The European Cybercrime Landscape Heats Up as Identity Abuse Increases by 30%

Posted June 19, 2018

The European Cybercrime Landscape Heats Up as Identity Abuse Increases by 30%

As Europe navigates a time of intense change – regulatory, political and technological – one constant is the steady increase in the rise of identity abuse in the region that digital businesses are facing.

The ThreatMetrix® Cybercrime Report: Europe Deep Dive 2018 recently revealed a 30 percent year over year rise in cybercrime. This data is based on the analysis of real-world attacks seen on the ThreatMetrix Digital Identity Network®, which saw 1.9 billion transactions from Europe in the first quarter of 2018.

What’s interesting is that is not solely the volume of attacks that is changing, but the cadence of attacks, and how top attack vectors vary across the continent.

In light of these complexities, businesses need to adjust their fraud prevention strategies to use dynamic, data-driven approaches that protect against evolving and intensifying threats.

European Businesses Hit with 80 Million Fraud Attempts in Q1 2018

Not only were European businesses experiencing a greater volume of attacks, they had to deal with far more pronounced spikes of peak attack periods throughout Q1 2018 compared to previous years. There has been an evolution from short, isolated peaks of fraud attacks to more sustained, high-volume attacks across a number of days or even weeks.

As a result, European businesses are looking to more robust security capabilities that can handle intense periods of attack, without slowing online business down.

Account Takeover eCommerce Login Attack Rate

Data shows a particularly high peak in attacks near the beginning of February 2018. Significant peaks such as these normally indicate that fraudsters have been hit with a fresh batch of breached data which is being used to carry out downstream identity abuse attacks. Often businesses need to protect against downstream fraud after data breaches that have not yet been disclosed publicly.

Russia and Ukraine Lead the European Bot Army

In addition to the 80 million fraud attempts that were detected and stopped on the ThreatMetrix network in the first 3 months of 2018, we also detected 210 million bot attacks. This makes Europe a significant originator of global bot attacks, which totalled 1 billion during the same period. 13% of these bot attacks in Europe came from mobile devices, which is a growing trend worldwide.

Continuing a trend seen over the previous 2 quarters’ analysis, Russia and Eastern Europe were very active in automated attacks. As soon as breached data hits the underground network, it disseminates quickly across regions. Automated bot attacks are used for some quick wins to monetize freshly stolen data and to test credentials to have a higher chance of successful downstream attacks on higher value targets.

Identity Spoofing Doubles in Germany


There is a significant uptick in the number of identity spoofing attacks across Europe, as a consequence of the large volumes of stolen identity data now available to cybercriminals – which are getting regular data refreshes with each new breach. For example, identity spoofing attacks in Germany have more than doubled year-over-year. Indeed, cybercrime originating from Germany was high enough for it to feature in the list of top five perpetrators of cybercrime globally – with this dubious honour also being shared by the UK. As an area of such digitally-advanced nations, Europe has consequently become a hub of cybercrime.

This widespread identity abuse is hitting the European eCommerce market particularly hard, as this industry is seeing the greatest effect in sheer volume of attacks. 60 million eCommerce transactions were rejected as fraudulent in Q1, which is a 47% increase over the previous year.

Online commerce is a highly competitive space and therefore eCommerce merchants are increasingly embracing low- or zero-friction identity verification and authentication methods in order to increase conversion rates, encourage customer loyalty, and ultimately drive additional revenue online. To deliver this user experience without exposing themselves and their consumers to fraud requires multi-layered protection that works completely behind the scenes, so it does not require the users themselves to jump through hoops to prove who they are.

Tackling the Rise in Identity Abuse Attacks in Europe

Protecting European businesses from evolving threats without putting up barriers to customers requires a sophisticated, risk-based approach that leverages rich data from the region – giving insight outside of your company’s own perimeter. True users have markedly different behaviour patterns than fraudsters and a data-led approach that pieces together these patterns by analysing transactions from across multiple websites and apps is a powerful way to protect online businesses. This way you can instantly identify true customers and give them a positive user experience, while protecting against activity coming from compromised and malicious devices and geo-locations. This way, we can re-establish trust online to let European online commerce continue to thrive.

To learn more about cybersecurity trends affecting Europe, download our Cybercrime Report: Europe Deepdive.

close btn