Cybercriminals are driving up fraud levels to a record high by creating substantial armies of automated cyber robots – otherwise known as Bots. ThreatMetrix, The Digital Identity Company, has today released its Q1 Cybercrime Report revealing that 311 million Bot attacks were detected and stopped over a 90 day period.
Although around for some time, Botnet attacks have become more complex, sophisticated and harder to predict than ever before. In many cases, they are mirroring the activity of normal consumers transacting online – be that banking or online shopping. Alongside the loud and fast hacks we are now used to hearing about in the news, The ThreatMetrix Network is now also seeing ‘low and slow attacks’ that are designed to evade any protection measures in place, and appear more like normal user traffic. This is making it ever-increasingly difficult for businesses to distinguish between real customers and cybercriminals and leading to millions, if not billions, of pounds of lost business in the UK.
The UK, alongside Germany and the US, remains one of the most attacked nations in the world.
How are these armies created?
When fraudsters get a new list of user credentials from the dark web, they launch a series of massive credential testing sessions that cause huge transaction spikes over a couple of days. Once a successful hit is made, those curated lists of known password and login combinations are taken to other sites to launch slower velocity attacks, which are harder to detect. A staggering 264 million attacks were detected specifically across e-commerce merchants in this last quarter alone putting online shoppers and retailers hugely at risk of a serious breach.
“These attacks are particularly hard to detect because they aren’t always picked up by traditional rate control measures. Our normal lines of defense just aren’t working. Businesses need a smarter approach that can differentiate between a human and a bot the moment they start to transact,” commented Vanita Pandey, vice president, strategy and product marketing at ThreatMetrix.
“Consumer data is everywhere. Fraudsters can create pitch-perfect attacks because they know so much about us. Businesses must become smarter at detecting the full spectrum of possible attacks, from huge automated identity testing sessions, to advanced social engineering attacks that hijack individual accounts. This starts with really understanding the digital identities of consumers so that high-risk behaviour can be detected in real-time.”
New Forms of Identity and Credential Testing
In addition to botnets testing the validity of stolen identities, The Network is seeing new ways to test credentials obtained through the dark web. Online businesses are inadvertently providing a perfect way for fraudsters to anonymously test stolen payment credentials, such as credit cards, before making a big ticket purchase.
Industries with low digital sophistication are easy targets. ThreatMetrix detected a series of £5 payments made with stolen credit cards targeting the charity sector.
Identity spoofing was also a strong attack vector in the FinTech space with fraudsters using cloaking technologies such as proxies or spoofed locations to mask their true identities and locations. This has given rise to an increase in fraudulent new loan applications.
“The challenge for digital businesses today is that cybercriminals are becoming so sophisticated at building convincing identities using a jigsaw of stolen credential pieces, it is becoming harder than ever to distinguish them from legitimate customers,” continued Pandey. “It is only by looking holistically at the context of the transaction, along with all the information we know about the user, that organisations have the power to stop fraudsters in their tracks.”
Digital Identities, Powered by The Network
The ThreatMetrix Digital Identity Network analyses the myriad connections between a user’s devices, locations and anonymised personal information as they transact online. This builds a unique and trusted digital identity that fraudsters can’t fake. Leveraging the power of digital identities to establish trusted user behavior is the best way to authenticate user identity.
To learn more, download the “ThreatMetrix Cybercrime Report: Q1 2016” here.
