Fraud Attempts Soar 113% in Q4

Fraud Attempts Soar 113% in Q4

Attempted online fraud jumped 113% year-on-year in the final quarter of 2017, to hit a massive 251 million attacks, with e-commerce firms hit particularly hard, according to ThreatMetrix.

The fraud prevention company analyzed 7.6 billion transactions to compile its Q4 2017 Cybercrime Report.

The firm claimed that companies are most exposed to fraud during the period straight after a major data breach but before it has been reported or detected.

Given that Q4 covers the busy Christmas shopping period, it’s perhaps no surprise that e-commerce firms came under particular scrutiny from the fraudsters. Almost 193 million transactions were rejected by ThreatMetrix as fraudulent, a 173% increase on the same time in 2016.

However, fraudsters seem to be eschewing payment fraud in favor of account takeover and creation attacks.

In fact, e-commerce account creation and login attacks were four times more likely than payment fraud, with the log-in attack rate growing 294% compared to the same quarter in 2015.

Automated bots are playing an ever-increasing role in fraud, used on an unprecedented scale again during Q4, according to the report. There were 34 million bot attacks during the peak festive shopping period alone, rising to 800 million for the quarter.

They’re increasingly used for more than merely to test stolen credentials, the firm claimed.

“Bot attacks continue to evolve from their basic velocity-based functions, to complex bots that are used in more advanced ways to spoof IP addresses, emulate browsers or spoof apps, to masquerading bots, that are attempting to mask their true context and pretend to be legitimate user traffic,” the report noted.

Also last quarter, Russia and Vietnam emerged as top five attack originators, alongside the UK, US and Germany. However, more attacks are said to originate in Europe than anywhere else.

Source: Information Security Magazine