UK retailers need to prepare for more cyberattacks this Christmas, according to digital identity company ThreatMetrix.
ThreatMetrix’s Q3 Cybercrime Report indicates that 2015 is likely to be known as the biggest ‘Cybercriminal Christmas’ so far. The study also reveals the latest trends across the global threat landscape and is created from data and analysis from the ThreatMetrix Digital Identity Network, which currently analyses more than a billion transactions across the globe every month.
Over the past 90 days, ThreatMetrix detected 45 million attempted attacks specifically targeting online retailers, representing a 25 percent leap from the previous quarter. This data strongly indicates that the final quarter of the year, in the run up to the festive period, is likely to see more attacks on online business than ever before.
The major shopping days between now and Christmas, including Black Friday on November 27 through to Cyber Monday on November 30, are expected to become a particular target for online criminals. According to analysts at IMRG, Black Friday will become the first ever £1bn shopping day in the UK (compared with £810m last year) with consumers spending £12,384 every second. The pressure on retailers is likely to continue right up to the January sales. Last year, ThreatMetrix saw 11.4 million fraudulent transaction attempts during the peak holiday shopping period and this year it is expected to be double the volume driven by the continued growth of digital commerce and the aftermath of the numerous breaches. This would represent millions in potential losses for UK business.
“The ultimate victims are the consumers whose digital identities are increasingly compromised with each subsequent breaches. Cybercriminals don’t sleep when it comes to attacks – the majority of the attempts we saw were in the e-commerce space and retailers must stay on their toes when it comes to protecting digital identities during what is sure to be the largest digital season to date for online and mobile transactions.”
These attacks were detected during real-time analysis and interdiction of fraudulent online payments, logins and new account registrations. E-commerce transactions consist of the following percentages and risks:
· 78 percent of transactions were account logins, with 5 percent high risk
· 21 percent of transactions were payments, with 3.2 percent high risk
· 1 percent of transactions were account creations, with nearly 7 percent high risk
In terms of cybercrime techniques, fraudsters are using bots and botnets to run massive identity testing sessions in order to penetrate fraud defenses.
Pandey said: “Botnets are the new data breach threat, as opposed to Advanced Persistent Threats (APT), which attack the network from the inside out; botnet breaches are targeting the outside-in via digital identities.
“We see very high daily traffic at leading retailers due to low frequency attacks using botnets designed to evade rate and security control measures and thus detection.”
Mobile usage has also increased at particularly a rather high rate in the recent months – more than 50 percent from this time last year. This trend is only expected to continue as devices become more widespread and smartphones more prolific.
Pandey explained: “As consumers increasingly turn to mobile devices often to make purchases on the move, they’re leaving digital footprints for the cybercriminals to exploit.
“The main concern we stress with our society’s mobile-dependence is being aware of your online persona – how much information you share online and where you share it – as seemingly unrelated data can provide very important insight into a person’s digital identity.”
How much do you know about 2015’s biggest data breaches? Try our quiz!
French bank BNP Paribas becomes first European bank to join JP Morgan's blockchain-based Onyx Digital…
US securities regulators may have refrained from enforcement actions against Elon Musk due to discouraging…
Biggest Russian mobile operator MTS begins selling discounted and second-hand smartphones as Russians hit by…
UK Information Commissioner's Office orders controversial facial recognition firm Clearview AI to delete data it…
Airbnb to pull out of China as ongoing zero-Covid policy places severe restrictions on domestic…