ThreatMetrix Predicts Mobile Transactions and Account Takeover Attacks Will be Easy Pickings for Cybercriminals This Holiday Season
Posted November 24, 2014
ThreatMetrix Outlines Cybercrime Predictions for the Upcoming Black Friday and Cyber Monday Holiday Shopping Days
San Jose, CA – November 24, 2014 – ThreatMetrix®, the fastest-growing provider of context-based security and advanced fraud prevention solutions, today announced cybercrime predictions for the upcoming surge in consumer spending surrounding Black Friday and Cyber Monday and the rest of the holiday shopping season.
According to the National Retail Federation, this holiday shopping season is expected to see a 4.1 percent increase in sales, climbing to $616.9 billion. Unfortunately, cybercriminals will be on high alert for holes in e-commerce sites’ cybersecurity, cashing in on the significant shopping surge. With new in-store technologies like Europay-Mastercard-Visa (EMV) and Apple Pay continuing to build momentum and cutting down point-of-sale fraud in store, e-commerce businesses need to be prepared for such technologies to push more fraud online and put preventative measures in place to protect against those risks.
To help retailers protect themselves and their customers leading up to the busiest days of the 2014 holiday shopping season, ThreatMetrix has outlined several predictions for the busiest shopping days of the year:
Transactions at the Table: Increase in Mobile Shopping Starting Early
Last week, the “ThreatMetrix Cybercrime Report: Q4 2014” found that mobile represents nearly one-third of all activity on The ThreatMetrix® Global Trust Intelligence Network (The Network). Combine that with the fact that Adobe has predicted the season’s lowest prices will pop up on Thanksgiving Day and consumers can expect to see a lot of mobile shopping taking place during their Thanksgiving feasts, spilling over into “Sofa Sunday.” This poses a huge opportunity for fraudsters because mobile users are more likely to store credit card data with retailers, a prime target for account takeover attacks. Another challenge is that retailers are more likely to reduce risk thresholds for mobile devices to avoid false positives.
“Cybercriminals follow the flow of money, and this Thanksgiving, a very high number of transactions will take place through mobile channels,” said Alisdair Faulkner, chief products officer, ThreatMetrix. “Unfortunately, it can be difficult for retailers to use IP geo-location data to ensure mobile transactions are authentic. Instead, retailers should try to leverage trust intelligence networks to recognize customers with good mobile purchasing history, and complement this with finer grained authentication intelligence available within a native mobile application. Retailers should also ensure that their mobile applications have not been injected by malware.”
Lump of Coal: Account Takeover in the Wake of High Profile Data Breaches
In the wake of the countless number of data breaches over the past year, hundreds of millions of user accounts have been compromised, from 40 million in the Target breach, to 60 million in the Home Depot breach to a whopping 1.2 billion stolen by a Russian cybercrime ring. These stolen identities will play a major role in the efforts of cybercriminals looking to cash in this holiday season through account takeover attempts.
Retailers must ensure they have a system in place to differentiate between trusted customers and fraudsters in real time by identifying suspicious login patterns, risky or compromised devices or devices disguising their geo-location. Additionally, putting high authentication requirements in place that don’t add friction to the user experience can successfully block cybercriminals without trapping trusted customers in the fraud net.
“Unfortunately, many consumers use the same login credentials across multiple websites, which means that when those credentials fall into the hands of cybercriminals through data breaches or malware, all of their accounts and likely all of their credit cards will be compromised,” said Faulkner. “This sadly means that cybercriminals this year could end up having the merriest holiday season of all.”
Last year, ThreatMetrix screened one in four of all U.S. e-commerce transactions the day after Thanksgiving to help retailers protect their customers from fraudsters through its global data repository, The Network, which analyzes more than 850 million monthly transactions, and protects more than 210 million active user accounts across 3,000 customers and 15,000 websites. The Network is the most comprehensive data repository of its kind, using its real-time analytics to evaluate logins, payments, new account registrations, remote access attempts and other transactions for validity.
- Press Release: ThreatMetrix Announces its ThreatMetrix Global Trust Intelligence Network Has Reached 850 Million Monthly Transactions
- eBook: ThreatMetrix Cybercrime Report: Q4 2014
- Whitepaper: Combatting Cybercrime – A Collective Global Approach
ThreatMetrix builds trust on the Internet by offering market-leading advanced fraud prevention and frictionless context-based security solutions. These solutions authenticate consumer and workforce access to mission critical applications using real-time identity and access analytics that leverage the world’s largest trusted identity network.
ThreatMetrix secures enterprise applications against account takeover, payment fraud, fraudulent account registrations, malware, and data breaches. Underpinning the solution is the ThreatMetrix® Global Trust Intelligence Network, which analyzes over 850 million monthly transactions and protects more than 210 million active user accounts across 3,000 customers and 15,000 websites.
The ThreatMetrix solution is deployed across a variety of industries, including financial services, enterprise, e-commerce, payments, social networks, government and insurance.
For more information, visit www.threatmetrix.com or call 1-408-200-5755.
© 2014 ThreatMetrix. All rights reserved. ThreatMetrix, TrustDefender ID, TrustDefender Cloud, TrustDefender Mobile, TrustDefender Client, the TrustDefender Cybercrime Protection Platform, ThreatMetrix Labs, and the ThreatMetrix logo are trademarks or registered trademarks of ThreatMetrix in the United States and other countries. All other brand, service or product names are trademarks or registered trademarks of their respective companies or owners.