Cybercriminals Stepping Up Mobile, Bot Attacks

A new report by LexisNexis Risk Solutions shows a global, networked pattern of cybercrime that is further reflected in the mobile attack rate growth, which is heavily influenced by a global bot attack targeting mobile app registrations.

The cybercrime report covers July-December 2019 and shows how fraud increasingly has become borderless on a global scale. Cybercrime is a well-organized, global endeavor powered by networks of fraud.

While consumers enjoy access to goods and services from all over the world, fraudsters are able to harness stolen identity data to launch corresponding cross-border fraud attacks, according to the report.

LexisNexis’ Kimberly Sutherland

Kimberly Sutherland, LexisNexis’ vice president of fraud and identity management strategy, tells us there is opportunity for sharing confirmed fraud data in near real time to prevent or help reduce the number of fraud attacks that penetrate an organization.

“Overcoming the organizational and cultural challenges associated with creating regional or cross-industry shared intelligence will better equip these networks to counter networked cybercrime,” she said. “We have seen positive results when organizations work together to share fraud data and additional context on confirmed fraud attempts through our Digital Identity Network.”

Of the 19 billion transactions recorded by the Digital Identity Network in this six-month period, for the first time, mobile attacks outpaced desktop attacks, with a 56% growth in mobile attacks year over year.

“This is an important finding that we will continue to monitor in coming reports to determine if this will become a trend,” Sutherland said. “Despite this increase in volume, the overall mobile attack rate of 2.5% remains slightly lower than the overall desktop attack rate of 2.7%. Yet when we further analyzed this, our report showed that [the] mobile app attack rate is the lowest, at 1.9%, and mobile browsers are the highest at 4.2%.”

Key findings from the report include:

• Fraudsters are working in hyperconnected, global networks, targeting businesses across country borders and industries. In just one month, 73,000 devices associated with a fraudulent event at one organization were later recorded at another organization within the Digital Identity Network.
• Globally connected bot attacks target new account creations. During the six-month period, bot volumes saw strong growth from key regions, as fraudsters use automation to maximize success. Bot volumes can be very volatile given that one bot attack can represent millions of individual attacks.

The Digital Identity Network recorded strong growth in bot attacks from Canada, Germany, France, India and Brazil. Furthering the notion of fraud without borders, bots from Canada, France and Germany all targeted the same group of organizations, which were mainly in financial services and media.

“With bot activity expanding its focus beyond on account takeover (ATO) attacks at login, the fraud attack rate during new account creations is now at its highest rate of 17% — the most ‘at risk’ use case” Sutherland said.