ThreatMetrix US Patents Press Releases

Organized Fraud Rings Target Online Lenders and Emerging Financial Services, Reveals New ThreatMetrix Report

Posted February 8, 2017

SAN JOSE, California – (February 9, 2017)

Over a million cyberattacks on online lending transactions cause estimated losses of more than $10 billion

Financial organizations are being increasingly targeted by cybercriminals looking to capitalize on alternative lending and payment models. Online fraudsters are exploiting the time delays inherent in reporting loan agreements to credit bureaus for substantial financial gain.

According to the latest ThreatMetrix® Cybercrime Report 1 million cyberattacks targeted online lending transactions throughout 2016, and this number will continue to grow in 2017. The total value of these transactions is estimated at approximately $10 billion.

This emerging trend in online lending fraud is the latest attack strategy being used by organized crime rings, driving a vast amount of cybercriminal activity within the financial services sector globally. And it continues to grow at great speed. The number of attacks specifically targeting alternative lending has increased by 150% since Q3 2016.

Additionally, banks and financial services companies are becoming more and more vulnerable. The ThreatMetrix Digital Identity Network®, which analyzes around 2 billion transactions per month, detected 80 million attacks using fake or stolen credentials during 2016 in the finance sector alone. Another significant industry trend is the 250% growth in mobile transaction volume year on year, with almost 55% of financial services transactions now coming through mobile devices.

“Due to its surge in popularity, and fast transaction cycles, online lending has become a prime target for cybercriminals. Online lenders are under increasing pressure to adopt smarter authentication methods that leverage real-time, behavior-based intelligence to accelerate genuine loans and prevent fraud. This is the only way to thrive in an increasingly competitive market,” says Vanita Pandey, vice president of strategy and product marketing at ThreatMetrix.

Emerging nations appear on the cybercrime frontlines

Besides the US, ThreatMetrix saw this type of fraud originating in developing countries including Brazil, Egypt, Ghana, Jordan, Nigeria and Macedonia. This is in keeping with the rise of emerging nations as players in online fraud across all industries. Brazil emerged in Q4 as a major attack destination, and ThreatMetrix saw a significant increase in attacks coming from emerging economies, including Tunisia, Ukraine, Malaysia, Bangladesh, Pakistan, Serbia, Morocco, Guadeloupe, Qatar and Cuba. Identity spoofing is the leading attack vector in such economies.

“The fact that developing nations are becoming bigger players in the online fraud game demonstrates the spread of breached identity data to countries across the globe. One in four transactions on our network is now cross-border, illustrating a global village economy that’s continuing to take root. Global data breaches are making stolen identity data globally available via the dark web, and this information is traded by organized and networked crime rings,” Pandey continues.

Additional Q4 2016 Cybercrime Report findings

With the largest-ever online holiday shopping season taking place in 2016, Q4 was the network’s biggest digital quarter ever. The Q4 2016 Cybercrime Report found that:

  • Nearly 122 million attacks were detected and stopped in real-time, an increase of more than 35% over the previous year.
  • Growth in attacks outpaced overall transaction growth, and the overall rejected transaction rate grew 15% — demonstrating heightened risk levels.
  • 45% of transactions now come from mobile devices, rising to 55% in financial services, as users log in almost daily to check their bank balance via mobile apps. Mobile devices are increasingly becoming the primary conduit for transacting online, with businesses moving from digital-first strategies to mobile-first ones.
  • Mobile-only users have increased across all industry groups, rising to 40% in financial services. For a sizable minority, desktops are becoming obsolete, as the breadth and depth of mobile products and services stretches to allow mobile-only usage.
  • Cross-border transactions are growing in prevalence; more than a quarter of transactions in the network are now cross border, but these continue to be approached with caution and are rejected more than twice as much as domestic transactions.

To access the Q4 2016 Cybercrime Report – click here

About ThreatMetrix

ThreatMetrix®, The Digital Identity Company®, is the market-leading cloud solution for authenticating digital personas and transactions on the Internet. Verifying more than 20 billion annual transactions supporting 30,000 websites and 4,500 customers globally through the ThreatMetrix Digital Identity Network®, ThreatMetrix secures businesses and end users against account takeover, payment fraud and fraudulent account registrations resulting from malware and data breaches. Key benefits include an improved customer experience, reduced friction, revenue gain and lower fraud and operational costs. The ThreatMetrix solution is deployed across a variety of industries, including financial services, e-commerce, payments and lending, media, government and insurance.

For more information, visit or call 1-408-200-5755. Join the cybersecurity conversation by visiting the ThreatMetrix blog, Twitter, LinkedIn and Facebook pages.

© 2017 ThreatMetrix. All rights reserved. ThreatMetrix and the ThreatMetrix logo are trademarks or registered trademarks of ThreatMetrix in the United States and other countries. All other brand, service or product names are trademarks or registered trademarks of their respective companies or owners.

Media contacts

Lizzie Clitheroe
Tel: 408-200-5756

Paul Wilke
Upright Position Communications
Tel: 415-881-7995

close btn