Signal Sciences, the fastest growing web application security company in the world, today published The Rising Tide of E-commerce Fraud: Methods, Patterns, and Defensive Measures retail and e-commerce report. Signal Sciences inspects over 70 billion web requests and blocks over two billion web attacks for customers operating e-commerce sites. For this report, the company analyzed 4.9 million web attacks over a five-month period from June 1 to October 31, 2019 to identify significant trends and patterns in e-commerce fraud.
This press release features multimedia. View the full release here: https://www.businesswire.com/news/home/20191120005297/en/
The Rising Tide of E-Commerce Fraud – Methods, Patterns, and Defensive Measures (Graphic: Business Wire)
With annual sales projected to reach over $630 billion by 2020, online retailers are a rich target for hackers, so much so that annual losses are estimated at $12 billion. And with holiday sales representing nearly 20 percent of the years’ sales for retailers, hacks and breaches can be especially painful during this time of year when businesses are most dependent to reach profitability and build a healthy balance sheet.
The report aims to help online retailers take more effective, proactive countermeasures to prevent web attacks and protect their business. Through in-depth research, the study found the following key insights:
- On average, a typical medium to large scale retailer serving web traffic of roughly 3 billion requests per month experiences 206,000 web attacks monthly.
- Attacks tend to spike on day 15 and day 30 of the month, as well as on weekends, following the tendency of consumers to shop on paydays and on their days off.
- The most common types of attacks include account takeovers (29.8 percent), bot impostors (24.1 percent), cross-site scripting (8.7 percent), SQL injection (SQLI) (8.2 percent) and backdoor file attempts (6.4 percent).
- The largest number of malicious web requests originate from the U.S., followed by Indonesia, Malaysia, India and Brazil. Malicious web requests stemming from the U.S. utilized advanced attack tooling and were more widely distributed.
For more details, please download the full report here.
The findings in this paper are drawn from analysis of anonymized web traffic directed at actual retail e-commerce apps, APIs, and microservices in the e-commerce vertical. This report summarizes a sample of 4.9 million indicated web attacks over a five-month period from June 1 to October 31, 2019. These web attacks are identified from events where the source IP address of a web request crossed a defined attack threshold volume.
About Signal Sciences
Signal Sciences is the fastest growing web application security company in the world. With its award-winning next-gen WAF and RASP solution, Signal Sciences protects over 28,000 applications and over a trillion production requests per month. Signal Sciences’ patented architecture provides organizations working in a modern development environment with comprehensive and scalable threat protection and security visibility. The company works with some of the world’s most recognizable companies, like Under Armour, Adobe and WeWork, across industries, including five of the top e-commerce companies, five of the largest software companies, in addition to many others in the financial services, retail, healthcare, media and entertainment, and government sectors. Signal Sciences is also the recipient of InfoWorld’s Technology of the Year and Computing’s DevOps Excellence Award for Best DevOps Security Tool. For more information, visit Signal Sciences or follow @SignalSciences.