ThreatMetrix US Patents Press Releases

ThreatMetrix Announces its “ThreatMetrix Cybercrime Report: Q4 2014” and Outlines Trends Leading up to the Holiday Shopping Season

Posted November 20, 2014


The Report Examines Cybercrime Attacks Detected by the ThreatMetrix® Global Trust Intelligence Network and Identifies Top Concerns as Account Takeover and Customer Friction

San Jose, CA – November 20, 2014 – ThreatMetrix®, the fastest-growing provider of context-based security and advanced fraud prevention solutions, today announced the availability of its “ThreatMetrix® Cybercrime Report: Q4 2014,” which examines cybercrime attacks detected by the ThreatMetrix® Global Trust Intelligence Network (The Network) during Q3 2014.

The Network analyzes more than 850 million monthly transactions, and protects more than 210 million active user accounts across 3,000 customers and 15,000 websites. Leveraging real-time, anonymized data from The Network, the “ThreatMetrix Cybercrime Report: Q4 2014” samples nearly one billion transactions and provides a representative summary of activity including account creation, payment and login fraud across industries.

Threats Facing the E-Commerce Industry This Holiday Shopping Season

The report places a particular emphasis on the e-commerce industry based on current attack trends. The identified card-not-present, account takeover and fraudulent account registration attacks are in no small way associated with the countless high profile data breaches in the past year and will no doubt accelerate during the upcoming $600 billion holiday shopping season. While many reports discuss cyber threat trends such as malware, massive data breaches or the total economic impact of cybercrime, the “ThreatMetrix Cybercrime Report: Q4 2014” is the first of its kind to analyze how frequently stolen and compromised identities are turned into cybercrime.

“In addition to payment fraud this holiday shopping season, our biggest concern is the spike in the number of account takeovers we are seeing on retail websites. ThreatMetrix data shows an upswing in account takeover activity in the wake of recent massive data breaches – and most retailers will be caught unprepared,” said Alisdair Faulkner, chief products officer, ThreatMetrix. “Previously, guest checkouts represented the highest risk, but due to the prevalence of data breaches and the convenience of storing credit cards to make mobile purchases easier, fraudsters have found it just as easy to use a stolen username and password as it is to use compromised credit card information that has a shorter life span before being shut down. Even strong PCI compliance and encryption means little when cybercriminals utilize stolen password and email combinations to compromise customer accounts. Retailers need to leverage a shared global network of trust intelligence to differentiate between trusted and suspicious transactions.”

In comparison to other industries, e-commerce falls in the middle when it comes to high-risk transactions, with four percent of all transactions being labeled as high-risk. Overall, high-risk transactions and logins are typically rejected outright by ThreatMetrix customers. E-commerce transactions broken down consist of the following percentages and risks:

  • Seven percent of transactions were account creation, with 5.2 percent high risk
  • 14 percent of transactions were account logins, with 5.5 percent high risk
  • 79 percent of transactions were payments, with 3.4 percent high risk

Cybercrime Leads to Customer Friction in the Financial Services Industry

In addition to e-commerce, the “ThreatMetrix Cybercrime Report: Q4 2014” examines financial services transactions and authentication attempts. While only one percent of transactions and logins are labeled as high-risk, financial services tolerate a higher threshold of risk at point of login and instead intercept attempted money transfers or rely on intrusive step-up authentication solutions to provide extra assurances. Financial services transactions broken down consist of the following percentages and risks:

  • Two percent of transactions were account creation, with 1.7 percent high risk
  • 83 percent of transactions were account logins, with 0.7 percent high risk
  • 15 percent of transactions were payments, with 0.5 percent high risk

“Attacks aimed at financial services are more targeted and result in much higher losses and possible brand damage than e-commerce ‘spray-and-pay’ attacks – meaning randomly targeting as many victims as possible,” said Faulkner. “Financial services businesses are dominated by higher authentication requirements, making it more difficult for fraudsters to attack. As a result, attacks leveraging malware are much more common and the challenge for most financial institutions has shifted from the detection of anomalous account access to stopping valid customers from being caught in the fraud net.”

One trend both the e-commerce and financial services industries must keep in mind is new in-store technologies such as Europay-MasterCard-Visa (EMV) and Apple Pay. While such technologies will cut down on point-of-sale fraud caused by recent data breaches, more secure in-store payments will increasingly push fraud online and e-commerce and financial services executives must be prepared to protect against such risks.

Media Industry Faces the Highest Percentage of High-Risk Transactions

According to the “ThreatMetrix Cybercrime Report: Q4 2014,” the media industry, consisting of social media, content streaming and online dating websites, consists of nine percent high-risk transactions, the highest percentage of all industries examined. Broken down, media consist of the following percentages and risks:

  • Six percent of transactions were account creation, with 4.6 percent high risk
  • 66 percent of transactions were account logins, with 6.2 percent high risk
  • 28 percent of transactions were payments, with 3.7 percent high risk

“The media industry has the highest incidence rate of high-risk transactions due to the low authentication threshold – often only consisting of a username and password combination,” said Faulkner. “Such identities can easily be compromised due to using the same login credentials across websites and a significant number of data breaches exposing these login combinations.”

Mobile Represents A Quarter of All Activity in The Network

For the report, total mobile activity was also examined for the prevalence and break down of cyber threats. According to ThreatMetrix data, mobile represents nearly one-third of all activity on The Network. However, while cybercriminals target mobile, this channel still has much lower risk rates than desktop.

“As iPhone, Android and tablet usage continues to increase among consumers, mobile will represent an equal opportunity channel for cybercrime activity,” said Faulkner. “Cybercriminals always go where the money is and as more transactions turn to mobile, they will create new, sophisticated strategies to target this channel.”

The report found that while Android represents much higher percentage in terms of market and browser share, iOS (a combination of iPhone and iPad) generates nearly twice the number of payments, logins and authentications of all mobile operating systems combined. Specifically, 64 percent of mobile transactions are either iPhone or iPod transactions. Additionally, 48 percent of mobile attacks target iOS devices.

“ThreatMetrix Cybercrime Report: Q4 2014” Identifies Top Attacks by Transaction Type

Leveraging activity across industries, mobile and desktop, the report also identified the top attacks by transaction type and found spoofing, such as IP address, geolocation, identity and device spoofing to be the most common attack types across payments, account login and account creation attempts.

As a whole, cybercrime is a multi-billion dollar industry, which consists of organized cybercrime, nation states and cybercrimes. Given the widespread prevalence of cybercrime and no signs of slowing down, businesses need to place an emphasis on understanding the types of attacks that occur once identities are compromised. In addition, no business – no matter the industry or size – can afford to stand alone in the fight against cybercrime. Rather, businesses must leverage a global network of trust intelligence to assure they have the best resources available to differentiate between authentic and fraudulent transactions without disrupting the customer experience with added friction.

ThreatMetrix Resources

About ThreatMetrix

ThreatMetrix builds trust on the Internet by offering market-leading advanced fraud prevention and frictionless context-based security solutions. These solutions authenticate consumer and workforce access to mission critical applications using real-time identity and access analytics that leverage the world’s largest trusted identity network.

ThreatMetrix secures enterprise applications against account takeover, payment fraud, fraudulent account registrations, malware, and data breaches. Underpinning the solution is the ThreatMetrix® Global Trust Intelligence Network, which analyzes over 850 million monthly transactions and protects more than 210 million active user accounts across 3,000 customers and 15,000 websites.

The ThreatMetrix solution is deployed across a variety of industries, including financial services, enterprise, e-commerce, payments, social networks, government and insurance.

For more information, visit or call 1-408-200-5755.

Join the cybersecurity conversation by visiting the ThreatMetrix blog, FacebookLinkedIn and Twitter pages.

© 2014 ThreatMetrix. All rights reserved. ThreatMetrix, TrustDefender ID, TrustDefender Cloud, TrustDefender Mobile, TrustDefender Client, the TrustDefender Cybercrime Protection Platform, ThreatMetrix Labs, and the ThreatMetrix logo are trademarks or registered trademarks of ThreatMetrix in the United States and other countries. All other brand, service or product names are trademarks or registered trademarks of their respective companies or owners.

Media Contacts
Jaci Robbins
Tel: 408-200-5718

close btn