February 13, 2018
Fraud attacks on e-commerce businesses during the holiday season grew significantly on a year-over-year basis, according to antifraud technology provider ThreatMetrix. The San Jose, Calif.-based identity company, in its Q4 2017 Cybercrime Report, said nearly 193 million transactions that crossed its network were fraudulent—a 173-percent increase from Q4 2016. Attack rates on e-commerce overtook those aimed at media companies for the first time in two years, the report said, driven by account creation and login attacks.
Higher data breach activity and a continuing shift in hackers’ focus from payment card information to email addresses, passwords and other personal information resulted in more attacks at the login level. According to ThreatMetrix, the attack rate of account creation fraud attempts (12.1 percent) more than doubled that of fraudulent account logins such as account takeovers (5.5 percent) and payments fraud (5.1 percent). More than 10 percent of new online accounts created at the e-commerce sites of ThreatMetrix merchants in Q4 2017 were fraudulent.
“The e-commerce industry has changed drastically over the past few years as consumer behavior has evolved from predominantly desktop transacting to highly mobile, cross-border behavior, with consumers holding a number of accounts and cards-on-file with a handful of chosen retailers,” the report noted. “The fraud targeting e-commerce retailers is therefore rapidly growing and evolving, with fraudsters targeting account takeovers to access sensitive personal credentials and saved credit cards. Attack rates went up across all use cases, especially for new account creations and logins.”