ThreatMetrix Q1 2018 report: key findings and analysis -TEISS® : Cracking Cyber Security
18 May 2018
TEISS meets with Alisdair Faulkner, Chief Products Officer at ThreatMetrix who explains some of the findings.
The ThreatMetrix Q1 2018 Cybercrime Report: Europe Deep-Dive – based on analysis of 1.9 billion digital transactions on the ThreatMetrix Digital Identity Network in Europe – reveals evolving attack trends and how they differ across the region.
Key findings from the report
- 80 million fraud attacks and 210m bot attacks originated from Europe in Q1 2018
- 58 percent of all transactions in Europe come from mobile devices
- Desktop transactions are twice as risky as mobile transactions
Alisdair explains that they’ve tracked trends across both e-commerce and financial services and in particular they’ve noticed the prevalence of automated, weaponised bot attacks in e-commerce.
Another trend is that new account origination fraud has moved predominantly to mobile.
Previously, Alisdair explains, people would sign up for a service primarily via a laptop – and approximately 1 in 10 would be done via a mobile device. This year that trend has shifted as 60 per cent of new account openings are now done from a mobile device, worldwide.
Also of interest: Claire Cockerton: the woman driving UK’s cyber innovation
Brazil and cybercrime
Regionally, a third of new account origination attacks are coming from Brazil. “So the Brazilians, just like in soccer, are outsizing their impact on identity theft and the monetization of identity theft,” Alisdair says.
He attributes this to growing prosperity and better connectivity in the region; fraudsters are moving up the food chain as they find more profitable ways to conduct fraud.
I ask whether we can actually attribute this criminal activity to Brazil. Alisdair is confident in their findings due to the strength of the technologies they use. ThreatMetrix uses different forensics techniques that are able to detect if someone’s using a VPN and can often pinpoint a specific provider, as well as looking beyond.
The onus, Alisdair says, is upon European digital businesses to invest in innovative, real-time security capabilities that are robust enough to withstand intense periods of attack.
Also of interest: The Netherlands – not the typical cybercrime suspect
Cybercrime and e-commerce
Alisdair states: “We hypothesize about what happens when fraud is not the 1 in a 100, but it’s the good transaction that’s the 1 in 100. How do we operate in that world? And unfortunately that’s what’s happening to a large majority of e-commerce sites or sites that use an e-mail address as a log-in credential.”
95 per cent of all the authentication attempts are from a bot using a stolen identity and it’s the 5 percent that’s your legitimate customer base. So how do you operate in that environment?
“The answer is you have to get very good at understanding the behaviour of those digital identities that are the good customers – where they transact, how they transact – because even if you successfully shut down every single automated attack, all of those accounts are compromised,” he explains.
So as an e-tailer competing with Amazon – what do you do? Do you introduce two factor authentication? Do you lock that account?
That’s where ThreatMetrix ID comes in. They help you differentiate between where your trusted users normally come from and specifically to account level, looking at how the user customer behaves, not just at the transaction level.
ThreatMetrix®, A LexisNexis® Risk Solutions Company, empowers the global economy to grow profitably and securely without compromise. With deep insight into 1.4 billion anonymized digital identities, ThreatMetrix ID™ delivers the intelligence behind 110 million daily authentication and trust decisions to differentiate legitimate customers from fraudsters in real time.