Twitter
Facebook
Linked In
RSS
Login or Register
New to InternetRetailing?
Register Now
Internet Retailing
You are in: > Home > Themes

This is your 1 complimentary article for this month

Become a member for unlimited and immediate access.


Register
Already a member? Log in here

Apps and eCommerce sites become key targets for new account creation bot attacks, according to new report

Linked InTwitterFacebookeCard
Sign-ups and sign-ins now the weak point for m- and e-commerce sites
Sign-ups and sign-ins now the weak point for m- and e-commerce sites
Sharelines

Sign-up pages to ecomm sites and apps are the new point of attack for cybercriminal bots, study shows

Based on data from 16.4 billion transactions, analysis reveals a 171% year-on-year growth in new account creation bot attacks that targeted e-commerce. These attacks are found most often in online marketplaces, virtual gift card companies and ridesharing sites.

 

The retail industry is increasing the number of offers, discounts and free trials in order to compete in what has become a very crowded marketplace – but this is presenting many opportunities for fraudsters who are illegally signing up for – and then selling on – free trial accounts, taking advantage of discounts and promotions, or making payments with stolen credit cards in newly created accounts.

 

To add to the complexity, 44 % of all e-commerce transactions were found to be cross-border, demanding a global view of digital identity and fraud risk.

 

The LexisNexis Risk Solutions study – 2019 Cybercrime Report, January – June 2019 – shows that driving sign-up to sites and apps, which is now a key strategy for many retailers wanting to build relationships with shoppers, is a new on-ramp for cybercrime and their bots.

 

The study finds that fraudsters have shifted bot attacks to target new account creation transactions – which is the only transaction use case that recorded a growth in attacks during the first half of the year. Fraudsters are using these new account creation attempts to test, validate and build online identities for financial gain.

 

Within media, for example, bot attacks targeting new account creations saw a 65% increase in just six months; The Digital Identity Network revealed a number of bonus abuse attempts where fraudsters attempted to sign up for a number of new accounts in order to capitalize on free trials and streaming bonuses to sell for profit.

 

E-commerce companies also saw bot attacks on new account creations increase 305% and were most prevalent in online marketplaces, virtual gift card companies and ridesharing sites.

 

While mobile continues to prove more secure than desktop, fraudsters are seeing new mobile account creations and app registrations as opportunities to intercept one-time passcodes to fraudulently register mobile apps.

 

This provides fraudsters with a wealth of personal information and bank account access. Globally, attacks on mobile apps rose 148% in six months and are skewed towards media organizations, particularly social media and gaming/gambling organizations, where bad actors register for new player bonuses to sell for profit.

 

“Fraudsters no longer operate in silos, they are attacking across industries and organizations," says Rebekah Moody, director of fraud and identity at LexisNexis Risk Solutions. “As seen by a detailed example in the report, one fraudster can carry out a large number of transactions against a series of global organizations using a single mobile device.

 

“In the end, corporations benefit the most when fraud defence platforms include a multi-layered approach that comprise digital identity intelligence, physical identity and authentication capabilities,” continues Moody. “This approach, when executable in near real-time and touching the entire customer journey, extends beyond detecting complex fraud – it also allows for more streamlined regulatory compliance processes and reduces friction across the customer experience.”

Linked InTwitterFacebookeCard
Add New Comment
LoginRegister

The InternetRetailing Newsletter

A curated update containing news analysis, reports, podcasts and opinion - completely free and delivered three times weekly

Become a Member

Create your own public-facing profile
Gain access to all Top500 research
Personalise your experience on IR.net
Internet Retailing
We are the magazine, portal and research source for European ecommerce and multichannel retail, hosting the board-level conversation for retailers, pureplays and brands across all of our platforms. Join the conversation.

© InternetRetailing Media

Latest Tweet

Internet Retailing
Tamebay
eDelivery
Twitter
Facebook
Linked In
Youtube
RSS
RSS
Youtube
Google
Linked In
Facebook
Twitter