ThreatMatrix have developed a Digital IdentityNetwork that collects and processes global shared intelligence from millions of daily consumer interactions including logins, payments and new account applications. Using this information, ThreatMetrix creates a unique digital identity for each user by analyzing the myriad connections between devices, locations and anonymized personal information. ThreatMatrix use this Digital IdentityNetwork to distinguish between fraudsters and genuine customers.
ThreatMatrix have identified the main evolving attack vectors, as shown below:
Source & Copyright©2018 - ThreatMatrix
Using their real-time network ThreatMatrix are able to monitor the global progress and activity of cyberfraud today.
Cybercrime Report 2017
The 2017 report features global insights from the ThreatMetrix Digital Identity Network. Main findings included:
- Cybercrime numbers:
Source & Copyright©2018 - ThreatMatrix
- Trends and surprises
- Shifting regional trends: highlights how North America is primary attack destination, and how each region has different focuses
- Digital transactions continue to evolve. Static users transacting on a stationary device is a thing of the past. Organizations must align authentication and identity verification with a constantly mobile user base.
- Key attack patterns have emerged targeting new industries within the Network, these include:
- Propagating two-party rideshare fraud using a “fake driver” account to go with a “customer” using stolen credentials.
- A large number of suspicious transactions (account creations, logins and payments) coming from the same device using different email addresses, as fraudsters attempt to take out fraudulent shopping loans or hijack trusted user accounts.
- An increase in automated bot attacks targeting FinTech providers’ new account applications processes.
- Fraudulent new account creations and account takeovers on Gift Card websites as cybercriminals attempt to monetize stolen credit cards or steal account credits.
- More complex attack vectors are being used in four areas: Device Spoofing, Identity Fraud, Location Manipulation, and Threats/Bots
- Cybercrime attacks come from seven sources:
- Source & Copyright©2018 - ThreatMatrix
In 2017, some experts predict that cybercrime has led to as much as $1 trillion in global losses—a figure that ThreatMatrix believe could top $6 trillion by 2021.
In coming year
In 2018 ThreatMatrix are expecting:
- Evolving Consumer Behavior will Influence the Way Businesses Grow
- Mobile usage, across all use cases, will continue to grow and account for significantly more traffic than desktop transactions with peaks seen during evening “sofa-surfing” hours.
- Cross-border traffic will form a growing slice of key retailers’ digital commerce with other geographies looking to access deals or attempt to gain access to restricted goods / services, for example online gambling websites.
- Non-Traditional Gifting and 1-Click Payments Will Force Retailers to Better Balance Fraud and Friction
- Retailers will see a volume shift to non-traditional methods of purchasing and gifting, including gift cards/gift card trading, online subscriptions, travel bonuses etc. This move towards digital gifting along with the adoption of same-day shipping will better enable last-minute shoppers.
- Cyber Fraud and Financial Crimes Will Continue to Converge
- ThreatMetrix has seen fraudulent new account creations in financial services up 260% in two years (Q4, 2017); 2018 will see cyber fraud combine with traditional financial crimes, such as the use of “money mules.” This may take the form of fraudsters using automated bot attacks to apply for fraudulent loans or hijack existing accounts then transferring money to other countries.
- Digital-only and New Industries Will be Prime Targets
- Among those expected to face issues next year: peer-to-peer and sharing-economy platforms. Fraudsters are capitalizing on new platforms by monetizing credentials between fake driver/rider accounts in ridesharing and creating fraudulent new accounts for phony loan applications that they never intend to repay. The digital-only model of many of these companies make them particularly susceptible to fraud.
- Vulnerable Consumers Make Valuable Targets
- As online, and particularly mobile, banking continues to drive financial inclusion for the unbanked and underbanked population, cybercriminals will pounce on these fresh and potentially more vulnerable new consumers who are often less adept at spotting the clever nuances of social engineering and phishing attacks.
- Breached data will disseminate globally, sparking shifting attack originators
- Identity credentials will continue to be sold at bargain prices, causing breached identity credentials to appear in cyberattacks worldwide, including in growth economies and areas with fewer static identity verification services.
CTMfile take: Excellent report, essential reading. Real-time monitoring of digital IDs is becoming essential as cyber fraud and financial crime converge.
Cybercrime wave gathers force. Increases need for corporate treasury security and controls
Cybercrime is big business. It is costing consumers $110bn a year and affects almost 1.5m people a day, Symantec, the online security group, reported last year. Bank accounts are being compromised; credit card detai
4 cybercrime trends: data breaches up 86%, only 6% of data encrypted
2016 saw a huge increase in data breaches, which increased by 86 per cent compared to 2015, with almost 1.4 billion data records being compromised worldwide during 2016
‘Cyber Crime Assessment 2016’ report - UK losing the cybercrime arms race
Stronger partnership between law enforcement, government and business is essential to mimimise fraud but “Perfect security is almost impossible”