Q2 2018: A Cybercriminal ‘World Cup’

Posted October 9, 2018

Q2 2018: A Cybercriminal ‘World Cup’

Russian soccer fans may have the perfect phrase for it: Pushka Strashnaya—a “scary cannon,” the popular metaphor for “a vicious shot from a long range.”

If the new Q2 2018 Cybercrime Report from ThreatMetrix is any indication, that is indeed an apt description for a quarter in which promising new developments in the digital economy collided with 151 million cyberattacks worldwide.

The quarterly report, based on actual cyberattacks detected and interdicted within the ThreatMetrix Digital Identity Network from April through June 2018, is seen as a reliable barometer of global cybercrime patterns. And it provides a troubling view of emerging and increasingly global trends in illegal online payments, account takeover (ATO) attacks, and fraudulent account creations.

Among its key findings: a record 1.6 billion bot attacks and a discouraging increase in fraudulent mobile transactions.

Digital Hooligans

As it happens, Russia could easily serve as a microcosm for the quarter’s developments. As FIFA World Cup fever took over, we saw some interesting goings-on within the region, that reflect wider global trends.

As host to soccer’s most competitive tournament, the event delivered all the usual on-pitch excitement of penalty shoot-outs and shock exits from major teams. At the same time, Russia experienced a surge in online and mobile transaction volumes for several key industries—including travel, gaming and card networks.

According to President Putin, there were 25 million cyberattacks on Russian information infrastructure which were connected one way or another to the games. And this fits with data from the ThreatMetrix network. Ever the opportunists, fraudsters found clever ways to capitalize on the surge in demand for many goods and services driven by World Cup fans.

In the example of one global travel company, they experienced a 46% upsurge in fraudulent transactions, many from Russia, showing the possible effects of the World Cup on this sector. This is against a 20% overall growth rate in online and mobile transaction volumes for the nation.

Travel Company Transaction Stats

Many of these thieves hid beneath large transaction volumes, exploiting the fact that merchants can be a little more willing to accept a greater degree of risk to approve more orders when the getting is good.

The Revolution will be Victimized

Indeed, the competition between businesses and cyber-thieves is playing out around the world. And while the digital economy made substantive gains in the second quarter, it also saw heightened risks on a number of key fronts. Chief among them: mobile.

While total online transactions have grown 41% year-on-year, mobile transactions are rising at a far faster pace. Today, the mobile channel drives 58% of all transactions within the network, up from just 19% in 2015. That’s a growth rate of 72% year-on-year, and 606% in just three years.

Growth in the channel is even higher in financial services, where it now accounts for 61% of all account creations and 66% of all logins—reflecting the rapid shift in consumer behavior toward mobile as the predominant, and sometimes only, way to access many financial goods and services.

Meanwhile, 78% of payments in the media sector now come from a mobile device as consumers embrace digital wallets and mobile payment services such as Apple Pay. And interest in the World Cup? Mobile transactions from Russia to one online gambling site soared 850% during the games.

But all of this has come with a price. Worldwide, the percentage of mobile attacks in financial services increased for every use case last quarter. Among the worst? Mobile logins, which have seen a 200% upswing in attacks since Q1. In media, mobile payments swelled 51% during the same period.

Emerging Economies: Ripe for the Taking

Then there are bots. As it stands, automated bot attacks continue to have a huge impact on all forms of digital traffic globally, at peak times making up over half of all transactions to individual organizations.

What’s new: A full 70 million of these attacks appear to have come via the mobile channel. Also new: Automated bot traffic during Q2 predominantly originated from Vietnam, Indonesia, Russia, Malaysia and South Korea, highlighting the global dissemination of stolen identity data to growth regions and emerging economies.

In fact, China ranked among the top five countries of attack origin for the first time ever, many of them bot-driven. Mobile figures prominently here, as well. In Greater China, the mobile attack rate is up 127%, and in South East Asia, it’s up 64% in just three months.

This global proliferation of identity data is impacting overall cyberattack trends as well. Brazil, for instance, continues to see cybercrime rates climb. In North America, the U.S. suffered 28% growth in overall cyberattacks year-on-year.

But oh, Canada: A 69% increase in identity spoofing attacks in a single quarter was part of an overall 43% growth in attacks year-on-year—among the worst globally.

A Serious Game Continues

So, as you can see, the cybercrime landscape continues to be a complex one – with variable trends impacting different industries and verticals. Intensely popular events such as the World Cup provide just one avenue for opportunistic fraudsters to increase the intensity of attacks on companies experiencing higher-than-normal transaction volumes.

In a high-stakes game like global cybercrime, we could use as tight a defense as we can get!

Download the Q2 2018 Cybercrime Report from ThreatMetrix to learn about global cybercrime patterns and how a digital identity-based approach to fraud prevention can help digital economy businesses thrive.

Stephen Topliss

Stephen Topliss

Vice President Product Strategy, ThreatMetrix

close btn