ThreatMetrix report reveals interesting data

A new report released by cybercrime prevention company ThreatMetrix suggests most online activity is on the rise, whether that be of the positive or negative variety.

ThreatMetrix analyzed nearly five billion third quarter transactions, stopping 130 million attacks in real time. That is close to a 40 percent YOY increase. Mobile transactions rose nearly 50 percent to account for 43 percent of total network traffic.

Cross-border transactions are also on the rise, ThreatMetrix reports. Accounting for 20 percent of transactions in the ThreatMetrix Digital Identity Network, this type is 70 percent more likely to be conducted by bots than domestic ones, making them more risky. In fact, their rejection rate is double that of domestic transactions because of customs rules in different countries.

ThreatMetrix reports ten percent of new account creations are rejected, an indication of the widespread use of stolen identities. Those identities are cobbled together from data acquired through several breaches and then resold.

Attacks are constantly becoming more complex, ThreatMetrix vice president of strategy and product marketing Vanita Pandey said.

“Attacks have evolved from being one-dimensional with a singular purpose to being a Frankenstein’s monster of attack vectors,using bots, social engineering and remote access stealth in various combinations.

“Identity data is the critical currency for perpetuating online fraud. While these attacks are multi-faceted, global and ever evolving, they have a singular focus – stealing, validating, augmenting and selling identity credentials to make future attacks more lucrative.”

Different industries were parsed, with interesting details revealed.

On occasion, bot attacks in e-commerce can surpass legitimate traffic. Last quarter 76 million e-commerce transactions were blocked, a record high that was 60 percent higher than 3Q15. Attacks on logins (30 percent) and payment transactions (70 percent) also rose substantially.

Financial services transactions are increasingly being completed on mobile devices, with more than half originating from mobile devices for the first time. Payment transaction attacks surged, as did login attacks following a large bot attack on a single online lender.

Digital media and social network attacks are common due to their perception as easy targets. At times bot traffic can account for more than 90 percent of transaction volume and close to one in five third quarter transactions being attacked. New account creation attacks nearly quadrupled, but rejected transactions also rose by 80 percent.