ThreatMetrix is the hyper successful ’Digital Identity Company’, based in the US but with incredible and impressive Australian roots, as explained in this earlier iTWire article, which turns ThreatMetrix into an enviable Australian and US success story that more Australian companies and banks should not only be aware about, but using and relying on to protect their transactions, themselves and their customers - just as is happening globally.
Starkly warning that ‘Retailers must stay vigilant when it comes to protecting digital identities,’ ThreatMetrix has grown into ‘The Digital Identity Company’, and has released its latest ’ThreatMetrix Cybercrime Report: Q3 2015’ (available for free download) which examines cybercrime attacks detected by the ThreatMetrix Digital Identity Network from July to September. These attacks were detected during real-time analysis and interdiction of fraudulent online payments, logins and new account registrations.
During this period, ThreatMetrix reports that it ‘detected more than 90 million attempted attacks across industries, representing a 20% increase over the previous quarter.’
The company says this increase in attacks ‘can largely be attributed to the growing sophistication of cybercriminals and the amount of customer data available for interception. Fraudsters are using bots and botnets to run massive identity testing sessions in order to penetrate fraud defences.’
Vanita Pandey, senior director, strategy and product marketing at ThreatMetrix said: “Generally, this time of year is slower for businesses as they prepare for the holiday shopping season, but this year it yielded record numbers in attempted attacks. The majority of the attempts we saw were in the e-commerce space using low-and-slow bots that bypass traditional security defences. Retailers must stay vigilant when it comes to protecting digital identities.”
Here’s ThreatMetrix’s short company video, the article continues thereafter, please read on!
E-Commerce and Holiday Shopping Season
During the second quarter of 2015, ThreatMetrix says its network detected more than 45 million e-commerce attacks, a 25% increase over the previous quarter.
This signifies billions of dollars in potential financial loss, as well as potential damage to reputation and brand credibility that has been successfully avoided.
Given the recent EMV mandate in the US (known as chip-and-pin cards in Australia and already used here for years), ThreatMetrix says ‘brick-and-mortar retailers are updating POS systems to increase in-store security, leading cybercriminals to shift their attention to digital channels,’ and that ‘e-commerce brands and retailers should be on high alert due to fraud making its way to the online space.’
Pandey added: “Botnets are the new data breach threat, as opposed to Advanced Persistent Threats (APT), which attack the network from the inside out; botnet breaches are targeting the outside-in via digital identities.
“We see very high daily traffic at leading retailers due to low frequency attacks using botnets designed to evade rate and security control measures and thus detection.”
The US National Retail Federation (NRF) found that the holiday season is when retailers see at least 20% of their annual revenue. This season, the NRF is predicting record numbers, foreseeing a 6 to 8% increase in sales. It’s being tabbed as a ‘digital holiday,’ in which the number of purchases being made on a tablet or smartphone will be the highest since the 2011 shopping season.
E-commerce transactions broken down consist of the following percentages and risks:
- 78% of transactions were account logins, with 5% high risk
- 21% of transactions were payments, with 3.2% high risk
- 1% of transactions were account creations, with nearly 7% high risk
The article continues below this ad, please read on!
Financial Services Customers Demonstrate High Cross-Device Usage
In the financial services industry, attacks increased 30% over the previous quarter, with more than 15 million fraud attempts. As online lending and alternative payments providers represent significant financial gain for fraudsters, this segment is continuing to experience a very high volume of attacks.
As mobile usage continues to rise, consumers are more connected than ever before, creating new opportunities for fraudsters, who are making the online lending space a target for their attacks. Users are transacting more overseas and across time zones and PII is at risk of interception during these occurrences.
Financial services transactions broken down consist of the following percentages and risks:
- 85% of transactions were account logins, with 2.5% high risk
- 13% of transactions were payments, with 3% high risk
- 2% of transactions were account creations, with 2% high risk
Media Industry Sees Highest Percentage of High-Risk Transactions
ThreatMetrix’s Network detected nearly 20 million media industry attacks during Q3, a 25% increase from Q2. Many of the fraud attempts involved fake listings or fake reviews, an increasing trend that should be a top concern in the upcoming shopping months. Many top retailers are dealing with thousands of fake reviews on a daily basis.
ThreatMetrix analysed online activity across social networks, content streaming channels, and online and mobile dating sites. Modest sign-up and authentication requirements along with user password sharing across sites lead to the media industry being a top target for cybercriminals.
Here, Pandey noted that: “Businesses are beginning to crack down on fake listings and reviews because they damage brand credibility and lose customers’ trust.
“ThreatMetrix leverages global shared intelligence through its Digital Identity Network to detect and prevent fake reviews and other types of bogus user-generated content from making it onto retailers’ sites.”
Media industry transactions broken down consist of the following percentages and risks:
- 26% of transactions were account logins, with 5% high risk
- 54% of transactions were payments, with 3.5% high risk
- 20% of transactions were account creations, with 3% high risk
Mobile Usage Reaches an All-Time High
Mobile usage has continued to increase at a high rate in recent months – more than 50% from this time last year. This trend is expected to continue as devices become more widespread and businesses continue to transition into the digital world. Nearly a quarter of users are categorised as mobile only, which is expected to increase as well.
Pandey said: “Increased mobile use during holiday shopping means more avenues for cyber-attacks. Our main concern with a growing mobile dependency is being aware of your online persona – how much information you share online and where you share it. These are very important factors in determining a person’s identity.”
Top Digital Nations are Top Attack Originators
Cybercrime is a global phenomenon with fraudsters targeting businesses in countries that have the highest online and mobile penetration. The report notes that the top digital nations are the big attack originators.
Three of the top five attack originators are from Western Europe – Germany, France and the United Kingdom – which also continues to be one of the most targeted attack destinations. The United States is one of the biggest players in cyber fraud origination, as well as a key target for attackers worldwide.
Pandey concludes: “This report comes just ahead of the 2015 holiday shopping season, which promises to be the biggest digital season.
“We live in a time when data breaches are an ever-present threat, and businesses must take the utmost care with their customers’ digital identities. If they don’t, cybercriminals can take fragments of these digital identities and piece together an entire persona from the smallest amount of information.”