Report: Fraudsters’ Test Runs Surged in Q4 2015
Cybercriminals could be ramping up their attacks on financial services providers, according to evidence from a new study. The fourth quarter of 2015 saw a tenfold increase in “bot attacks”—essentially test attacks meant to gauge the security of targeted systems—according to the report by ThreatMatrix, a San Jose, Calif., cybersecurity company. Analyzing billions of transactions made through its Digital Identity network during the quarter, ThreatMatrix found 230 million instances of bot attacks—nearly 10 times more than during the previous quarter.
The surge in bot attacks is due partially to the migration to EMV, which increased security for transaction-level fraud, thereby resulting in a spike in account origination fraud—especially during the period leading up to the holiday season, according to the report. ThreatMatrix said it detected and stopped more than 21 million account creation attacks during this period, a 40 percent increase over the same period in 2014. The rise of mobile banking apps also played a role, with mobile transactions up 200 percent year-over-year—a rise driven primarily by an increase in account logins using mobile devices.
In the mobile sector, the most common type of attack was “spoofing”—attempts by fraudsters to impersonate a given mobile device. Spoofing is on the rise due to the prevalence of stolen identities and the availability of tools to enable spoofing. Other trends in cyberattacks targeting mobile include using unsecured wireless networks to intercept user credentials, encouraging users to download hacked versions of legitimate applications to deliver malware onto a device and intercepting personal information leaked inadvertently from legitimate apps, the report found.