New Data from Arkose Labs Shows Increased Fraud Across All Industries Since Black Friday, with Gift Card Fraud and Account Takeover Attacks Surging
SAN FRANCISCO, Feb. 09, 2021 (GLOBE NEWSWIRE) -- Arkose Labs, provider of online fraud and abuse prevention technology, today released new data on the latest fraud trends that reveal a massive spike in fraud across all industries from Black Friday onwards. As consumers continue to flock online in droves greater than ever before, credential stuffing, account takeover (ATO) attacks and gift card fraud are poised to be top attack vectors in 2021.
“2021 remains full of unknowns, however what’s certain is the frequency and severity of fraud will never return to pre-pandemic levels,” said Vanita Pandey, VP of Marketing and Strategy at Arkose Labs. “With digital channels serving as an invaluable lifeline for much of the world, the Arkose Labs network saw 4 times as many transactions compared to the year prior. This increased activity has created an ideal breeding ground for attacks as fraudsters work to blend in with trusted users, rendering typical models of good versus bad user behavior obsolete.”
The Black Friday Effect and Gift Card Fraud
Also during the holiday season this year, electronic gift card fraud ran rampant. Fungible and difficult to track, gift cards provide fraudsters with quick money and generally easy getaways. In Q4 of 2020, fraudsters used botnets to brute force attacks on gift card websites by testing thousands of card number and PIN combinations per minute. Bots and sweatshops were also used to continually check the card balances and redeem them.
Credential Stuffing and New Attack Types
Hybrid attacks also increased in Q4 of 2020, with bots being used to launch large-scale, low-reward attacks requiring brute force and humans supplementing attacks in which more nuance is required.
Geographical Fraud Trends
Asia returned to the forefront of attacks, accounting for 50% of all attacks, with top attacking countries from this region including Vietnam, India, Indonesia, Thailand and the Philippines.
Europe also had another busy quarter for attacks, as many major countries returned to lockdowns, spurring on incentives to carry out fraud. 52% of all EU-based attacks originated from Russia, however non-typical fraud nations like the Netherlands, Germany, Ukraine and Turkey also joined in. In terms of human-driven attacks, Russia also topped the leaderboard, followed by the United Kingdom.
“Looking ahead, we can expect to see high levels of credential stuffing continue as fraudsters test stolen credentials to repeatedly launch ATO attacks. As more consumers engage with digital commerce, companies will offer more promotions to remain competitive, which in turn will lead to fraudsters opening even more new accounts at scale in order to take advantage of these promotional efforts,” said Pandey. “Fighting fraud may be more complicated than ever, but with the right approach and tools businesses have a timely opportunity to stop fraudsters in their tracks, while at the same time maintaining a great digital experience for their customers.”
The Q1 Arkose Labs Fraud and Abuse Report is based on actual user sessions and attack patterns that were analyzed by the Arkose Labs Fraud and Abuse Prevention Platform from October to December 2020. These sessions, spanning account registrations, logins and payments from financial services, ecommerce, travel, social media, gaming and entertainment were analyzed in real-time to provide insights into the evolving fraud and risk landscape. Unsophisticated bot attacks don’t result in a user session and thus have not been included in this report. The report focuses on attacks from fraud outlets that combine state-of-the-art technology with stolen identity credentials and human efforts.
To access the full Q1 2021 Fraud and Abuse Report, please click here.
To learn more about Arkose Labs and its Fraud and Abuse Defense Platform, visit www.arkoselabs.com.
About Arkose Labs:
A photo accompanying this announcement is available at https://www.globenewswire.com/NewsRoom/AttachmentNg/79e320f6-a05d-4967-80cb-e39deb3692c0