ThreatMetrix Cybercrime Report Q2 2015 – Mobile Transaction and Online Lending Fraud on Rise

Posted August 19, 2015

Cybercrime Report

ThreatMetrix Cybercrime Report is based on Numbers Drawn from our Digital Identity Network Analyzing 1 Billion Plus Transactions Every Month

Over the second quarter, the ThreatMetrix® Digital Identity Network analyzed more than 3 billion transactions in real time, detecting more than 75 million attacks and stopped them dead in their tracks. These attacks came in many forms from fraudulent online payments and logins to new account registrations.

Newly released “ThreatMetrix® Cybercrime Report: Q2 2015”

Based on cybercrime attacks detected by the ThreatMetrix Digital Identity Network (The Network), the report offers a unique insight into legitimate end-users’ digital identities and highlights some representative key market trends.

Vanita Pandey, ThreatMetrix senior director, strategy and product marketing, on stopping cybercriminals without hassling real customers

“As commerce goes global and mobile, cybercrime follows suit, as is evidenced by the high volume of attacks targeting cross-border and mobile transactions. Cross-border transactions open the door to new revenue opportunities for businesses but are easy targets for cybercrime attacks, so they must make every effort to ensure they’re stopping fraudulent transactions without rejecting authentic customers.”

Does an improved customer experience also improve opportunities for cybercriminals?

Online and mobile commerce retailers look to build long-term relationships with customers by storing account information and creating mobile apps for easier access and an improved customer experience.

Logically, more retailer app downloads across connected devices (e.g., smartphones and tablets) means customers are moving between devices to do their transactions.

Pandey on ensuring “digital debris” isn’t scattered across cyberspace and saving $1 to $3 billion in potential customer losses

“As retailers focus on customer engagement, it is critical to balance the customer experience and online security to ensure their digital debris is not scattered across cyberspace. During this [Q2] alone we detected almost 36 million attacks, a 20 percent increase over the previous quarter. Overall, this equates out to approximately $1 to $3 billion in potential losses being avoided.”

Have cybercrime take a holiday during the holiday shopping season

As retailers across the globe prepare for the holiday season, they need to also prepare for an increase in potential attacks. With The Network, e-commerce transactions can be analyzed in real time to identify trusted customers, avoid customer friction and ultimately, stop fraudulent transactions.

eCommerce transactions broken down by risk and percentage:

  • 80 percent of transactions were account logins, with 3 percent high risk
  • 19 percent of transactions were payments, with 3 percent high risk
  • 1 percent of transactions were account creation, with nearly 7 percent high risk

Financial services organizations face organized attacks worldwide

As financial institutions’ services evolve to cater to digital consumers, cybercriminals seek to exploit any vulnerability. This is evidenced by the substantial increase in fraud rates across all transaction types, mostly driven by breaches and the availability of consumer credentials in the wild.

In online lending, attacks spiked during Q2 focusing primarily on new account originations and payment disbursements

Online lending is seen as an easier way for the unbanked and underbanked to get loans in days. As a result, online lending is taking off and becoming a top target of cybercriminals. For example, Lending Club, the first peer-to-peer lender, has issued $7.6 billion in loans since it was founded nine years ago—with $1.4 billion of that in the last three months alone.

“Mobile is driving financial inclusion for unbanked and underbanked population in both developed and emerging economies,” said Pandey. “As consumers turn to digital channels for instant access to funds or to store and manage their financial information, the online lending space has become a big target for attackers. Ensuring digital identities are effectively protected should be high priority for emerging and established financial institutions.”

Financial services transactions broken down by risk and percentage:

  • 83 percent of transactions were account logins, with 2 percent high risk
  • 16 percent of transactions were payments, with 3 percent high risk
  • 1 percent of transactions were account creation, with 2 percent high risk

Getting ready for EMV

With the upcoming Europay-MasterCard-Visa (EMV) deadline in October, e-commerce merchants and financial institutions must prepare for an increase in the attacks targeting the digital channels. The adoption of EMV secures point-of–sale, causing a migration of fraud to less-secure online and mobile channels.                                                                                                    

Highest percentage of high-risk transactions? The media industry

ThreatMetrix analyzed transactions across social networks, content streaming channels, and online and mobile dating sites. Modest sign-up and authentication requirements along with user password sharing across sites make the media industry a prime target for cybercrime.

“Digital media has become fraudsters’ weapon of choice to test the validity of stolen credentials, leading to heightened levels of attacks in this segment,” said Pandey. “At the same time, businesses also have to protect against illegal content access, malicious content posting and spamming.”

Media transactions broken down by risk and percentage:

  • 27 percent of transactions were account logins, with nearly 6 percent high risk
  • 50 percent of transactions were payments, with 3 percent high risk
  • 23 percent of transactions were account creation, with nearly 4 percent high risk

Mobile: a third of all transactions analyzed

Mobile is the biggest emerging opportunity and risk for businesses and financial institutions trying to deliver a frictionless experience to customers. Mobile usage continues to grow, accounting for up to 31 percent of transactions. With more than 20 million new mobile devices being added to The Network every month, this trend is expected to continue.

FDIC survey of unbanked and underbanked

According to the 2013 FDIC National Survey of Unbanked or Underbanked Households, 20 percent of Americans were unbanked or underbanked. In developing economies the trend is reversed with only 41 percent of adults have bank accounts. Mobile is the tool that the unbanked and underbanked can use in developing countries to have access to banking and e-commerce.

“Mobile transactions provide additional opportunities for fraudsters to conduct spoofing attacks or identity theft by increasingly impersonating other devices to facilitate attacks,” said Pandey. “With consumers constantly on the go, they are more likely to conduct mobile transactions, which have the potential to compromise their digital identities.”

As shown in the “ThreatMetrix Cybercrime Report: Q2 2015,” cybercrime continues to grow across industries and online channels. Consumer behavior has gone through a drastic change and this can be attributed to the reliance on mobile and other connected devices. Attacks detected during real-time analysis and interdiction of fraudulent online payments, logins and new account registrations show us that fraudsters are constantly developing strategies to compromise our digital identities. The ThreatMetrix Digital Identity Network empowers businesses with real-time intelligence to differentiate between fraudsters and trusted consumers across channel, location and devices.

To learn more, download the ThreatMetrix Cybercrime Report Q2 2015



close btn