NuData Fraud Risk Analysis 2020
Attack Behavior & Financial Institutions
November 25, 2020
In this series, we cover the attack modes taken by bad actors to carry out fraud and the impact fraudulent activities have on different industries.
As computer trends and security heighten in sophistication, so too do the attacks leveled against them. Cyber-attacks are taking on more human-like qualities than their ‘basic-attack’ predecessors.
Basic attacks were a matter of volume that typically aimed to overwhelm servers and breach security protocols. In response, many online platforms began to increase their bots’ detection abilities. Recent attacks have therefore began taking on more sophisticated characteristic that emulate human behaviors that “display expected browser or application behavior,” running scripts in the environment to deceive.
The current war waging online is often lobbied against financial institutions (FIs). Sophisticated attacks against them have risen from 90% to 96% since 2019. To mitigate these attacks, FIs have invested heavily in curbing success rates among bad actors.
Besides FIs, there has also been a spike in more sophisticated travel related attacks, from 48% to 67% between 2019 and 2020. Bad actors are motivated by the wealth of personal information, primarily credit card data, that can be used to their advantage.
Each attack has its own characteristics, though there are clearly identifiable traits:
- High velocity scripted authorization-to-operate (ATO) with spoofing and consortium detection
- Scripted ATO with spoofing and consortium detection
- Scripted ATO with consortium detection
- Scripted ATO with high velocity traffic
- High velocity scripted ATO with consortium detection
Many attacks are flagged for their high velocity or through NuData’s Trust Consortium. Cross-checking data, such as IP addresses and device identifiers, help companies readily unmask attacks, even when it appears to occur from first time users.
One of the greatest avenues of use among attackers is account creation. Creating accounts for fraudulent use has increased drastically in wake of the pandemic, compared to this time last year. Fraudulent purchases with use of stolen credit cards, fake reviews, abuse of sign-up offers and checkout hoarding are common strategies used by bad actors.
How institutions, small businesses and other entities handle these cyber-attacks has the greatest of impacts on consumers. In the next part of our series: pandemic trends and their effects on industry.