Rise in Cybercrime Calls for Global Shared Intelligence: Report

When LexisNexis Risk Solutions published its first Cybercrime Report in 2014, mobile transactions comprised just 25% of total transactions in the company’s Digital Identity Network. By the second half of 2021, that percentage had spiked to 75% – and a rise in mobile fraud came along for the ride, according to the latest Cybercrime Report that analyzed transaction data from July to December of last year.

The global volume of human-initiated attacks on individual online transactions, which typically return full digital identity profiling data, increased for the first time since 2019 in the second half of 2021, growing by 46% year-over-year. Sixty percent of human-initiated online attacks took place on mobile devices versus 40% on desktop, with the percentage of human-initiated attacks coming from mobile devices increasing 9% year-over-year. What’s more, the human-initiated mobile app attack rate shot up by 59% year-over-year, the report found.

High-velocity, automated bot attacks continued to grow but at a lower rate compared to the first half of 2021, growing 32% year-over-year globally compared to 41% in the first half of 2021. In the financial services sector specifically, bot attacks rose by 10% globally compared to 28% in the first half of 2021.

Despite the lifting of pandemic-related restrictions around the world in the second half of 2021, which enabled a return to in-person transactions, online transaction volume continued to grow, especially in financial services. Online transaction volume in the sector, which includes mobile and online banking; online money transfers; lending, brokerage and alternative payments transactions; and credit card issuance grew 52% year-over-year, according to the report.

Overall global attack rates across financial services were up 20% year-over-year in the second half of 2021 and up 41% during the six-month period compared to the previous six-month period, LexisNexis Risk Solutions found. By transaction type, new account creations saw the highest growth in attacks – up 73% year-over-year during the July to December period as fraudsters targeted fast and easy onboarding for digital banking, the report said. And while the mobile attack rate remained low compared to the desktop attack rate (2.8% versus 11.5% for new account creation attacks), the mobile attack rate across all financial services transactions grew by 26% year-over-year in the second half of last year.

The report also highlighted how just one fraudster can cause major damage to multiple organizations. For example, it said the Digital Identity Network detected one fraudulent digital identity that attacked 35 different organizations and had 580 events associated with it, including 100 attempted account creations, credit card applications and loan applications; 45 attempted ecommerce purchases; 12 attempted password resets and seven attempted changes to account details. This emphasizes the need for organizations to embrace global shared intelligence, the report said.

“It is time to unite in the fight against cybercrime. In a truly global digital economy, borders are no longer boundaries for trade or cybercriminals. It is more apparent than ever that fraud goes beyond single industries or countries,” Stephen Topliss, vice president of fraud and identity strategy for LexisNexis Risk Solutions, stated in a news release announcing the report. “For businesses to succeed in the digital world, they need to collaborate in the fight against fraud. This can be achieved by utilizing the power of a global anonymized digital identity network and through the establishment of more focused digital consortiums among industry peers.”

The report also warned of a rise in scam activity, especially in North America, with growing interest in cryptocurrency along with pent-up consumer savings, relief checks and an increase in online shopping during the winter’s Omicron surge fueling U.S. transaction growth – as well as new opportunities for scammers. It listed three types of scams that are growing in popularity:

• Government grant scams, where fraudsters ask for checking account information or a one-off processing fee to deposit “government grant” money into the victim’s account;
• Investment scams, a type of Authorized Push Payment scam, where the victim transfers money to the fraudster; and
• Crypto investment scams, which trick victims into investing in cryptocurrency with a promise of high returns but instead end with the fraudster disappearing with the invested money.

The report analyzed 35.5 billion transactions over the six-month period, an increase of 44% year-over-year that can be attributed to increased transaction volumes from existing customers and an increased customer base within the Digital Identity Network.

Download a full copy of the LexisNexis Risk Solutions Cybercrime Report here.