E-Commerce Cyberattacks Grew During 2017 Holiday Season

E-Commerce Cyberattacks Grew During 2017 Holiday Season
February 8, 2018 Marketing GrafWebCUSO

ThreatMetrix, The Digital Identity Company, research identified 251 million fraud attempts, a 113% growth over 2016, during 2017’s fourth quarter. The report also revealed an increased attack volume originating from Russia.

The Q4 2017 Cybercrime Report from San Jose, Calif.-based Threat Metrix found the number of attacks on e-commerce during the fourth quarter of 2017 was 113% of the volume of attacks across all industries in the previous quarter, underscoring the pressure facing retailers during this period. Almost 193 million transactions rejected as fraudulent, representing a 173% increase over the previous year.

The Q4 2017 Cybercrime Report also revealed an increased volume of attacks originating from Russia, using both automated bots and location spoofing tools. Key shopping days in Q4 over the holiday season saw up to 2 million bot attacks coming from Russia alone. These persistent, but increasingly sophisticated, attacks primarily targeted top American retailers.

Although financial services transactions, which increased 60% over the past year, continue as key targets of fraudsters across the globe, organizations are less likely to block suspicious login transactions outright, subjecting them instead to further review.

ThreatMetrix reported almost 60% of financial services transactions are mobile with a 70% growth in mobile transaction volume year-on-year. In addition, over 45% of users are mobile-only. Meanwhile attacks on mobile account creations grew 150% since the start of 2017.

ThreatMetrix noted mobile transactions, considered safer than desktop, remain on fraudsters’ radar. They continue to surveil for opportunities to capitalize on the growth of mobile transactions with 2017 seeing the evolution of mobile bots and mobile remote access attacks.

ThreatMetrix recorded about 800 million bot attacks throughout the quarter, ranging from simple account validation attacks to sophisticated bots attempting to masquerade as legitimate customer traffic.

Attacks on payment transactions in financial services grew 100% year-on-year, highlighting the bigger risk from new and emerging fintech platforms increasingly targeted by fraudsters looking to make a quick buck on a P2P loan or fraudulent remittance.

The ThreatMetrix report suggested fintech companies have become lucrative targets for cybercriminals looking to monetize stolen and synthetic credentials. “It is easier than ever to access the dark web, where cybercriminals buy, trade, augment and monetize stolen identity credentials for financial gain.”

The challenge is fake profiles are becoming increasingly indistinguishable from authentic identities because they use a plethora of stolen data, making them a near blueprint of the real thing. Identity spoofing continues to be the biggest attack vector as fraudsters use data harvested from the recent breaches to take over existing accounts as well as apply for new loans/cards.

The research also discovered hackers creating fraudulent cryptocurrency accounts using stolen or synthesized identities to set up mule accounts to launder money. Cybercriminals use legitimate accounts to make fraudulent payments and transfer cryptocurrency balances at their highest value.

Other key findings:

  • ThreatMetrix detected and stopped 251 million attacks in real time, as the overall attack rate grew 50% year-on-year.
  • Fifty-two percent of online transactions come from mobile devices, a 54% increase from two years ago.
  • Fifty-eight percent of all account creations originate on a mobile device.
  • The ThreatMetrix Digital Identity Network analyzed more than 610 million transactions during the peak holiday shopping days.

“ThreatMetrix holds an unprecedented vantage point from which to help businesses distinguish between trusted users and potential threats, using everything we know about the way a user interacts digitally to better understand the legitimacy of each and every online transaction,” Vanita Pandey, VP of product marketing at ThreatMetrix, said. “By harnessing intelligence from the ThreatMetrix Digital Identity Network, businesses can better detect the markers of high-risk behavior, and thus block cybercrime before it impacts the trust of end users—whether through breached data, monetary loss, or simply by increased friction.”