The pandemic, as well as users’ personal preferences, have helped enable the rapid emergence of digital payment applications and digital wallets, which compete with credit cards and cash as preferred payment options.
The growing popularity of digital wallets such as Google Pay, Samsung Pay and Apple Pay is making them a bigger target for malicious actors, according to a report from security analytics software specialist Cognyte.
The study, which collected and analyzed threat actors’ conversations about digital wallets from 2016 through 2020, found the number of threat actors’ interactions around the topic almost doubled from 2017 to 2018.
By 2019, this number grew by 456%, reaching 31,878 interactions and by 2020 it grew by another 292%, reaching 96,363 interactions.
Increase in Popularity and Threats
“The popularity of digital wallets and the continuous increase in their use makes them a popular target for threat actors,” explained Gilad Zahavi, senior director of cyber threat intelligence analytics at Cognyte. “As transactions move to the digital wallet, threat actors also shift their criminal activities to increase their chances for financial gain.”
Zahavi said in the first few months of 2021 the company observed more than 40,000 discussions about digital wallets on the dark web. Of those, 63% occurred on Telegram, 22% on dark web forums, 6% on Reddit, 4% on Discord and the rest were discussed on Twitter, markets and pastes.
“This indicates that as the use of digital wallets continues to grow, so does the interest of threat actors globally,” Zahavi said. “Based on our analysis, the presence of methods and tutorials on dark web forums and the growing interest in these discussions represent an evolution of the threat.”
For example, Cognyte identified an increase in the willingness of threat actors to break into digital wallets, from 27 publications in 2018 to 111 in 2019 and 641 in 2020.
Another growing trend the report unearthed was the sale of digital wallet vulnerabilities. For example, on one darknet market, an exploit for Apple Pay, Samsung Pay and Google Pay is offered for sale by a threat actor for $104.
Digital wallets are also vulnerable to phishing campaigns, although the study pointed out there still aren’t many interactions about these types of phishing campaigns on the dark web.
“It seems that, as of now, phishing on digital wallets is less common than phishing attacks elsewhere,” the report noted. “This could be explained by the amplified security on the different digital wallet apps.”
In addition, the fact that Samsung Pay and Apple Pay come preinstalled on new compatible devices, and because there is no web platform that can be manipulated, they are less susceptible to phishing attacks by default.
On the other hand, Google Pay, which is used through an app but is also available via a web interface, makes it more vulnerable to phishing and social engineering attempts, the report noted.
Zahavi pointed out, however, that digital wallet-related cybercrime is still in its infancy and expects attention on the market, and on technological vulnerabilities, to continue to grow.
“Our databases contain 93,363 publications related to digital wallets from 2020 and we anticipate this number will increase as the number of users around the world continues to grow,” he said. “It can be anticipated that digital wallet-related cybercrime will become as popular as other financial cybercrimes, with digital wallets becoming a prime target of different threat actors.”
Despite the growing awareness and adoption, nearly half of consumers either have not heard of these types of contactless payments or remain uninterested in them due to perceptions of value and security, according to a 2020 report from McKinsey.
In fact, even as adoption surges, the survey revealed more consumers are reporting a deteriorating perception of digital payments security over the past year than an improving one.
Most of the digital payment applications use tokenization, which adds a layer of security; the original number is replaced with a temporary number that is sent to the merchant. Digital wallets also use security protocols like two-factor authentication and one-time-use PINs.
Social media giant Facebook is also soon likely to launch a digital wallet platform called Novi, David Marcus, head of Facebook’s crypto unit, said in an interview this week with The Information.