European Cybercrime Landscape: What Trends are we Seeing in 2016?

Posted September 19, 2016

European Cybercrime Landscape: What Trends are we Seeing in 2016?

66% Increase in European Cybercrime Attacks since 2015

In the second quarter of 2016 over 1.5 billion European transactions were processed in the Digital Identity Network, which included millions of cybercrime attacks that were thwarted for our customers in real-time. The global trend of rapidly rising cybercrime attack levels that ThreatMetrix sees in our global Network is not only prevalent in European countries, but the rate of attacks is actually accelerating throughout Europe. Over 55 million attacks were detected and stopped in real-time across Europe in Q2 2016, which represents a 66% increase over the same quarter in the previous year. Globally we saw a 50% rise year-on-year, showing that European cybercrime attack levels are gathering pace at an unprecedented rate.

An alarming trend we have seen in Europe and beyond is a huge spike in new account creation fraud. Over 10 percent of European account registrations are now being rejected as fraudulent, representing a 123% increase since 2015. This huge spike in new application fraud shows the impact of the data breaches that businesses have suffered in Europe and beyond. Cybercriminals are using stolen identity credentials that can be sourced on the dark web in the wake of a breach to apply for new accounts across various websites in order to commit fraud.

Globally we are seeing a huge rise in the number of bot attacks, and this is no different in Europe where digital companies are being targeted on a massive scale. The European country that appears to be particularly suffering here is France, which has the highest number of MitB and bot attacks in the region. Fraudsters are constantly evolving their methods to mimic trusted users more and more closely. They use “low and slow” attacks, which fly under the radar of traditional security defences designed to detect bots. However, by assessing the legitimacy of transactions in the full context of typical user behaviour, ThreatMetrix customers are able to defend against these increasingly sophisticated automated attacks in real-time.

Europe countries: How well are they faring against attacks?

As a digitally advanced region, Europe experiences proportionately elevated attack levels compared to many parts of the world. In terms of where cybercrime attacks originate from, Europe is home to four out of the top five nations globally in Q2 2016 – UK, France, Germany and Italy. These highly engaged digital countries are a hotbed for online fraud.

France is experiencing very elevated rejection rates at 8.5% of transactions, making it the highest attacked nation in Europe. Device spoofing is the most prevalent attack method in France, with identity spoofing also fairly elevated compared to other European countries.

Netherlands ranks behind France as having the highest rejection rates in Europe, closely followed by Spain. The elevated IP spoofing rates in the Netherlands indicates that cybercriminals use it as a hub to attack other European countries.

We are also seeing some interesting trends in the more emerging European economies such as Turkey, which is on par with UK in terms of the percentage of mobile transactions and therefore are well down the path of becoming a digitally advanced nation. However, the most prevalent attack vector in Turkey is identity spoofing – higher than in any other European country – indicating that cybercriminals are having more success using stolen or spoofed identity data. This success is perhaps due to the fact that advanced identity verification methods are not as widespread in Turkey compared to other European countries.

Whilst European countries are experiencing high attack levels across the board, many of these nations also enjoy the highest recognition rates in the ThreatMetrix Digital Identity Network. This is where users have already been seen (anonymously) on the Network across the various sites that ThreatMetrix protects, meaning we can identify whether they are a trusted user, or not, with very high levels of certainty. In the UK for example, despite it being one of the top cybercrime targets of attacks coming from key countries in Europe and beyond, it enjoys one of the lowest rejection rates in Europe at 2% of total transactions. UK companies are tracking trust in order to authenticate users accurately, and avoid false positives whereby genuine transactions are flagged as high risk- resulting in delays and friction for customers and additional operational costs for the business.

Interconnected Independence

The ThreatMetrix data presented in the Q2 Cybercrime Report and Europe Deepdive shows that many of the cybercrime attack trends visible globally do play out in a similar way here in Europe. Attacks continue to grow; with identity spoofing and automated bot attacks also targeting European businesses on a massive scale. However, Europe is a diverse digital ecosystem made up of a patchwork of countries with distinct compliance regulations, consumer behaviour and technology adoption practices, resulting in distinct local fraud trends patterns. Understanding these patterns enables international businesses to tailor defences correctly and transact securely across borders.

close btn