Fraud Attack Rates Rising 24%
has released new cybercrime insights from the first half of 2018,
revealing a sharp rise in fraud attack levels on mobile transactions. As
consumer behavior increasingly embraces mobile for virtually all online
goods and services, fraudsters are starting to close the gap on this
These latest findings are based on the analysis of 17.6 billion digital
transactions on the ThreatMetrix Digital Identity Network® during the
first half of 2018. The network also detected and stopped 361 million
cybercrime attacks in the same period.
Mobile Becomes the Go-To Digital Channel
The rise of mobile is undisputedly the key change agent in digital
commerce currently. According to ThreatMetrix data, in the last three
years the proportion of mobile transactions versus desktop has almost
tripled. Mobile transactions, which include account creations, logins
and payments, reached 58% of all traffic by the middle of 2018.
Mobile fraud rates have tended to lag behind the channel’s overall
growth, however in the first half of 2018 mobile attack rates rose 24%,
when compared to the first half of 2017. In the United States mobile
attack rates experienced a far higher growth rate of 44% for the same
Globally, one third of all fraud attacks are now targeting mobile
transactions. This means that although digital companies do need to
prepare for increasing attacks, mobile remains the more secure channel
compared to desktop.
Mobile offers organizations unique opportunities for accurately
assessing user identity, thanks to highly personalized device
attributes, geo-location and behavioral analysis. It offers strong
customer authentication options that require no user intervention,
including cryptographically binding devices for persistent
authentication (“Strong ID”). The number of Strong IDs for mobile
devices on the ThreatMetrix network has more than doubled in the first
half of 2018, improving both customer recognition rates and the efficacy
of identifying trusted transactions.
“Mobile is quickly becoming the predominant way people access online
goods and services, and as a result organizations need to anticipate
that the barrage of mobile attacks will only increase,” said Alisdair
Faulkner, Chief Identity Officer at LexisNexis Risk Solutions. “The good
news is that as mobile usage continues to increase, so too does overall
customer recognition rates, as mobile apps offer a wealth of techniques
to authenticate returning customers with a very high degree of accuracy.
The key point of vulnerability, however, is at the app registration and
account creation stage. To verify users at this crucial point,
organizations need to tap into global intelligence that assesses true
digital identity, compiled from the multiple channels that their
customers transact on.”
Financial Services Under Fire
Financial institutions were besieged with 81 million cybercrime attacks
in the first half of 2018 on the ThreatMetrix global network. Of these,
27 million were targeting the mobile channel as fraudsters turn their
attention to the success story that is mobile banking adoption.
Financial services mobile transactions are growing globally, with China,
South East Asia and India showing the strongest regional growth. This
indicates that the mobile channel is a key enabler for financial
inclusion in emerging economies.
Overall, the biggest threat in financial services comes from device
spoofing, as fraudsters attempt to trick banks into thinking multiple
fraudulent log in attempts are coming from new customer devices, perhaps
by repeatedly wiping cookies or using virtual machines.
Mule networks also continue to negatively impact the global banking
ecosystem, particularly as financial crime becomes an ever-more
sophisticated and hyper-connected beast. The challenge for financial
institutions is detecting mule activity even when individual account
behavior may not trigger red flags. ThreatMetrix is able to harness the
power of its global Digital Identity Network to help identify and block
potential mule networks before transactions are processed.
Booming bot attacks illustrate the spread of stolen data to emerging
Throughout the first half of 2018 there was an unprecedented spike in
the volume of bot attacks targeting digital transactions worldwide. The
ThreatMetrix Digital Identity Network registered a 60% spike in bot
attacks in the second quarter of the year, increasing from 1 billion bot
attacks in Q1 to 1.6 billion in Q2. The sheer volume of this automated
bot traffic impacts businesses worldwide because, without the correct
measures in place, this slows order processing times and the ability to
effectively identify good returning customers in real time. At peak
times, individual organizations report these attacks account for more
than half of all transactions.
Large retailers are the primary targets as fraudsters attempt to
infiltrate good user accounts and access sensitive personal data and
saved credit card information. A total of 170 million bot attacks came
from mobile devices in 1H 2018.
This bot traffic in the first six months of the year predominantly
originated from locations such as Vietnam and South Korea, illustrating
the global trend of stolen identity data disseminating to growth regions
and emerging economies.
Social networks are growing as gateway for cybercrime
Social networks and dating websites have the highest mobile footprint of
all industries, reaching 85% of total transactions and 88% of account
creations by the middle of 2018. This reflects usage patterns that
virtually eschew desktop interactions and prioritize mobile app
interactions. Given these sites’ often modest security requirements,
attack rates are high as hackers use these platforms to test stolen
identity credentials, as well as to steal sensitive personal data via
“Social networks are at risk of becoming a gateway to further organized
crime”, says Rebekah Moody, Director of Fraud and Identity at
ThreatMetrix. “Identity data is arguably as valuable a currency online
as hard cash. Fraudsters funnel towards the easiest target to help test,
augment and validate stolen identity data to make future attacks more
successful: in many cases this is social networks. These organizations
must start to deploy the same kind of defenses a user would expect
elsewhere online, without introducing unnecessary friction.”
Identity spoofing is widespread, with the ThreatMetrix Q2 2018
Cybercrime Report revealing this as the top attack vector (13.3%) for
this sector. IP spoofing is also prevalent, with
fraudsters—predominantly from Vietnam, Ghana, Nigeria, U.S. and
Philippines—using proxy servers to make it appear as though they are
actually based in locations close to their intended victims.
Key highlights from ThreatMetrix Q2 2018 Cybercrime Report include:
ThreatMetrix Digital Identity Network analyzed 8.3 billion transactions
in Q2 2018 and stopped 151 million cybercrime attacks in real time.
all eCommerce transactions are now cross-border, which is much higher
than other markets, and emphasizes the industry’s increasingly global
border eCommerce transactions are 69% more likely to be rejected as
fraudulent, however, demonstrating the challenge of accepting overseas
new eCommerce account applications are fraudulent, a 130% increase
compared to Q2 2017.
on financial services’ mobile transactions increased 33% year-over-year.
appears on the top five cybercrime attackers list for the first time