Five cybersecurity facts from NuData’s Fraud Risk H1 2020 report

by Akshay Gopal on September 30, 2020

Few would disagree that 2020 has brought its challenges. NuData analysts closely monitor our data for online patterns and trends, and found some compelling changes over the first six months.

The COVID-19 pandemic has driven the fastest transition of customers moving to online transactions. As a result, we’ve seen an unprecedented surge in creativity of credential-stealing scams. Companies adapting their business models to enhance online servicing have to grapple with growing customer needs and more sophisticated attacks.

From January 1 to June 30, NuData analysts closely monitored global online changes and summarized the key findings to help make sense of what’s changing in the threat landscape. This article highlights five cybersecurity facts from the latest NuData report: 2020: H1 Fraud risk at a glance.

1. More attacks look like humans

96% of attacks on financial institutions were sophisticated – those that make an extra effort to emulate human behavior. Sophisticated attacks mimic human behavior. Bad actors continue their shift to more complex schemes, attempting to fool security tools that can only detect basic bot behavior. Financial institutions (FIs) receive the highest percentage of sophisticated attacks amongst all industries, with 96% in the first half of 2020, up from 90% in 2019. We expect to continue seeing human-looking attacks increase across all industries. As companies get wise to fraudsters and improve their bot-detection tools, fraudsters are forced to find another way in. Many are relying on more sophisticated attacks to help them access protected platforms.

2. Account creation attacks increased during the COVID-19 lockdowns

High-risk account creation attempts against a number of merchants increased 500% in the first half of 2020 after the lockdowns began. In this type of attack, fraudsters create new accounts to buy goods with stolen card information or buy sought-after and restricted goods at mass scale for later resale. In particular, from March to June, one in every two account creation attempts was flagged as high risk by the NuData platform.

Sponsorships Available

3. Chargeback dollar values more than doubled

In situations of crisis, chargebacks tend to increase across retail companies. Once the lockdowns began in North America, the average dollar value of a chargeback grew by 124% for in-store pickups, compared to the average value before the movement restrictions. Chargebacks from in-store pickups also grew in volume: more than 100% in April.

4. More attacks go mobile

Mobile is the most common device used for fraud. High-risk traffic grew by 55% from January to June 2020.

5. Account takeover is the most common attack across industries

Looking at attack types by industry tells us which are at higher risk. Account takeover attacks (ATOs) at login make up most of the attack traffic. This is unsurprising considering these attacks are deployed at a larger scale than others as login credentials are easier and cheaper to access than other types of user information.

Travel and retail received a wider variety of attacks, with travel showing an even distribution between attacks at login and checkout. During the lockdowns, these two industries experienced the biggest fluctuation, with travel attacks at checkout climbing to 58% of total high-risk events in February. Risky activity in retail account validation pages (pages where customers can access information such as booking info, number of reward points, order status, or account profile) reached 65% in March.

What the data tells us about fraud in 2020

With the world experiencing an overwhelming pandemic, businesses identified ways to increase their online goods and service delivery. Opportunistic fraudsters responded quickly as well. As we’ve seen, high-risk traffic at account-creation increased by 500% in the first half of 2020, primarily after lockdowns began. There were also many new users opening accounts, some of whom were vulnerable to fraud through their online inexperience.

Meanwhile, attackers increased their use of sophisticated techniques to increase the chances of high-value attacks, especially when targeting financial institutions. The inclusion of behavioral tools in the security strategy is helping companies detect fraud at every level, including human-looking attacks, to prevent these online threats.

The good news is that by analyzing individual attack vectors, companies leveraging NuData tools can find common patterns to help prevent future attacks. Many of them use IP addresses or devices linked to past malicious behavior – in this case, detected because the NuData Consortium leveraged the historical intelligence on those data points. This highlights the value of machine learning and a Consortium to recognize previously seen patterns in new attacks, as well as risky parameters.

Download 2020 H1 Fraud risk at a glance: NuData analysts dissect cybersecurity trends to read the full report.