More Bots, Fewer Humans Attacking Financial Services Orgs

Financial services organizations saw a 28% increase in automated bot attacks and 28% drop in human-initiated cyber-attacks over the first six months of 2021 compared to the same time period last year, according to a new report from LexisNexis Risk Solutions.

Across all industries globally, bot attacks – which typically mass-test stolen identity credentials on a particular use case and originate from a machine or series of machines, according to the report – rose 41% year-over-year in the first half of this year. Human-initiated attacks on individual online transactions, which typically return full digital identity profiling data, fell 29% across all industries globally during the same time period, the report said.

The report also revealed that financial services organizations have continued to see the highest payment transaction attack rates than any other industry. LexisNexis Risk Solutions recorded payment transaction attack rates in financial services for the first half of 2021 as 3.6% for desktop transactions, 3.6% for mobile browser transactions, 1.3% for mobile app transactions and 2.9% for overall transactions. “Desktop and mobile browser transactions are targeted at a significantly higher rate than mobile app transactions, with fraudulent payment representing a significant opportunity for fraudsters to cash out or move money across mule accounts in the financial services ecosystem,” the report stated.

Outside of payment transactions, however, the financial services industry saw low overall attack rates. The login attack rate sat at just 0.3% due to a high volume of regular transactions from trusted customers, the report said.

For its biannual report, “Redefining Trust and Risk: Adapting to a Post-Pandemic World,” LexisNexis Risk Solutions also tracked cyber-attack prevalence by region and at different points of the customer journey. While North America typically sees lower attack rates than other regions, a sharp increase in bot attack volume in the first half of the year (42%) and miniscule decrease in human-initiated attack volume (-1%) indicated growing fraud risk in the region. The attack uptick was “perhaps fueled by the further loosening of COVID restrictions for many states across the U.S. and Canada, with fraudsters hoping to capitalize on the more diverse consumer travel and spending footprint.”

The earliest point of a customer’s journey – new account creation – saw the highest attack rate across all industries globally from January to June 2021, with about one in 11 transactions representing a potential attack, the report said. The point of payment saw the highest volume of attacks compared to other touchpoints, with instances of bots targeting payment transactions (likely by testing stolen credit card credentials) rising 18% year-over-year.

At the login point of the customer journey, the first half of the year brought a 50% year-over-year increase in attempted account takeovers from automated bots, and a higher percentage of attempted account takeovers targeted the mobile channel (44%) compared to last year’s 36%. Of all the non-core points of the customer journey, password resets saw the highest attack rate during the first half of the year at 3.8%.

The report also discussed how new banking innovations are changing the threat landscape. For example, buy-now-pay-later transactions, which grew by 183% year-over-year and primarily take place on mobile devices, are leading fraudsters to seek avenues for exploitation, as “they can walk away with goods at either a fraction of the retail piece, or even zero cost,” the report said. The increasing popularity of virtual banks is also likely to be on fraudsters’ radar, with transaction volume growing 68% at virtual banks year-over-year during the first half of the year compared to 37% at traditional banks.

“Today’s report not only confirms cybercriminals’ reliance on automated processes, but also highlights that fraudsters are further establishing sophisticated and expansive networks to conduct fraud,” Stephen Topliss, vice president of fraud and identity for LexisNexis Risk Solutions, stated. “Explosive transaction and user growth rates in industry sectors such as virtual banks and buy now pay later are likely exposing emergent risks for these newer businesses as they grab the attention of fraudsters. The digital businesses that survive and thrive will be those that deploy layered cybercrime prevention solutions as they scale.”

The biannual report was an analysis of transaction data from the LexisNexis Digital Identity Network. It analyzed 28.7 billion transactions over the six-month period, an increase of 28% year-over-year that can be attributed to increased transaction volumes from existing customers and an increased customer base within the Digital Identity Network.