathes of data and unfortunately it is becoming easier and easier for cyber-criminals to steal and monetize this, wherever they are in the world,” said Vanita Pandey, VP of strategy atThreatMetrix.
“Stolen data gives cybercrime a fraudulent mask, as they highjack identities to open new accounts, takeover legitimate user accounts or perform fraudulent transactions. To combat this, digital businesses must embrace 360-degree identity insights that stitch together both offline and online attributes to confirm that users really are who they say they are.”
In geographical terms, South America was singled out as a new hotbed of fraud, with a quarter of all account registrations from this region rejected by ThreatMetrix. Brazil has also moved into the five biggest global sources of fraud attacks, with scammers from the country looking to launch raids on neighboring countries as well as the US and UK.