ThreatMetrix US Patents Press Releases

Europe Overtakes US to Become The Largest Perpetrator Of Global Cybercrime

Posted May 8, 2017

  • Europe now has 50% higher attack origination levels than US
  • Fraudsters are cashing in on EU uncertainties, sophisticated new attack techniques and the wide online availability of personal data
  • Rise in breaches originating from emerging countries

London, UK – 4th May, 2017: New data released today has revealed that 50 percent more cyberattacks originated from Europe than any other global region over the last 90 days, overtaking the United States for the first time. The UK and Netherlands, in particular, have become cybercrime hubs and are seeing a huge growth in online fraud rings.

The latest research from ThreatMetrix® – which analyses and protects more than 5 billion online transactions each quarter – has cited that Q1 2017 was the most active digital quarter ever, with some of the highest attack levels across the globe: 130 million fraud attacks were detected and stopped, 35 percent more than the previous year; with an additional 200 million bot attacks detected.

In the UK specifically, the ThreatMetrix network has seen 17 million attacks coming from the country in just 90 days, a 30 percent increase compared to the same period in 2016 (January to March). The Netherlands had the highest growth in absolute attacks (50 percent).  Whilst attacks and fraudulent activity outpaced the good transactions in Germany and France, both by over 40 percent.

European sensitivities are providing a breeding ground for cybercrime

The dramatic increase in attacks coming from Europe can be linked to both the increasing sophistication of fraudulent techniques and tools, but also the recent political and financial uncertainties across the region.

“With so many moving parts across Europe, and now political uncertainty in the UK, cybercriminals are taking advantage of the ongoing shifts in behaviour and business. The changing regulatory posture is also mandating a change in how companies look at digital commerce, exposing gaps that fraudsters are quick to plug,” says Pascal Podvin, SVP of operations at ThreatMetrix.

Podvin continued, “As cybercrime spreads and grows in sophistication, fraud prevention becomes an even more crucial function, inextricably linked with the profit and loss of businesses in markets such as the UK.”

Tools and techniques are more sophisticated than ever

The Q1 Cybercrime Report also found that attack vectors and patterns are evolving and becoming more pernicious. For example, there was a proliferation of remote access trojans (RATs) in the financial services industry; these attacks combine remote access software with precise social engineering attacks. Fintech is also being hit with identity spoofing attacks that capitalise on the rich pickings of peer-to-peer loans, global remittance and potential loopholes in new and emerging platforms. And media attacks are becoming a breeding ground for identity testing and fake news and reviews.

“We saw a number of high-profile global breaches in recent months, all of which pointed to one thing: Identity data is increasingly the currency in global cybercrime, as fraudsters use stolen personal data to create convincing identities to launch attacks of all sizes,” commented Vanita Pandey, VP of product marketing and strategy at ThreatMetrix.

Emerging economies emerge as key cybercrime originators

Along with this growth in cybercrime attempts from Europe, attack origins continued to morph, with more attacks also coming from emerging economies including Azerbaijan, Bangladesh, Croatia, Cuba, Ecuador, Georgia, Guatemala, Israel, Kenya, Morocco, Peru and Puerto Rico. This demonstrates that cybercrime is becoming more global and networked, as breached identity data spreads into more and more countries across the globe.

“With attacks evolving at a faster and faster pace, the only way for companies to combat fraudsters is to recognise exactly who their real customers are,” says Pandey. “This can be done by analysing their customers’ digital footprints in an anonymised way. They must understand their digital identity based on dynamic, shared intelligence — and use this rich data to inform risk decisions.”

Key global findings of the ThreatMetrix Q1 2017 Cybercrime Report:

  • Europe is the most mobile region, with 51 percent mobile transactions. Forty-five percent of all global transactions now come from mobile platforms.
  • Mobile transactions worldwide have grown 400 percent over the last two years, with 500 million more average monthly transactions in Q1 2017 than Q1 2015
  • 80 percent of transactions in South America is now cross border
  • Growth of spoofing attacks in Asia Pacific

About the ThreatMetrix Q1 2017 Cybercrime Report

The ThreatMetrix Q1 Cybercrime Report is based on actual cybercrime attacks from January to March 2017 that were detected by the ThreatMetrix Digital Identity Network during real-time analysis and interdiction of fraudulent online payments, logins and new account applications.

Download the report: Click here

About ThreatMetrix

ThreatMetrix®, The Digital Identity Company®, is the market-leading cloud solution for authenticating digital personas and transactions on the Internet. Verifying more than 20 billion annual transactions supporting 30,000 websites and 4,500 customers globally through the ThreatMetrix Digital Identity Network®, ThreatMetrix secures businesses and end users against account takeover, payment fraud and fraudulent account registrations resulting from malware and data breaches. Key benefits include an improved customer experience, reduced friction, revenue gain and lower fraud and operational costs. The ThreatMetrix solution is deployed across a variety of industries, including financial services, e-commerce, payments and lending, media, government and insurance.

For more information, visit or call 1-408-200-5755. Join the cybersecurity conversation by visiting the ThreatMetrix blog, Twitter, LinkedIn and Facebook pages.

© 2017 ThreatMetrix. All rights reserved. ThreatMetrix and the ThreatMetrix logo are trademarks or registered trademarks of ThreatMetrix in the United States and other countries. All other brand, service or product names are trademarks or registered trademarks of their respective companies or owners.

Media contacts

Ronald Sens

Sophie Brown
Sophie Brown Communications
Tel: +44 (0)7919 098 893

close btn