Cybercrime Attacks Hit New High
Cybercrime attacks reached its highest level ever, with 144 million incidents detected the last quarter, according to a new ThreatMetrix’s report, which also revealed increasing mobile transaction usage and targeted threats.
San Jose, Calif. digital identity firm ThreatMetrix in its “2017 Q2 Cybercrime Report” also found the e-commerce industry experienced 88 million attacks during a recent 90-day period. As a percentage of overall transactions, this attack rate increased 41% year-on-year.
The data derived from ThreatMetrix Digital Identity Network’s actual detected cybercrime attacks from April-June 2017 during real-time analysis and interdiction of fraudulent online payments, logins and new account applications. The network analyzes close to two billion transactions per month, over 47% of which originate from mobile devices.
“The 2017 data breach story has evolved from isolated attacks on large businesses and institutions to networked attacks targeting multiple key infrastructures and organizations, potentially originating from other nation states,” the report maintained. “Identity information is the primary ammunition in the cybercrime war for criminals that have access to the latest tools to launch mass scale attacks and fewer and fewer organizations are immune to this problem.”
Financial institutions are still in fraudsters’ crosshairs. “Cybercriminals continue to target financial institutions and payments providers that offer rich identity bounty if their defenses are breached,” the report suggested.
Meanwhile mobile transactions now drive financial services growth, as users adopt mobile banking as one of the primary means for accessing and managing accounts. ThreatMetrix’ study revealed mobile transaction growth by almost 411% since 2015 with the biggest increase coming from financial institutions, where transaction volume grew grown nearly eight times compared to Q1 2015.
In addition, 54% of all financial services transactions in the network originates from mobile devices. Overall, 55% of account creations now come from mobile, login transaction volumes grew 35% year-on-year and mobile logins 46%.
The ThreatMetrix report disclosed, “This proliferation of login transactions allows financial institutions to build a more complete picture of their transacting users, developing trust over time, hence the low attack rates.” The report warned, while account logins attack rates look low, organizations are less likely to block suspicious transactions outright, subjecting them instead to further review. “Payments transactions are particularly susceptible, however, as fraudsters target new and emerging fintech providers to try and make a quick buck on.” Along these lines, the percentage of rejected payment transactions grew 160% year-on-year.
identities and tools to enable cloaking/spoofing is causing attacks targeted at mobile devices to evolve and increase. “Fraudsters are continually using unsecured wireless networks to intercept user credentials, encouraging users to download hacked versions of legitimate applications from third party stores, or looking for ways to intercept personal information inadvertently leaked by legitimate mobile applications,” the report claimed.
“The Cybercrime Report” listed some key trends in the second quarter:
- The evolution of emerging economies in the cybercrime landscape as identity data trickles down to all regions of the globe following large-scale breaches.
- The regional variations in attack vector trends, with South America emerging as a hub for new account origination fraud.
- The emergence of highly organized criminal gangs targeting multiple organizations.
- The rise in mobile attack rates as attackers turn their attention towards the growing mobile economy
The cybercrime report also observed a 30% increase in new account origination fraud. The rise in fake accounts most dramatically affects media companies (e.g. social networking, content streaming and online dating organizations) which have seen a 527% increase in new account origination attacks.
ThreatMetrix said it also detected and stopped 300 million bot attacks, which predominantly originated from the U.S., Germany, China, India, Vietnam, Brazil and Russia.