Data breach aftermath: recent online fraud trends to watch for

August 25, 2015 - 

This is a guest post by Ryan Wilk, director of customer success at NuData Security

Unlike previous ecommerce industry breaches, recent attacks are growing in size and targeting more valuable PII, which may include information such as Social Security numbers and bank account information, among other data. A data breach has a ripple effect that reaches far beyond the breached organization. Businesses must protect themselves from fraudsters who know more about their customers than they do. They must not only verify a user’s identity through PII but must also verify that the behavior behind the transaction is that of a valid user. This is where user behavior analytics play a vital role. Becoming complacent in an age of massive data breaches is both a financial and reputational hazard.

NuData Security’s research has uncovered the following trends in online fraud:

• Account takeover, in which fraudsters steal an established account with personally identifiable information (PII) attached to it, continues to beat credit card fraud. This ongoing trend showcases fraudsters’ preference for account details beyond just credit cards.

• Of nearly 500 million account creation events analyzed in May through July, more than 57 percent were flagged as high-risk or fraudulent, compared to 28 percent in February through April. Account creation fraud has increased by more than 100 percent since February 2015.

• Nearly half of all account registration fraud attempted in May was tied to creating false accounts to deliver false product ratings.

• NuData Security observed more than 270 million fraudulent or high-risk behavior events in May through July. The numerous events assessed included the following behavioral biometrics and data points:

o 32.8 billion keystrokes
o 9.3 billion clicks
o 388 million unique email addresses
o 191 million unique IP addresses

• A significant portion of attacks in the past three months originated from China and the United States. However, incidents were traced back to as many as 151 countries. The top six sources of malicious behavior include:

o China
o United States
o Saudi Arabia
o United Kingdom
o Malaysia
o Brazil

For organizations to protect their brand and users, they must figure out how to detect fraudsters who are using the increasing amount of stolen identity data. The good news is that harnessing the power of behavioral attributes and biometrics helps authenticate the genuine user. Behavioral analysis serves as a means of understanding how legitimate users truly act, reducing the impact to victims of data breaches.

DISCLAIMER: BiometricUpdate.com blogs are submitted content. The views expressed in this blog are that of the author, and don’t necessarily reflect the views of BiometricUpdate.com.

Leave a Comment

comments

About Ryan Wilk

Ryan Wilk is the vice president of customer success for NuData Security. Previously, he was manager of Trust and Safety at StubHub and spent eight years with Universal Parks & Resorts in various e-commerce roles. NuData Security predicts and prevents online fraud, protecting businesses from brand damage and financial loss caused by fraudulent or malicious attacks. NuData Security analyzes and scores billions of users per year and services some of the largest ecommerce and Web properties around the globe.