Payment transactions within the financial-services sector had the dubious distinction of having the highest rate of fraud attacks in the second half of 2020, according to latest Cybercrime Report from LexisNexis Risk Solutions.
Alpharetta, Ga.-based LexisNexis Risk Solutions says payment transactions in financial services had an attack rate of 3.6% in the latter part of 2020, compared with 2.3% in e-commerce and 1.8% among media. Attack rates measure the number of transactions that ultimately are deemed fraudulent. The analyzed data included 28.4 billion transactions from July through December.
Why were payment transactions for financial services so popular with criminals? “The payments use case offers the opportunity for a fraudster to ‘cash-out’ with access to funds, whether following an account takeover, via the movement of money through a mule network or following a fraudulent loan or credit card application,” Kimberly Sutherland, LexisNexis Risk Solutions vice president of fraud and identity strategy, says in an email to Digital Transactions News. “This is why it is a key risk point for financial services, along with the point of registration (e.g. new account registration/new loan application).”
Stepping back, however, reveals the widespread use of bots in many attacks. The number of human-initiated attacks fell from 679 million in 2019 to 495 million in 2020, a 27.1% decrease. But automated bot attacks increased 5% from 2 billion to 2.1 billion. And some segments experienced larger bot attack increases, Sutherland says.
“It’s interesting that while attack rates have fallen in general in the LexisNexis Digital Identity Network, the automated bot attack rate across e-commerce and media organizations has grown by 32% and 10% respectively,” she says. “This indicates that automation is one of the key attack methods of choice to test stolen identity credentials to maximize the success of future fraud attacks.” The Digital Identity Network is LexisNexis Risk Solutions’ repository of global shared data.
Within North America, the report found there were 105 million human-initiated attacks, a 37% decrease year-over-year, and 747 million automated bot attacks, a 1% increase. Not surprisingly, given the growth in digital transactions in 2020, 12.6 billion transactions were processed in the region, a 37% increase.
The report also shed light on different rates by generation of consumer. “Understanding the digital usage and fraud risks by user age groups highlighted several important findings for businesses,” Sutherland says. “While 2020 experienced a large influx of new-to-digital customers coming online, it was the under-25 age group, followed by the over-75 age group, that proved most vulnerable to fraud attacks.
“We most often think of these young adults as highly tech-savvy, but many also tend to be more relaxed in their usage patterns and willingness to share personal data. The over-75 age group faces a different challenge, as they are generally considered to be less familiar with the latest digital technologies, increasing their susceptibility to scams and phishing attempts. Fraudsters are opportunists, looking for the easiest targets. The paradox of why fraudsters choose to target the younger age group in proportionally higher volumes can perhaps be answered by the fact that higher success rates can offset the lower monetary gains.”