Story image

Out with credit cards & in with identity data: Cybercriminals take fraud to new levels

24 Jan 18

Cybercriminals are ditching the ‘quick buck’ methods of stealing credit cards and are instead going after identity data through ambitious attacks that provide longer-term profits.

Those are the conclusions from ThreatMetrix Cybercrime Report 2017: A Year in Review, which found that one in nine new accounts opened in 2017 were fraudulent.

The report also says there was a 100% increase in the volume of attacks over the last two years, according to the ThreatMetrix network.

The increase in fraudulent accounts is also affecting everyday consumers as organisations establish lengthier identity verification methods to separate legitimate customers from fraudulent ones.

“Analysing transactions based on true digital identity is the most effective way to instantly differentiate between legitimate users and cybercriminals. We leave traces of our identity everywhere, and by mapping the ever-changing associations between people, their devices, accounts, locations and addresses, across the businesses with which they interact, trusted behaviour for an individual becomes apparent,” comments ThreatMetrix VP of product marketing and strategy Vanita Pandey.

An account takeover happens every 10 seconds – an increase of more than 170%.

The report suggests that attackers combine identity information harvested from the dark web and data breaches to create new fraudulent accounts – 83 million were attempted between 2015 and 2017.

The most vulnerable industries include gift card trading websites and ridesharing, because cybercriminals look to exploit new platforms for attacks.

Consumers are also falling for social engineering tricks, such as emails that dupe people into thinking their account has been compromised. Attackers then ask people to ‘secure their account’ but instead people are handing over access.

Spikes in cyber attack activity also point to major data breaches. According to ThreatMetrix, its network detected ‘unprecedented’ spikes in irregular behaviour immediately after the Equifax breach.

As changing consumer behaviour moves towards an increase in mobile transactions, cybercriminals are reportedly keeping pace.

Mobile transaction volumes grew 83% due to an increase in multi-device purchasing. Last year mobile transactions exceeded desktop-based transactions for the first time.

With the volume and complexity of attacks increasing daily, businesses need to accurately differentiate customers from criminals in real time, without impacting transaction speeds or introducing unnecessary friction,” Pandey explains. 

 “By looking beyond static data—and drilling down to the dynamic intricacies of how people transact online—companies can continue to grow their digital businesses with confidence.”

The report analysed attacks that were detected and blocked on ThreatMetrix Digital Identity Network between January and December 2017.

Disruption in the supply chain: Why IT resilience is a collective responsibility
"A truly resilient organisation will invest in building strong relationships while the sun shines so they can draw on goodwill when it rains."
The disaster recovery-as-a-service market is on the rise
As time progresses and advanced technologies are implemented, the demand for disaster recovery-as-a-service is also expected to increase.
Cohesity signs new reseller and cloud service provider in Australia
NEXION Networks has been appointed as an authorised reseller of Cohesity’s range of solutions for secondary data.
The key to financial institutions’ path to digital dominance
By 2020, about 1.7 megabytes a second of new information will be created for every human being on the planet.
Proofpoint launches feature to identify most targeted users
“One of the largest security industry misconceptions is that most cyberattacks target top executives and management.”
What disaster recovery will look like in 2019
“With nearly half of all businesses experiencing an unrecoverable data event in the last three years, current backup solutions are no longer fit for purpose."
NVIDIA sets records with their enterprise AI
The new MLPerf benchmark suite measures a wide range of deep learning workloads, aiming to serve as the industry’s first objective AI benchmark suite.
McAfee named Leader in Magic Quadrant an eighth time
The company has been once again named as a Leader in the Gartner Magic Quadrant for Security Information and Event Management.