News Feed Item

ThreatMetrix: Rogue Cyber ‘Elves’ Poised to Drive the Biggest Online Attack Period to Date

Online retailers are expected to face enormous security challenges as they prepare for the biggest cybercriminal attacks to date. Early forecasts from retail analysts, including IMRG, have been predicting strong online sales during the 2017 Christmas shopping period, with a forecast that £20bn will be spent online during November and £7bn peak in online sales during the Black Friday spike. However, fraudsters have been busy preparing their armory and are expected to capitalise on this enormous amount of online spending in the run up to and surrounding Black Friday and Cyber Monday.

ThreatMetrix®, The Digital Identity Company®, which monitors and protects more than 24 billion online transactions each year, today reveals data that demonstrates online fraudsters have been gearing up for the festive period. By recruiting armies of fraudsters and developing new, sophisticated cybercrime techniques, they are expected to exploit the busiest online shopping period of the year. More than 50 million attacks will target businesses during the week of 20th November. With the average ticket size of fraudulent transactions being two-times that of a good transaction, these attacks represent a significant potential loss in revenue.

UK and European retailers in particular are being warned to be extra vigilant as these regions have become a hotbed of cybercrime, with online transactions 63 percent more likely to be fraudulent than in North America. The UK, France and Germany have consistently appeared on the “top 5 attack originator” list during the peak shopping period of Q4 (both in 2015 and 2016), and 2017 is expected to be no exception. ThreatMetrix estimates that approximately 50 million attacks will originate from these three countries in total this quarter. Around 15 million of these attacks will happen during the peak shopping period.

ThreatMetrix data demonstrates that some of the largest, high-profile data breaches across 2017 have caused significant spikes in the trading of personal identity data on the dark web, helping the preparations for a big ‘hit’ over the Christmas shopping period. Retailers preparing for this crunch period need a sophisticated way to recognise true customer digital identity versus fraudsters posing as individuals using stolen data.

Vanita Pandey, vice president of product marketing and strategy at ThreatMetrix comments, “Cybercrime continues to grow, with organisations being attacked more than ever before, fueled in large part by the proliferation of data breaches that continue to provide fresh identity data to exploit. Fraudsters are acting with haste, before data breaches are disclosed publicly, to test stolen credentials with a view to perpetrate large-volume attacks on digital businesses. In just the past 90 days alone, the ThreatMetrix Digital Identity Network detected 171 million attacks, which is a 32 percent increase since the beginning on 2017.”

The Creation of a Christmas Bot Army:

Bot activity has significantly intensified in the second half of this year across the ThreatMetrix Digital Identity Network®, as fresh data has been made available due to the recent major breaches. In the same way that retailers are bringing on supply staff to cover this busy shopping period, cybercriminals are creating armies of automated cyber robots (bots) to carry out large-scale attacks on businesses.

“We predict that the top retailers will sustain heightened attacks from bot operators, looking to test personal accounts. Over the next week, we are expecting approximately 5 to 8 million daily identity testing attacks,” Pandey continues. “By analyzing our most recent data, we can see that the scale of eCommerce attacks in the final quarter of 2017 is likely to surpass the entire attack number for all industries – including banking and media – during Q4 2016.”

In just the past 90 days:

  • 171 million attacks were registered this last quarter; around a 100-percent increase over Q3 2015
  • New account registrations are twice as likely to be fraudulent than trusted payments
    • Identity data has replaced credit card data as the key target for cybercriminals for long-term gain
  • 450 million bot attacks were recorded, with the majority focused on initial identity tests as well as automated attacks.
  • The EMEA region is a hotbed of cybercrime, with transactions 63 percent more likely to be an attack than in North America
  • Brazil emerged as one of the top attack originators, especially for new account origination attacks.

Coming at a time when millions of consumers are concerned about the downstream effects of major breaches, the Q3 Cybercrime Report examines attack patterns, which show increasingly dramatic spikes that can be correlated to high-profile data breaches.

ThreatMetrix Q3 2017 Cybercrime Report – download now

About the ThreatMetrix Q3 2017 Cybercrime Report

The ThreatMetrix Q3 Cybercrime Report is based on actual cybercrime attacks from July to September 2017 that were detected by the ThreatMetrix Digital Identity Network during real-time analysis and interdiction of fraudulent online payments, logins and new account applications.

About ThreatMetrix

ThreatMetrix®, The Digital Identity Company®, operates a global shared intelligence network to differentiate trusted customers from fraudsters. The ThreatMetrix Digital Identity Network® recognizes behavior and identities across 4.5 billion unique devices from 1.4 billion anonymized users worldwide. More than 5,000 businesses rely on ThreatMetrix as their decision engine to deliver a frictionless digital customer experience across all online transactions for increased profitability and security.

ThreatMetrix is recognized as the sole Leader in the 2017 Forrester WaveTM for risk-based authentication. Learn more at www.threatmetrix.com.

© 2017 ThreatMetrix. All rights reserved. ThreatMetrix and the ThreatMetrix logo are trademarks or registered trademarks of ThreatMetrix in the United States and other countries. All other brand, service or product names are trademarks or registered trademarks of their respective companies or owners.

More Stories By Business Wire

Copyright © 2009 Business Wire. All rights reserved. Republication or redistribution of Business Wire content is expressly prohibited without the prior written consent of Business Wire. Business Wire shall not be liable for any errors or delays in the content, or for any actions taken in reliance thereon.

Latest Stories
As you move to the cloud, your network should be efficient, secure, and easy to manage. An enterprise adopting a hybrid or public cloud needs systems and tools that provide: Agility: ability to deliver applications and services faster, even in complex hybrid environments Easier manageability: enable reliable connectivity with complete oversight as the data center network evolves Greater efficiency: eliminate wasted effort while reducing errors and optimize asset utilization Security: imple...
Mobile device usage has increased exponentially during the past several years, as consumers rely on handhelds for everything from news and weather to banking and purchases. What can we expect in the next few years? The way in which we interact with our devices will fundamentally change, as businesses leverage Artificial Intelligence. We already see this taking shape as businesses leverage AI for cost savings and customer responsiveness. This trend will continue, as AI is used for more sophistica...
In his Opening Keynote at 21st Cloud Expo, John Considine, General Manager of IBM Cloud Infrastructure, led attendees through the exciting evolution of the cloud. He looked at this major disruption from the perspective of technology, business models, and what this means for enterprises of all sizes. John Considine is General Manager of Cloud Infrastructure Services at IBM. In that role he is responsible for leading IBM’s public cloud infrastructure including strategy, development, and offering m...
Digital transformation is about embracing digital technologies into a company's culture to better connect with its customers, automate processes, create better tools, enter new markets, etc. Such a transformation requires continuous orchestration across teams and an environment based on open collaboration and daily experiments. In his session at 21st Cloud Expo, Alex Casalboni, Technical (Cloud) Evangelist at Cloud Academy, explored and discussed the most urgent unsolved challenges to achieve f...
In his session at 21st Cloud Expo, Raju Shreewastava, founder of Big Data Trunk, provided a fun and simple way to introduce Machine Leaning to anyone and everyone. He solved a machine learning problem and demonstrated an easy way to be able to do machine learning without even coding. Raju Shreewastava is the founder of Big Data Trunk (www.BigDataTrunk.com), a Big Data Training and consulting firm with offices in the United States. He previously led the data warehouse/business intelligence and B...
Recently, REAN Cloud built a digital concierge for a North Carolina hospital that had observed that most patient call button questions were repetitive. In addition, the paper-based process used to measure patient health metrics was laborious, not in real-time and sometimes error-prone. In their session at 21st Cloud Expo, Sean Finnerty, Executive Director, Practice Lead, Health Care & Life Science at REAN Cloud, and Dr. S.P.T. Krishnan, Principal Architect at REAN Cloud, discussed how they built...
The past few years have brought a sea change in the way applications are architected, developed, and consumed—increasing both the complexity of testing and the business impact of software failures. How can software testing professionals keep pace with modern application delivery, given the trends that impact both architectures (cloud, microservices, and APIs) and processes (DevOps, agile, and continuous delivery)? This is where continuous testing comes in. D
The “Digital Era” is forcing us to engage with new methods to build, operate and maintain applications. This transformation also implies an evolution to more and more intelligent applications to better engage with the customers, while creating significant market differentiators. In both cases, the cloud has become a key enabler to embrace this digital revolution. So, moving to the cloud is no longer the question; the new questions are HOW and WHEN. To make this equation even more complex, most ...
Blockchain is a shared, secure record of exchange that establishes trust, accountability and transparency across business networks. Supported by the Linux Foundation's open source, open-standards based Hyperledger Project, Blockchain has the potential to improve regulatory compliance, reduce cost as well as advance trade. Are you curious about how Blockchain is built for business? In her session at 21st Cloud Expo, René Bostic, Technical VP of the IBM Cloud Unit in North America, discussed the b...
SYS-CON Events announced today that Synametrics Technologies will exhibit at SYS-CON's 22nd International Cloud Expo®, which will take place on June 5-7, 2018, at the Javits Center in New York, NY. Synametrics Technologies is a privately held company based in Plainsboro, New Jersey that has been providing solutions for the developer community since 1997. Based on the success of its initial product offerings such as WinSQL, Xeams, SynaMan and Syncrify, Synametrics continues to create and hone in...
With tough new regulations coming to Europe on data privacy in May 2018, Calligo will explain why in reality the effect is global and transforms how you consider critical data. EU GDPR fundamentally rewrites the rules for cloud, Big Data and IoT. In his session at 21st Cloud Expo, Adam Ryan, Vice President and General Manager EMEA at Calligo, examined the regulations and provided insight on how it affects technology, challenges the established rules and will usher in new levels of diligence arou...
Nordstrom is transforming the way that they do business and the cloud is the key to enabling speed and hyper personalized customer experiences. In his session at 21st Cloud Expo, Ken Schow, VP of Engineering at Nordstrom, discussed some of the key learnings and common pitfalls of large enterprises moving to the cloud. This includes strategies around choosing a cloud provider(s), architecture, and lessons learned. In addition, he covered some of the best practices for structured team migration an...
The 22nd International Cloud Expo | 1st DXWorld Expo has announced that its Call for Papers is open. Cloud Expo | DXWorld Expo, to be held June 5-7, 2018, at the Javits Center in New York, NY, brings together Cloud Computing, Digital Transformation, Big Data, Internet of Things, DevOps, Machine Learning and WebRTC to one location. With cloud computing driving a higher percentage of enterprise IT budgets every year, it becomes increasingly important to plant your flag in this fast-expanding busin...
No hype cycles or predictions of a gazillion things here. IoT is here. You get it. You know your business and have great ideas for a business transformation strategy. What comes next? Time to make it happen. In his session at @ThingsExpo, Jay Mason, an Associate Partner of Analytics, IoT & Cybersecurity at M&S Consulting, presented a step-by-step plan to develop your technology implementation strategy. He also discussed the evaluation of communication standards and IoT messaging protocols, data...
Companies are harnessing data in ways we once associated with science fiction. Analysts have access to a plethora of visualization and reporting tools, but considering the vast amount of data businesses collect and limitations of CPUs, end users are forced to design their structures and systems with limitations. Until now. As the cloud toolkit to analyze data has evolved, GPUs have stepped in to massively parallel SQL, visualization and machine learning.