Account takeover, long the scourge of retailers and businesses, remained the top fraud type in 2023, according to the latest data from LexisNexis Risk Solutions.
Released Wednesday, the “Confidence Amid Chaos” report found 28.7% percent of fraud in 2023 was third-party account takeover. That was followed by scams and bonus abuse, each at 16%, and first-party fraud, 14.6%.
Across all activity, however, human-initiated attacks increased 19% globally in 2023 over 2022. The expanding scale of criminal activity is reflected in the rising attack rate, particularly in e-commerce and across North America, LexisNexis Risk Solutions says.
These attacks ballooned in North America last year, as the volume increased to 692 million attacks, a 66% year-over-year growth. Automated bot-attack volume, at 1.7 billion, decreased 4% year-over-year.
“Cybercriminals continue to increase the scale and complexity of their illegal operations, with dedicated scam centers becoming a permanent fixture to mount digital attacks on consumers worldwide,” Stephen Topliss, LexisNexis Risk Solutions vice president of fraud and identity, says in a statement.
LexisNexis Risk Solutions also emphasized that remote scam centers are driving much of this activity. In North America, in 2023, it noted high payment attack rates from Vietnam, Mexico, and China on e-commerce businesses.
“Device data, including high-altitude behavioral biometrics telemetry, reveals that parts of Southeast Asia are established homes for dedicated remote scam centers,” it says. “Cybercriminals favor border areas in Cambodia, Myanmar, and remote parts of Thailand, according to data from the Digital Identity Network.”
Many fraud rings target North America because it’s attractive, the report says. “The mobile channel is attracting more fraudsters, illustrating the need to maintain strong fraud-prevention strategies on every channel. The mobile app attack rate grew 47% year-over-year to 1.3%, with similar growth (63% year-over-year) driving the mobile-browser attack rate to 4.5%.”