Mobile fraud reaches 150 Million global attacks in first half of 2018 with attack rates rising 26% year-over-year in Australia alone

0
  • Growth in attack rate for financial services transactions coming from ANZ in Q2 2018 higher than any other region at 138%, compared to last quarter
  • Asia Pacific countries Australia, Japan and Singapore featured in the top five target destinations among countries perpetrating the highest number of attacks globally – UK, US, China and Canada
  • Bots are booming: 1H 2018 registered a total of 2.6 billion bot attacks, with a 60% step up from Q1 to Q2 2018.
  • Bot attack rate from ANZ grew 33% in comparison to last quarter, indicating a ramping up of cybercrime activity in the region, coinciding with the advent of the New Payments Platform (NPP)
  • Globally, 58% of digital transactions now originate from mobile devices
  • Globally, mobile attacks are increasing, with one third of all fraud now targeting this channel
  • 85% of transactions on social networks and dating sites now come from mobile devices, where identity spoofing is rife

ThreatMetrix has released new cybercrime insights from the first half of 2018, revealing a sharp rise in fraud attack levels on mobile transactions.  As consumer behaviour increasingly embraces mobile for virtually all online goods and services, fraudsters are starting to close the gap on this channel.

These latest findings are based on the analysis of 17.6 billion digital transactions on the ThreatMetrix® Digital Identity Network® during the first half of 2018. The network also detected and stopped 361 million cybercrime attacks in the same period.

Mobile becomes the go-to digital channel
The rise of mobile is undisputedly the key change agent in digital commerce currently. According to ThreatMetrix data, in the last three years the proportion of mobile transactions versus desktop has almost tripled. Mobile transactions, which include account creations, logins and payments, reached 58% of all traffic by the middle of 2018.

Mobile fraud rates have tended to lag behind the channel’s overall growth, however in the first half of 2018 mobile attack rates rose 24%, when compared to the first half of 2017. In Australia mobile attack rates experienced an increase of 26% compared to the same period last year.
Globally, one third of all fraud attacks are now targeting mobile transactions. This means that although digital companies do need to prepare for increasing attacks, mobile remains the more secure channel compared to desktop.

Mobile offers organisations unique opportunities for accurately assessing user identity, thanks to highly personalised device attributes, geo-location and behavioural analysis. It offers strong customer authentication options that require no user intervention, including cryptographically binding devices for persistent authentication (“Strong ID”). The number of Strong IDs for mobile devices on the ThreatMetrix network has more than doubled in the first half of 2018, improving both customer recognition rates and the efficacy of identifying trusted transactions.

“Mobile is quickly becoming the predominant way people access online goods and services, and as a result organisations need to anticipate that the barrage of mobile attacks will only increase,” said Alisdair Faulkner, Chief Identity Officer at LexisNexis Risk Solutions. “The good news is that as mobile usage continues to increase, so too does overall customer recognition rates, as mobile apps offer a wealth of techniques to authenticate returning customers with a very high degree of accuracy. The key point of vulnerability, however, is at the app registration and account creation stage. To verify users at this crucial point, organisations need to tap into global intelligence that assesses true digital identity, compiled from the multiple channels that their customers transact on.”
Financial services under fire

Financial institutions were besieged with 81 million cybercrime attacks in the first half of 2018 on the ThreatMetrix Digital Identity Network. Of these, 27 million were targeting the mobile channel as fraudsters turn their attention to the success story that is mobile banking adoption.

Financial services mobile transactions are growing globally, with China, South East Asia and India showing the strongest regional growth. This indicates that the mobile channel is a key enabler for financial inclusion in emerging economies.

Overall, the biggest threat in financial services comes from device spoofing, as fraudsters attempt to trick banks into thinking multiple fraudulent log in attempts are coming from new customer devices, perhaps by repeatedly wiping cookies or using virtual machines. In the second quarter of 2018, Australia experienced a 5% increase in the attacks in the financial services, year-over-year.

Mule networks also continue to negatively impact the global banking ecosystem, particularly as financial crime becomes an ever-more sophisticated and hyper-connected beast. The challenge for financial institutions is detecting mule activity even when individual account behaviour may not trigger red flags. ThreatMetrix is able to harness the power of its global Digital Identity Network to help identify and block potential mule networks before transactions are processed.

Booming bot attacks illustrate the spread of stolen data to emerging economies
Throughout the first half of 2018 there was an unprecedented spike in the volume of bot attacks targeting digital transactions worldwide. The ThreatMetrix Digital Identity Network registered a 60% spike in bot attacks in the second quarter of the year, increasing from 1 billion bot attacks in Q1 to 1.6 billion in Q2. The sheer volume of this automated bot traffic impacts businesses worldwide because, without the correct measures in place, this slows order processing times and the ability to effectively identify good returning customers in real time. At peak times, individual organisations report these attacks account for more than half of all transactions.

Large retailers are the primary targets as fraudsters attempt to infiltrate good user accounts and access sensitive personal data and saved credit card information. A total of 170 million bot attacks came from mobile devices in 1H 2018.

This bot traffic in the first six months of the year predominantly originated from locations such as Vietnam, Indonesia, Russia, Malaysia and South Korea, illustrating the global trend of stolen identity data disseminating to growth regions and emerging economies.

Social networks are growing as gateway for cybercrime
Social networks and dating websites have the highest mobile footprint of all industries, reaching 85% of total transactions and 88% of account creations by the middle of 2018. This reflects usage patterns that virtually eschew desktop interactions and prioritise mobile app interactions. Given these sites’ often modest security requirements, attack rates are high as hackers use these platforms to test stolen identity credentials, as well as to steal sensitive personal data via account takeovers.

“Social networks are at risk of becoming a gateway to further organized crime”, says Rebekah Moody, Director of Fraud and Identity at ThreatMetrix. “Identity data is arguably as valuable a currency online as hard cash. Fraudsters funnel towards the easiest target to help test, augment and validate stolen identity data to make future attacks more successful: in many cases this is social networks. These organizations must start to deploy the same kind of defences a user would expect elsewhere online, without introducing unnecessary friction.”

Identity spoofing is widespread, with the ThreatMetrix Q2 2018 Cybercrime Report revealing this as the top attack vector (13.3% of all social network transactions) for this sector. Identity spoofing remains one of the leading attack vectors in emerging economies such as Africa and Asia, as well as for industries that target unbanked and underbanked populations, particularly where organised identity verification tools are less prevalent.  IP spoofing is also prevalent, with fraudsters—predominantly from Vietnam, Ghana, Nigeria, U.S. and Philippines—using proxy servers to make it appear as though they are actually based in locations close to their intended victims.

Key highlights from ThreatMetrix Q2 2018 Cybercrime Report include:

  • The ThreatMetrix Digital Identity Network analysed 8.3 billion transactions in Q2 2018 and stopped 151 million cybercrime attacks in real time.
  • China appears on the top five cybercrime attackers list for the first time ever.
  • 33% growth in bot attack rate for transactions coming from India, compared to last quarter
  • 54% of all eCommerce transactions are now cross-border, which is much higher than other markets, and emphasizes the industry’s increasingly global footprint.
  • Cross border eCommerce transactions are 69% more likely to be rejected as fraudulent, however, demonstrating the challenge of accepting overseas commerce.
  • 25% of new eCommerce account applications are fraudulent, a 130% increase compared to Q2 2017.
  • Attacks on financial services’ mobile transactions increased 33% year-over-year.

Access the Cybercrime Report: Q2 2018 here

About ThreatMetrix
ThreatMetrix®, A LexisNexis® Risk Solutions Company, empowers the global economy to grow profitably and securely without compromise. With deep insight into 1.4 billion anonymised digital identities, ThreatMetrix ID delivers the intelligence behind 110 million daily authentication and trust decisions to differentiate legitimate customers from fraudsters in real time.

About LexisNexis Risk Solutions
LexisNexis® Risk Solutions harnesses the power of data and advanced analytics to provide insights that help businesses and governmental entities reduce risk and improve decisions to benefit people around the globe. We provide data and technology solutions for a wide range of industries including insurance, financial services, healthcare and government. Headquartered in metro Atlanta, Georgia, we have offices throughout the world and are part of RELX Group (LSE: REL/NYSE: RELX), a global provider of information and analytics for professional and business customers across industries. RELX is a FTSE 100 company and is based in London. For more information, please visit www.risk.lexisnexis.com, and www.relx.com.

Share.

Comments are closed.