Cyberfraud and malware attacks are decreasing, but is this just the eye of the storm? With heavy shopping periods left in the year, cybercriminals are ready to strike again. Patrick Brusnahan reports

In the third quarter of 2018, a decline in fraud from the previous quarter was recorded. However, a sharp rise was expected on Black Friday and Cyber Monday in November. But at what level is the fraud threat currently?

How well do you really know your competitors?

Access the most comprehensive Company Profiles on the market, powered by GlobalData. Save hours of research. Gain competitive edge.

Company Profile – free sample

Thank you!

Your download email will arrive shortly

Not ready to buy yet? Download a free sample

We are confident about the unique quality of our Company Profiles. However, we want you to make the most beneficial decision for your business, so we offer a free sample that you can download by submitting the below form

By GlobalData
Visit our Privacy Policy for more information about our services, how we may use, process and share your personal data, including information of your rights in respect of your personal data and how you can unsubscribe from future marketing communications. Our services are intended for corporate subscribers and you warrant that the email address submitted is your corporate email address.

According to the RSA, there are a couple of trends of which the industry needs to be aware. Phishing accounted for 50% of all fraud attacks observed but the RSA in the third quarter. Furthermore, Canada, the US and the Netherlands were the three countries most targeted by phishing; overall, the three countries represented 69% of the total attack volume.

One in nine phishing attacks targeted organisations in Latin America. RSA detected 9,329 rogue apps which accounted for one-quarter of all fraud attacks in the third quarter of 2018. Fraud from mobile browsers and applications increased in the third quarter, accounting for 73% of total fraud transactions.

Year on year, fraud from mobile apps increased by 27%. In addition, RSA received nearly 5.5 million unique compromised cards in quarter three, an 8% increase from the previous quarter.

Target countries

Outside the top three target countries for phishing, or even just outside Canada, very few countries record figures over 1%. The top three countries remain the same from the second quarter of 2018.

In terms of phishing, Australia dropped out of the list of top 10 host countries, and China made its way back in, although only 2% of phishing attacks are hosted there. The US remains the top country, hosting 48% of phishing attacks last quarter.

Mobile browsers and applications have exceeded 50% of total transactions for over a year, holding at 55% in the third quarter of 2018. However, they also made up 73% of fraudulent transactions in the same time period. Year on year, fraudulent transactions on mobile applications increased by 27%, indicating the growing preference among fraudsters.

The biggest gap between the value of genuine and fraudulent transactions was recorded in Europe. Fraudulent transactions in Europe, on average, were 90% higher ($420) than the value of the average genuine transaction. Furthermore, there was a 7% increase in the value of the average fraudulent transaction globally.

What the RSA report shows is that much more needs to be done to protect consumers from fraud, especially on mobile platforms.

Cybercriminals and fraudsters are sneakily biding their time, but with Christmas coming in fast, they are set for a windfall if something is not done.

Trusted devices

Online banking payments are also a risk. While only 0.4% of legitimate payment transactions were attempted from a new account and a new device in the third quarter of 2018, 31% of the total fraud value came from this segment; this compares to 27% in
the second quarter and 22% in the quarter before that.

Overall, this means there has been a 71% increase in fraud occurring from a new account and new devices in terms of transaction volume. Almost 15% of fraud originates from trusted accounts and devices, a strong decrease from the 27% recorded in the second quarter.

Black Friday

Gabriel Hopkins, vice-president of fraud product management at Fico, says: “Black Friday and Cyber Monday will probably see record levels of payments fraud this year.” This is a startling statement, but has been predicted by many.

For a number of years, the Black Friday shopping period has been a goldmine for fraudsters.

Josh Gunnell, head of fraud and ID presales at TransUnion, adds: “Black Friday is touted as one of the biggest retail occasions of the year, marking the start of Christmas shopping and kicking off an end-of-year spending spree for many shoppers. But with the British Retail Consortium announcing that over 3,000 stores have closed in the past four years, it’s no surprise that it’s the online retailers that are striding ahead in the seasonal sales showdown.

“Of course, as the consumers move online, so do the fraudsters – and the holidays bring a host of opportunities as shoppers, often feeling rushed and in frenzy to bag the best bargains, find themselves unwitting victims, while fraudsters can hide among atypically high volumes for retailers.”

He continues: “Cybersecurity is in the spotlight during these frenetic few weeks – if a retailer’s website doesn’t have the correct encryption in place, then processes such as storing credit card details or simple one-click buying can leave the business exposed and the customer data vulnerable to theft. Plus, the social engineering tactics the fraudsters employ for those on the hunt for a bargain can often be quite inventive – so it’s more important than ever that businesses are educating their customers and alerting them to these threats.

“Earlier this year, CIFAS reported a huge annual increase of 49% in relation to identity fraud within online retail, which will be a key tactic during this period given the volume of transactions taking place. As fraudsters buy goods online using the victim’s name and bank details, they can often have them delivered to a different address, raising little suspicion at this time of gift-giving.

“Plus, some of the fraudsters will be bold in their approach – reportedly, in some cases, encouraging victims to take delivery of goods obtained fraudulently using their own details. They sign for the package, because it’s addressed to them, and then hand it over to a fraudster posing as a courier who delivered it in error. This is just one of many tricks that will be at play, so businesses need to be doing all they can to help consumers shop safely.”

With so many innovative fraud-reduction techniques on the market – biometrics, geolocation, encryption and many more – it is a shame to see fraud thrive in these times. What is very clear is that with scale comes risk. Black Friday is one of the most scalable purchasing periods on the planet, with what was once a US holiday translating worldwide. However, the fraud has travelled with it.