Cyber criminals are using more complex methods to commit fraud by targeting online financial services and e-commerce websites, according to new research.
ThreatMetrix, a California-based company that analyzes and blocks cybercrime attacks in real-time, said it detected 122 million fraud attempts worldwide in the final three months of 2016, representing a 35 percent spike over the previous year.
Attackers are using increasingly sophisticated device-spoofing tools, malware and bots to make fraudulent transactions — in some cases employing a combination of “multiple vectors” that makes them harder to detect, according to the company’s report on cybercrime released this month. Eighty million cybercrime attacks last year used stolen or fake credentials.
The research is based on actual attacks attempted October through December of last year and detected by the company’s Digital Identity Network through “real-time analysis and interdiction of fraudulent online payments, logins and new account applications.”
The company says that it analyzes nearly 2 billion transactions monthly, nearly half of which are done using mobile devices, using hundreds of different factors like geolocation and behavioral analytics.
Criminals are targeting online financial services, online lenders and e-commerce retailers as global consumers become more reliant on digital systems to spend and manage their money, the report states. The company also detected an uptick in cross-border transactions, which it says are higher risk than those confined to a particular region or single country.
“Transaction volume is no longer regional, or even confined to country borders, but has rather exploded cross-border as the global village economy has really taken root,” the report states. “However, cross-border transactions are riskier than domestic ones; organizations must look for better ways to authenticate their user base on a global rather than regional scale.”
Recent high-profile breaches have raised concerns about the possibility of criminals stealing sensitive personal data and using it to commit fraud. Yahoo notified individuals of two separate breaches last year in which users had their personal information compromised, the latter of which affected over 1 billion accounts.