Overall fraud rates stabilized with fewer bot attacks; first-party fraud rose sharply and regional attack disparities persisted in the 2024 data.

Based on data of cybercrime attacks detected in its own customer ecosystem between Jan and Dec 2024*, a global risk data and analytics consultancy has released some data trends to the public.

First, the 2024 data showed a 15% rise in first-party fraud^, the most common type detected (36% of all reported fraud data) across the firm’s customer base.

reported fraud data) across the firm’s customer base.

Second, account takeover fraud was detected in 27% of all reported fraud in the customer base (down  by around 2% year-on-year), while scams, including authorized push payment fraud comprised 11% of cases (down from 16% in 2023).

Other findings
Third, 11% of password reset attempts in the 2024 data comprised a fraud attack, compared to 27% reset attempts comprising those initiated on a desktop computer. Also:

  • Compared to previous years’ analyses of the same nature, the data for 2024 showed signs of stabilization, involving a 1% increase in the human attack rate, and a 15% decrease in global bot attacks.
  • The attack rate on customers in the communication, mobile and media industry had increased by 15% year-on-year, while those in Financial Services had seen an 18% rise in automated bot attacks.
  • Regionally, customers in Europe, the Middle East and Africa had experienced the lowest regional attack rate at 0.6% of transactions, when measured via measurements of daily attack rates. Customers in Latin America had seen a sustained decrease in attack rate (1.6%) since the end of 2023, now putting this metric lower than that of customers in North America (2.2%). APAC customers had seen a rise in attack rate by 37%, comprising  1.5% of all transactions in the region.

According to Stephen Topliss, Vice President (Fraud and Identity), LexisNexis Risk Solutions, the firm disclosing its data analyses: “While many organizations have improved their defenses over the past few years, we also know that cybercriminals are embracing new innovative, AI-enhanced capabilities and we will likely see these extensively tested and executed over the coming months.”

*totaling around 104bn transactions including new account creations; logins and payments; and non-core transactions such as password resets and transfers.