Online fraud trends released in wake of significant breaches

NuData Security today announced new threat intelligence that provides insight into the latest trends in online fraud. Trends NuData Security researchers have observed include:

Account takeover, in which fraudsters steal an established account with personally identifiable information (PII) attached to it, continues to beat credit card fraud. This continuing trend showcases fraudsters’ preference for account details beyond just credit cards.

NuData Security evaluated 5.1 billion behaviours in May through July. Of the over 500 million account creations analysed, more than 57 percent were flagged as high risk or fraudulent, compared to 28 percent in February through April.

Account creation fraud has increased by more than 100 percent since February 2015.
Nearly half of all account registration fraud attempted in May was tied to creating false accounts to deliver false product ratings.

NuData Security observed more than 270 million fraudulent or high-risk behaviour events in May through July. These events were assessed through the following behavioural biometrics and data points, including more than:

32.8 billion keystrokes
9.3 billion clicks
388 million unique email addresses
191 million unique IP addresses

A significant portion of attacks in the past three months originated from China and the United States, however, incidents were traced back to as many as 151 countries. The top six sources of malicious behaviour include:

United States
Saudi Arabia
United Kingdom

Unlike previous ecommerce industry breaches, recent attacks are growing in size and targeting more valuable PII, which may include information such as social security numbers and bank account information, among other data. A data breach has a ripple effect that reaches far beyond the breached organisation. Businesses must protect themselves from fraudsters who know more about their customers than they do. They must not only verify a user’s identity through PII, but must also verify that the behaviour behind the transaction is that of a valid user. This is where user behaviour analytics (UBA) play a vital role. Becoming complacent in an age of massive data breaches is both a financial and reputational hazard.

Michel Giasson, CEO, NuData Security, said:

“NuData Security is in a unique position to monitor key trends based on real-time analysis of fraudulent attempts at account creation, login and transaction. For organisations to protect their brand and users, they must figure out how to detect fraudsters utilising the increasing amount of stolen identity data. The good news is that harnessing the power of behavioural attributes and biometrics helps authenticate the genuine user. Behavioural analysis serves as a means of understanding how legitimate users truly act reducing the impact to victims of the data breach.”

To learn more about UBA, please watch:

To learn more about account takeover, please watch: