sb-eu logo
Story image

Out with credit cards & in with identity data: Cybercriminals take fraud to new levels

24 Jan 2018

Cybercriminals are ditching the ‘quick buck’ methods of stealing credit cards and are instead going after identity data through ambitious attacks that provide longer-term profits.

Those are the conclusions from ThreatMetrix Cybercrime Report 2017: A Year in Review, which found that one in nine new accounts opened in 2017 were fraudulent.

The report also says there was a 100% increase in the volume of attacks over the last two years, according to the ThreatMetrix network.

The increase in fraudulent accounts is also affecting everyday consumers as organisations establish lengthier identity verification methods to separate legitimate customers from fraudulent ones.

“Analysing transactions based on true digital identity is the most effective way to instantly differentiate between legitimate users and cybercriminals. We leave traces of our identity everywhere, and by mapping the ever-changing associations between people, their devices, accounts, locations and addresses, across the businesses with which they interact, trusted behaviour for an individual becomes apparent,” comments ThreatMetrix VP of product marketing and strategy Vanita Pandey.

An account takeover happens every 10 seconds – an increase of more than 170%.

The report suggests that attackers combine identity information harvested from the dark web and data breaches to create new fraudulent accounts – 83 million were attempted between 2015 and 2017.

The most vulnerable industries include gift card trading websites and ridesharing, because cybercriminals look to exploit new platforms for attacks.

Consumers are also falling for social engineering tricks, such as emails that dupe people into thinking their account has been compromised. Attackers then ask people to ‘secure their account’ but instead people are handing over access.

Spikes in cyber attack activity also point to major data breaches. According to ThreatMetrix, its network detected ‘unprecedented’ spikes in irregular behaviour immediately after the Equifax breach.

As changing consumer behaviour moves towards an increase in mobile transactions, cybercriminals are reportedly keeping pace.

Mobile transaction volumes grew 83% due to an increase in multi-device purchasing. Last year mobile transactions exceeded desktop-based transactions for the first time.

With the volume and complexity of attacks increasing daily, businesses need to accurately differentiate customers from criminals in real time, without impacting transaction speeds or introducing unnecessary friction,” Pandey explains. 

 “By looking beyond static data—and drilling down to the dynamic intricacies of how people transact online—companies can continue to grow their digital businesses with confidence.”

The report analysed attacks that were detected and blocked on ThreatMetrix Digital Identity Network between January and December 2017.

Story image
ESET launches the latest version of its Mobile Security solution
“With this latest version of ESET Mobile Security, we want to ensure our users feel completely secure when performing financial transactions on their devices, in addition to being protected from malware and phishing attempts."More
Story image
Strong cybersecurity posture crucial for company success - Fortinet
"They should also conduct due diligence to ensure partners aren’t inadvertently creating vulnerabilities with insufficient cybersecurity measures."More
Story image
Check Point acquires Odo Security to bolster remote security offering
The deal will integrate Odo’s remote access software with Check Point’s Inifinity architecture, bolstering the latter company’s remote security capabilities in a time where working and learning from home has become the norm, and looks to largely remain that way in the near future.More
Story image
Radware issues security alert, warning of global rise of DDoS-for-hire
Efforts from corporations, law enforcement and independent researchers around the world have attempted in the last two years to curb this growth – but the industry keeps growing says Radware information security researcher Daniel Smith.More
Story image
Shlayer malware proves Apple devices aren't as secure as you think
"Apple never talks about malware publicly, and loves to give the impression that its systems are secure. Unfortunately, the opposite has been proven to be the case with great regularity."More
Story image
Ripple20 threat has potential for 'vast exploitation', ExtraHop researchers find
One in three IT environments are vulnerable to a cyber threat known as Ripple20. This is according to a new report from ExtraHop, a cloud-native network detection and response solutions provider. More