Asia Pacific Cyberattacks up 35% Year on Year, As Global Organized Fraud Rings Turn Their Attention to Emerging Financial Services
Posted March 8, 2017
Over a million worldwide cyberattacks on online lending transactions in 2016 with the potential loss of USD $10 billion
Hong Kong – March 9, 2017 Asia Pacific organizations are being increasingly targeted with fraud attacks, while globally cybercriminals are turning attacks in the financial services sector to alternative lending and payment models.
The latest ThreatMetrix® Cybercrime Report reveals attacks levels in Asia Pacific are growing at a rate of 35% year on year. The number of transactions rejected as fraudulent in the ThreatMetrix network has outpaced transaction growth in the APAC region.
One third of transactions are coming from mobile devices, which lags the global average of 44%, however mobile is growing quarter on quarter.
This quarter saw a large increase in device spoofing attacks in the Asia Pacific region, mainly originating from Australia, India, China and Singapore, as fraudsters attempt to masquerade as a different or new device to commit fraud.
“Due to the digital revolution happening across the Asia Pacific region, which is seeing more and more of people’s daily lives move online, cybercrime is increasing dramatically,” said Pascal Podvin, SVP of Field Operations at ThreatMetrix. “In particular, cross-border transactions are being regularly targeted by fraudsters in this region, and businesses are looking for more sophisticated ways to accurately identify genuine users versus cybercriminals in real time.”
One million global cyberattacks on online lending in 2016
Alternative lending and payment models are being increasingly attacked by online fraudsters looking to exploit the time delays inherent in reporting loan agreements to credit bureaus for substantial financial gain.
The ThreatMetrix® Q4 2016 Cybercrime Report reveals that 1 million cyberattacks targeted online lending transactions throughout 2016, and this number will continue to grow in 2017. The total potential loss value of these transactions globally is estimated at US$10 billion.
This emerging trend in online lending fraud is the latest attack strategy being used by cybercriminals, driving a vast amount of cybercriminal activity within the financial services sector globally. And it continues to grow at great speed. The number of attacks specifically targeting alternative lending has increased by 150% since Q3 2016.
Additionally, banks and financial services companies are becoming more and more vulnerable. The ThreatMetrix Digital Identity Network®, which analyses around 2 billion transactions per month, detected 80 million attacks using fake or stolen credentials during 2016 in the finance sector alone. Another significant industry trend is the 250% growth in mobile transaction volume year on year, with almost 55% of financial services transactions now coming through mobile devices.
“Due to its surge in popularity, and fast transaction cycles, online lending has become a prime target for cybercriminals. Online lenders are under increasing pressure to adopt smarter authentication methods that leverage real-time, behaviour-based intelligence to accelerate genuine loans and prevent fraud. This is the only way to thrive in an increasingly competitive market,” says Alisdair Faulkner, Chief Products Officer at ThreatMetrix.
Emerging nations appear on the cybercrime frontlines
ThreatMetrix saw fraud attacks originating in developing countries including Brazil, Egypt, Ghana, Jordan, Nigeria and Macedonia. This is in keeping with the rise of emerging nations as players in online fraud across all industries. Brazil emerged in Q4 as a major attack destination, and ThreatMetrix saw a significant increase in attacks in Asia coming from Malaysia, Bangladesh and Pakistan as well as emerging economies including Tunisia, Ukraine, Serbia, Morocco, Guadeloupe, Qatar and Cuba. Identity spoofing is the leading attack vector in such economies.
“The fact that developing nations are becoming bigger players in the online fraud game demonstrates the spread of breached identity data to countries across the globe,” continued Faulkner. “One in four transactions on our network is now cross-border, illustrating a global village economy that’s continuing to take root. Global data breaches are making stolen identity data globally available via the dark web, and this information is traded by organized and networked crime rings.”
Additional Q4 2016 Cybercrime Report findings
With the largest-ever online holiday shopping season taking place in 2016, Q4 was the network’s biggest digital quarter ever. The Q4 2016 Cybercrime Report found that:
- Nearly 122 million attacks were detected and stopped in real time, an increase of more than 35% over the previous year.
- Growth in attacks outpaced overall transaction growth, and the overall rejected transaction rate grew 15% — demonstrating heightened risk levels.
- Mobile-only users have increased across all industry groups, rising to 40% in financial services. For a sizable minority, desktops are becoming obsolete, as the breadth and depth of mobile products and services stretches to allow mobile-only usage.
- Cross-border transactions are growing in prevalence; more than a quarter of transactions in the network are now cross border, but these continue to be approached with caution and are rejected more than twice as much as domestic transactions.
To access the Q4 2016 Cybercrime Report – click here
As part of the company’s commitment to protecting digital identity and combatting fraud, ThreatMetrix is hosting its first Asia Pacific Digital Identity Summit on April 6 at the Hyatt Regency Hong Kong. Thought leaders and senior executives in the digital, risk and fraud space will explore this year’s theme of “The Currency of Trust” and how APAC businesses can establish trusted identities and secure transactions on the Internet. For more information, or to register for the Digital Identity Summit, please visit https://digitalidentitysummit.com/hong-kong/.
ThreatMetrix®, The Digital Identity Company®, is the market-leading cloud solution for authenticating digital personas and transactions on the Internet. Verifying more than 20 billion annual transactions supporting 30,000 websites and 4,500 customers globally through the ThreatMetrix Digital Identity Network®, ThreatMetrix secures businesses and end users against account takeover, payment fraud and fraudulent account registrations resulting from malware and data breaches. Key benefits include an improved customer experience, reduced friction, revenue gain and lower fraud and operational costs. The ThreatMetrix solution is deployed across a variety of industries, including financial services, e-commerce, payments and lending, media, government and insurance.
© 2017 ThreatMetrix. All rights reserved. ThreatMetrix and the ThreatMetrix logo are trademarks or registered trademarks of ThreatMetrix in the United States and other countries. All other brand, service or product names are trademarks or registered trademarks of their respective companies or owners.
Marketing Director, APAC
Tel: +852 6180 0905
Account Director, Greater China
Tel: +852 6992 7592