ThreatMetrix US Patents Press Releases

ThreatMetrix Cybercrime Report Reveals a 50% Increase in Global Attacks, with 1 in 10 New Account Applications Now Rejected

Posted July 27, 2016

San Jose, California — (July 27, 2016)
Impact of data breaches linked to heightened use of stolen identities
As part of its ongoing effort to thwart cybercrime, ThreatMetrix®, The Digital Identity Company™, today released its Q2 2016 Cybercrime Report. The ThreatMetrix Digital Identity Network (The Network) detected and stopped a record 112 million cyber attacks this quarter, a 50 percent increase from last year.
The report revealed that the rise in stolen identity credentials available in the market led to an increased level of attacks on new accounts, a 250 percent increase year-over-year. Fraudsters are using identity credentials obtained from the dark web to run substantial automated bot attacks that have increased 50 percent since last quarter. The Network detected 450 million such threats, thwarting millions of attacks on numerous individual companies.
Attack levels continue to increase as the global digital economy grows, and as consumers make more online transactions. Fraudsters are capitalizing on this growth, evolving their tactics to target new payment platforms, EMV transactions and the mobile platform.
“In a world where billions of consumer identities have been compromised, it is becoming harder for digital businesses to authenticate the good guys, let alone detect the bad ones,” says Vanita Pandey, vice president, strategy and product marketing at ThreatMetrix. “Digital authentication continues to be one of our biggest use cases globally. The challenge remains, how do businesses accurately identify genuine attacks from legitimate transactions.”
Other key findings:

  • Attacks are becoming more prevalent and are evolving in scope, depth and complexity: In Q2 2016 The Network processed 5.2 billion transactions, identifying and stopping 112 million attacks. This represents a 50 percent increase over the previous year. The exploitation of stolen data is global and coordinated, resulting in huge attack spikes following a large breach.
  • Bot attacks continue their relentless rise: 450 million bot attacks were detected and stopped this quarter, a 50 percent increase over last quarter.
  • As mobile transactions increase, fraudsters’ mobile attacks evolve: Mobile transactions are growing at a rate of 200 percent year-over-year, and 40 percent of Network transactions now come from mobile devices. The Network reported its first mobile bot attack this quarter, as fraudsters seek to capitalize on the increasing popularity of mobile commerce.
  • EMV has a noticeable impact on e-commerce attacks: There were 69 million e-commerce attacks this quarter, an increase of 90 percent over the previous year.
  • P2P media platforms see a spike in fraudulent activity ahead of the summer holiday season: Online review sites and other media platforms were a key target this quarter; fraudulent new account registrations increased 350 percent over the previous year ahead of the summer holiday season.

Broader trends include EMV migration impact and increases in mobile and cross-border transactions.
EMV Migration Hits E-Commerce Transactions
ThreatMetrix has been predicting the impact of EMV migration for the last few months, and is now seeing the full force of the adoption of chip technology. This quarter saw the highest level of attacks on e-commerce ever, with reject rates increasing across account logins, new account creations and payments.
“EMV migration represents a big win for straightforward, friction-free transacting, but at what cost?” said Pandey. “Businesses increasingly have to balance careful fraud and risk management with strong customer authentication to ensure this upward trajectory of fraud attacks is held in check.”
Mobile Transactions Drive the Pace of Change in Financial Services
The Network saw a whopping 500 percent increase in mobile transactions for financial institutions compared to the same quarter last year, as users embrace the flexibility and convenience of mobile banking apps.
The Network has also detected a 25 percent increase in “mobile only” users compared to last quarter, indicating consumers have become more comfortable with mobile banking.
Cybercriminals are picking up on this trend and are evolving their attacks. Bots crossed over into mobile for the first time ever this quarter, as fraudsters targeted a key online e-commerce merchant in an attempt to gain access to customer accounts.
The Global Digital Economy Fuels Cross-border Transactions
Approximately 16 percent of The Network’s transactions are now cross-border, as businesses and consumers become part of a global village economy. Businesses tend to approach cross-border transactions with more caution: The rejection rate is 2.5 times higher for cross-border transactions than domestic ones. A big driver of this is the custom rules set by businesses that often reject transactions from specific countries.
“Fraudsters try to cloak and spoof their location in order to bypass standard reject rules. As a result, location spoofing attacks for cross-border transactions were 60 percent above domestic transactions,” added Pandey. “Good customers can often get caught in the net, penalized because of the country they are transacting from or caught by outdated static fraud rules.”
ThreatMetrix is able to leverage the global nature of the unique digital identities it builds in the Digital Identity Network; looking beyond simple changes in behavior (such as transacting from a new country) to the holistic view of how a user transacts across devices and locations, analyzing their behavioral pattern over time.
About the ThreatMetrix Q2 2016 Cybercrime Report
The ThreatMetrix Q2 Cybercrime Report is based on actual cybercrime attacks from April – June 2016 that were detected by the ThreatMetrix Digital Identity Network during real-time analysis and interdiction of fraudulent online payments, logins and new account applications.

  • Download the Q2 2016 Cybercrime Report Here

About ThreatMetrix
ThreatMetrix®, The Digital Identity Company™, is the market-leading cloud solution for authenticating digital personas and transactions on the Internet. Verifying more than 20 billion annual transactions supporting 30,000 websites and 4,000 customers globally through the ThreatMetrix® Digital Identity Network, ThreatMetrix secures businesses and end users against account takeover, payment fraud and fraudulent account registrations resulting from malware and data breaches. Key benefits include an improved customer experience, reduced friction, revenue gain and lower fraud and operational costs. The ThreatMetrix solution is deployed across a variety of industries, including financial services, e-commerce, payments and lending, media, government and insurance.
For more information, visit or call 1-408-200-5755. Join the cybersecurity conversation by visiting the ThreatMetrix blog, Twitter, LinkedIn and Facebook pages.

© 2016 ThreatMetrix. All rights reserved. ThreatMetrix and the ThreatMetrix logo are trademarks or registered trademarks of ThreatMetrix in the United States and other countries. All other brand, service or product names are trademarks or registered trademarks of their respective companies or owners.

Media Contacts

Jaci Robbins
Tel: 408-200-5718
Paul Wilke
Upright Position Communications
Tel: 415-881-7995

close btn