Today it is revealed that cybercrime attacks have reached their highest-ever levels, both in the UK and internationally. ThreatMetrix®, The Digital Identity Company®, which monitors more than 24 billion online transactions each year, has seen a staggering 144 million attacks over the last 90 days. In the UK, attack levels have risen 150 percent since 2015 – reaching 20 million attacks by the end of the second quarter of 2017. However, it’s the fast-growing digital media industry, in particular, is taking the brunt of the latest criminal techniques emerging from the cyber underworld.
As new business models take the digital economy by storm, innovative methods of monetising stolen credentials found on the dark web are emerging, and cybercriminals are taking full advantage of the vulnerabilities within media sites and apps. The ThreatMetrix Q2 Cybercrime Report has revealed a 527 percent increase in new account origination attacks since 2015 in this sector.
With attack levels rising in the UK to an all-time high, cybercriminals are increasingly targeting: social networking sites, online dating, ridesharing apps, video-on-demand and media streaming organisations. This demonstrates the ability of cybercrime rings to evolve the nature of their attacks based on new consumer trends and behaviour.
Why have digital media sites become such a target?
The criminal potential of the most popular digital media sites comes off the back of their dramatic surge in popularity. Industry experts have reported that 2.8 billion (almost 40 percent of the entire population) are active social media users. One-quarter (25 percent) of the global population also stream and watch TV content via a laptop or mobile device*. Likewise the popularity of job marketplace sites, daily news digests and blogs have skyrocketed. Market research agency Mintel also predicted that the UK online dating market will grow from £165m to £225m by 2019**.
Fraudsters are capitalising on what are sometimes modest sign-up requirements and security features of some media sites to test stolen identity credentials and cultivate opportunities to monetise stolen credit cards. Cybercriminals are essentially looking to game the system, either by creating multiple free trials for content-streaming accounts or by selling accounts online at a reduced rate.
“One of the key trends we’re noticing is the complex, interconnected nature of attacks as cybercriminals use stolen identity credentials to cultivate lists, launch botnet attacks and compromise trusted user accounts,” says Vanita Pandey, vice president of product marketing and strategy for ThreatMetrix.
“Fraudsters see the potential of digital-first businesses such as ridesharing, social networking and video streaming where consumers are spending their time and money, and they want a piece of the pie,” adds Pandey. “With ridesharing apps, for instance, fraudsters are taking trips using stolen credit cards or breeding two-party fraud by using a fake driver account and ‘accepting customers’ using stolen credentials. Some cybercriminals are even leveraging ridesharing business models to create fake customer accounts and launder money via false insurance claims.”
ThreatMetrix Q2 2017 Cybercrime Report – download now
*Source: WeAreSocial/Hootsuite Digital Media Report January 2017
**Source: Mintel Global Dating Insights Report