- Volume of human-initiated attacks surged by 40%, while
automated bot attacks increased by 2%.
- Cybercriminals are utilizing remote scam centers based in
Southeast Asia to launch attacks
on consumers globally.
- Third-party account takeover is the most common
fraud classification reported by clients (29% of all
classifications).
ATLANTA, May 22, 2024
/PRNewswire/ -- LexisNexis® Risk Solutions today released the
results of its annual Cybercrime Report, an analysis of data from
92 billion transactions processed through its LexisNexis® Digital
Identity Network® throughout 2023. The report, Confidence Amid
Chaos, reveals a 19% year-over-year (YOY) increase in the
global human-initiated digital attack rate compared to the previous
year. Cybercriminals' expanding scale of activity is reflected in
the rising attack rate, particularly in ecommerce and across
North America.
The LexisNexis® Identity Abuse Index, which records the
percentage of attacks per day, shows that attack rates spiked at
both the beginning and end of 2023. A significant factor was that
North America's attack rate rose
to meet and then surpass that of Latin
America throughout the year.
The number of ecommerce transactions increased modestly by 7% in
2023, as rising interest rates and global inflation cooled consumer
spending. However, where consumers held back, fraudsters became
more active. The volume of human-initiated attacks surged 80% YOY,
resulting in an attack rate of 2.8% (up by 59% YOY). A key
component of this growth in attacks was fraudsters' focus on
account takeover of ecommerce accounts, with the attack rate at
login reaching 3.3% (an increase of 119% YOY).
Greater adoption globally of 3D Secure to mitigate the risk of
fraud from Card-Not-Present (CNP) transactions is just
one method businesses are employing to confront the heightened
threat posed by cybercriminals. Regulatory changes in specific
markets, such as establishing clearer liability frameworks, serve
as a model for enhanced global cooperation aimed at minimizing the
impact of digital activities carried out by criminals.
"Cybercriminals continue to increase the scale and complexity
of their illegal operations, with dedicated scam centers becoming a
permanent fixture to mount digital attacks on consumers
worldwide," said Stephen
Topliss, vice president of fraud and identity,
LexisNexis Risk Solutions. "While these scam centers
will continue to drive the threat of human-initiated attacks,
organizations cannot afford to be complacent about the growing
sophistication of bots, which can display more human-like behavior
to evade traditional prevention solutions. By focusing on
identifying advanced bots in real time, businesses can mitigate
their ability to create fraudulent accounts or test stolen login
credentials for future account takeover attacks."
Key findings from Confidence Amid
Chaos:
- Third-party Account Takeover Takes Top Spot – Third
party account takeover fraud was the leading type of
fraud reported by clients in 2023, contributing 29% of
fraud classifications reported, aligning with the
strong attack rate growth seen at account login in 2023 (up 18%
YOY).
- Human-Initiated Attacks Experience Rapid Growth – While
bot-initiated attacks maintained a steady 2% YOY growth to reach
3.6 billion, human-initiated attacks surged by 40% in volume to 1.3
billion.
- Remote Scam Centers Drive Fraud – Device
data, including high-altitude behavioral biometrics telemetry,
reveals that parts of South-East
Asia are established homes for dedicated remote scam
centers. Cybercriminals favor border areas in Cambodia, Myanmar and remote parts of Thailand, according to data from the Digital
Identity Network.
- New Challenges Confront Bot Attacks – Automated bot
attack rates remained steady in 2023, partly due to the threat
posed by advanced bot detection capabilities to this attack vector.
These capabilities involve detecting bot traffic that mimics the
locations of legitimate customers via IP proxies, along with
identifying abnormal timing of events and unusual on-page or in-app
behaviors. Businesses are increasingly employing proxy piercing
technology to break the anonymity of cybercriminals attempting to
conceal their behavior through the use of virtual private networks
(VPNs).
Download a copy of Confidence Amid Chaos: The LexisNexis®
Risk Solutions Cybercrime Report 2023.
Methodology
The LexisNexis Cybercrime Report analyzes
a subset of 92 billion transactions, excluding
non-transaction-based events such as feedback data and test
transactions, as well as transactions from organizations considered
outliers based on extremely high or zero recorded reject rates to
calculate overall transaction volumes globally and by region.
About LexisNexis Risk Solutions
LexisNexis® Risk Solutions harnesses the power of data,
sophisticated analytics platforms and technology solutions to
provide insights that help businesses across multiple
industries and governmental entities reduce risk and improve
decisions to benefit people around the globe. Headquartered in
metro Atlanta, Georgia, we have
offices throughout the world and are part of RELX (LSE: REL/NYSE:
RELX), a global provider of information-based analytics and
decision tools for professional and business customers. For more
information, please visit risk.lexisnexis.com and
www.relx.com.
Media Contact:
Ade O'Connor
+44 7890 918 264
ade.o'connor@lexisnexisrisk.com
View original content to download
multimedia:https://www.prnewswire.com/news-releases/lexisnexis-risk-solutions-cybercrime-report-reveals-19-annual-increase-in-global-human-initiated-digital-attack-rate-302149956.html
SOURCE LexisNexis Risk Solutions