Mobile browsers fraud threats did not rise much in the last half of 2019, but mobile apps attacks rose by 171%.
Fraud has increasingly become borderless on a global scale: cybercrime is a well-organized, global endeavor powered by networks of malicious actors.
This global, networked pattern of cybercrime is further reflected in annual mobile attack rate growth, which is heavily influenced by a global bot attack targeting mobile app registrations.
According to information solutions specialist LexisNexis, fraudsters are migrating attacks to exploit the mobile channel: of the 19 billion transactions recorded by the LexisNexis Digital Identity Network in a six-month period, for the first time, mobile attacks outpaced desktop attacks, with a 56% growth in the mobile attack rate year-over-year.
In its recent Cybercrime Report covering July 2019 through December 2019, it was noted that fraudsters are taking advantage of the rapid expansion of cross-border e-commerce to harness stolen identity data to launch corresponding cross-border fraud attacks.
Here are some key findings from the LexisNexis Risk Solutions Cybercrime report:
- Global networked fraud
The threat of networked cybercrime grows daily. Fraudsters are working in hyperconnected, global networks, targeting businesses across country borders and industries. In just one month, 73,000 devices associated with a fraudulent event at one organization were later recorded at another organization within the Digital Identity Network.
All of the fraud networks identified in the recorded period involved organizations from more than one region and more than one industry. This confirms the global nature of networked fraud and illustrates how cybercriminals launder the proceeds of their crimes throughout the digital economy for maximum financial gain.
- Globally-connected bot attacks target new accounts
Over the period examined, bot-activity volumes saw strong growth from key regions, as fraudsters use automation to maximize success. Bot volumes can be very volatile given that one bot attack can represent millions of individual attacks. Analyzing regional growth provides an alternative view of attack growth targeting specific industries and regions.
The Digital Identity Network recorded strong growth in bot attacks from Canada, Germany, France, India and Brazil. Furthering the notion of fraud without borders, bots from Canada, France and Germany all targeted the same group of organizations, which were mainly in financial services and media.
- Growing mobile attack rate
While attack rates targeting desktop transactions (2.7%) and mobile transactions (2.5%) were almost identical, the mobile attack rate grew 56% while the desktop attack rate fell 23%, confirming the growing shift toward mobile fraud.
Within the mobile space, there were also nuanced differences between browser and app attacks. Mobile browser transactions were attacked at a higher rate—4.2% compared with 1.9% for apps—but mobile app transactions realized a greater growth in attack rate, up 171% compared with a steadier growth rate of 14% for browsers.
The report noted that sharing information about known fraudsters across industries and geographies is more important than ever. Businesses can combat networked fraud by utilizing solutions like specialised information-exchange networks and consortia to share intelligence related to cybercrime.
Said Rebekah Moody, director of fraud and identity, LexisNexis Risk Solutions: “The ability to harness intelligence related to devices, location, identity and behavior to combat fraud is critical, given the globally connected fraud that permeates the global digital economy. Today, fraudsters are able to attack with unprecedented ease and speed and it is not enough for businesses to focus their fraud mitigation efforts on individual attacks. To mitigate the hyperconnected nature of global cybercrime, businesses need access to a shared view of risk that can operate across channels, across industries and across country borders.”
The layering of next-generation fraud defenses creates the opportunity to slow the onslaught of cybercrime, continued Moody. With tools like behavioral biometrics, consortium-based data sharing, bot data management and risk intelligence signals, the necessary innovations to help organizations stay ahead of fraudsters are already available. “Now more than ever, it is necessary for businesses to implement these advanced global solutions that can truly prevent the evolving nature of fraud.”