Cybercriminals targeting fintechs: ThreatMetrix report

Cybercriminals attacked online lenders to the tune of one million hits and $10 billion in 2016 and there are likely to be more in 2017, the latest ThreatMetrix Cybercrime Report suggests.

Organized crime rings are targeting the financial services sector around the globe at an accelerated pace, with alternative lending seeing a 150 per cent increase since 3Q16. ThreatMetix’s Digital Identity Network analyzes roughly two billion transactions each month and detected 80 million attacks conducted with fake or stolen credentials last year in the financial sector.

“Due to its surge in popularity, and fast transaction cycles, online lending has become a prime target for cybercriminals,” ThreatMetrix vice president of strategy and product marketing Vanita Pandey said. “Online lenders are under increasing pressure to adopt smarter authentication methods that leverage real-time, behavior-based intelligence to accelerate genuine loans and prevent fraud.

“This is the only way to thrive in an increasingly competitive market.”

Criminals from emerging nations such as Brazil, Egypt, Ghana, Jordan, Nigeria, and Macedonia are behind much of the fraudulent activity, a mirroring of their growing role across all types of fraud. Significant increases also came from Tunisia, Ukraine, Malaysia, Bangladesh, Pakistan, Serbia, Morocco, Guadeloupe, Qatar and Cuba. Identity spoofing is the leading attack method.

“The fact that developing nations are becoming bigger players in the online fraud game demonstrates the spread of breached identity data to countries across the globe,” Ms. Pandey said. “One in four transactions in our network are now cross-border, illustrating a global village economy that’s continuing to make root. Global data breaches are making stolen identity data globally available via the dark web, and this information is traded by organized and networked crime rings.”

Other findings included:

  • The more than 121 million attacks which were detected and stopped in real time last year were a 35 per cent increase from 2015.
  • Attack growth outpaced transaction growth.
  • The rejected transaction rate increased 15 per cent.
  • 45 per cent of transactions were conducted on mobile devices, a rate increasing to 55 per cent in financial services.