More attacks are now emanating from developed economies as compared to the traditional fraud hubs where human labor is available cheaply and readily. Powered by consistently high attack levels emanating from Russia, Europe was the top fraud hub in Q1 2021, contributing more than a third of all attacks.
The United States and Russia were the top attacking countries during the first quarter of 2021 and had almost similar attack volumes. Although Russia has always been near the top, the US jumped four places to claim the top spot in Q1 2021—it was placed 5th in the last quarter of 2020. This was not much because of an increase in attacks from the US, but due to a decrease in attacks from more traditional fraud hubs such as Vietnam, Brazil, and Indonesia. Some of the new entrants in the top 10 attacking countries included Ukraine, the United Kingdom, the Czech Republic, and Germany.
Stopping Human-Driven Fraud
Human-driven attacks continue to rise
Overall, the attack volume in Q1 2021 was lower than in Q4 2020. However, there was a significant increase in human-based attacks in Q1 2021, especially in the technology (40%) and media (32%) sectors. The attack volume originating from human fraudsters doubled in Q1 2021 as compared to Q4 2020. This underscores the importance of fraud farms in carrying out nuanced attacks. The increase in humans to launch complex and strategic attacks speaks to the increasing relevance of so-called 'cyborg' attacks, as fraudsters are increasingly deploying a mix of bots and fraud farms to successfully pull off attacks.
One noteworthy fraud trend from Q1 2021, was the large amount of human-driven attacks from North America at 38%. This was primarily driven by attacks on social media companies. Humans are required to execute such attacks on these platforms, as they are needed to send out phishing messages or malicious links to good users seeking to place malware on their devices. Once installed, sensitive information is extracted, which can then be resold at a large profit.
Europe was ranked second in human-attack rates at 25%, followed by Asia at 23%, South America at 11%, and Africa at 3%
Regional fraud hubs
With an overall attack rate of 19.3%, the majority of attacks (88%) from Europe were bot-driven. In the US, travel transactions were highly attacked with one in two transactions being an attack. Similarly, 37.7% of all payment transactions were attacks, whereas, in the media industry, one in five transactions were attacks.
In the Asia-Pacific region, the top attacking countries included Vietnam, Indonesia, India, Thailand, and China. The most attacked touchpoint was logins at 39.5% attack rate whereas retail was the most attacked industry at 38.8%
The top attacking countries in Africa were Egypt, Morocco, Algeria, Nigeria, and South Africa. With an overall attack rate of 18%, logins were the most attacked at 40%.
At 83%, the majority of attacks in South America were bot-driven and originated from Brazil, followed by Venezuela and Argentina. Once again, the most attacked touchpoint was logins at 51.3%.
Why the fraud hubs have expanded
The expansion of fraud hubs to more developed economies is indicative of why regular users, who had never previously dabbled in fraud, took to these activities. They probably ventured into fraud out of desperation to make money, regardless of where it came from. Financial hardships due to COVID-19 may have pushed them to fraud. However, due to the profits they are able to earn, many continue to engage in fraudulent activities.
With regular users joining in and attackers hijacking IPs from good users around the world, the challenge to fight fraud has increased manifold for businesses. Consumer intent is more difficult to ascertain with good users showing suspicious behaviors and fraudsters displaying good user behavior. In such a scenario, businesses cannot rely on fraud solutions that are purely data-driven. They need to accurately identify the true intent of every incoming user to be able to fight fraud effectively.
Protect from evolving attacks, regardless of their place of origin
Arkose Labs can help digital businesses safeguard their interests from evolving attacks, irrespective of the place of their origination. The Arkose Labs Platform uses real-time risk assessment of every incoming user and provides them with an opportunity to prove their authenticity. This is achieved through interactive puzzles that are rendered in real-time. Depending on the risk assessment, good users may not even be presented with these challenges and even if they do, they can clear them easily. Bots and automated scripts fail instantly as the challenges are trained against the most advanced machine vision technology.
For malicious users, the challenges keep increasing and become more complex, which prevents these bad actors from clearing them at scale. This also wastes the time, effort, and resources of the attackers, which ultimately makes the attack financially non-viable and forces them to abandon the attack for good.
To learn how Arkose Labs protects global brands against complex attacks originating from multiple international locations, book a demo now.