February 14, 2017
In the fourth quarter of 2016, growth in fraud attacks outpaced growth in online transactions by 15 percent, according to a new report from antifraud technology provider ThreatMetrix. The company examined transactions across its network during that time period and said the number of attacks it stopped in real time (122 million) was 35 percent higher than in Q4 2015. It attributed the growth to an ongoing democratization of fraud-enabling tools that portends even more challenges for e-commerce merchants and other online financial services providers going forward.
“The growing sophistication of cybercriminals is evident in the evolution of attacks and the use of advanced tools, such as malicious programs, that allow criminals without technical skills to deploy computer ransomware or perform video or audio eavesdropping with a mouse click,” the authors wrote in the report. “This extends the reach of global cybercrime from the technical few to the non-specialized masses, scaling its growth exponentially.”
Specifically, ThreatMetrix found mobile and cross-border could become more problematic as more companies engage in delivering their products and services in those ways. Forty-five percent of all transactions crossing ThreatMetrix’s network in Q4 originated on mobile devices, making them a more inviting target for fraudsters. And, the company noted, cross-border transactions, which accounted for 25 percent of all transactions on the network, were rejected for suspected fraud twice as often as domestic transactions.
Other notable trends for e-commerce companies include a 134 percent increase in rejected account creations and a 51 percent increase in overall rejected transactions during the fourth quarter of 2016 compared to the same period in 2015. The company’s research also found that the average ticket value of a rejected transaction was twice as high as a legitimate one. And, finally, researchers identified Brazil as a growing source of fraud attacks, along with other emerging countries that might not necessarily be thought of as havens for cybertheives.