COVID-19 has led to a surge in digital interactions. As a result, businesses are operating under extraordinary pressure, and incentive levels for would-be cybercriminals are sky-high. Fraudsters have quickly identified the evolving digital behavior and are adapting their targets and tactics accordingly.
Trend 1: Heightened Attack Levels
Businesses are facing an increasingly hostile threat landscape in 2020. Major spikes in attacks can be seen in the first six months of the year, and Arkose Labs has observed a general trend upwards in the intensity of attacks.
In Q1, fraudsters went all out to attack any customer touchpoint. This resulted in high attack levels across all the use cases. In Q2, however, there was a shift in focus, with a rise in account takeover attacks. Account logins emerged as the most attacked touchpoint–28% of all login attempts were attacks.
Desktops remained the preferred option for attacks in 1H 2020, with nearly 79% attacks targeting desktop transactions. Despite the fact that mobile transactions account for 37% of traffic on the Arkose Labs network, mobile attacks are lagging behind. However, the mobile attack mix varied significantly by industry.
Trend 2: 5 AM is the Most Dangerous Hour of the Day
Fraudsters are quick to adjust their focus on businesses and use cases with the greatest monetization potential. They target high-traffic areas in an attempt to blend in with legitimate activity. However, when looking at the data at an hourly level, fraudulent activity does not match peak times of legitimate consumer activity. One of the major 2020 fraud trends points towards businesses facing cross-border attacks 24x7 from perpetrators operating across time zones and leveraging automated scripts that run through the night.
Interestingly, our data revealed that 5 AM was the most dangerous time of the day. Attack rates were 10% higher than later in the afternoon when there was greater legitimate traffic. Traffic coming during the six-hour period—between 4 AM and 10 AM—was higher risk than during the rest of the day, when the average attack rate was 25%.
Recommended Download: Q3 2020 Fraud and Abuse Report
Trend 3: Shift from Bots to Human-Driven Attacks
As more consumers embrace digital channels amid COVID-19, fraudsters have hit a jackpot in terms of the opportunities to exploit. They are adopting tactics that help them maximize profits with the least investment. This includes shifting between human-driven, automated and hybrid attacks.
When lockdowns were imposed in Q1, forcing consumers to go online, fraudsters responded immediately with large-scale bot attacks to ramp up their attacks at speed. In Q1, bots constituted 74% of all the attacks. This shifted in Q2 2020, with 41% of attacks now originating from humans rather than automation. This is the highest human-driven attack mix seen on the Arkose Labs network over the last four quarters.
Trends 4: Fraud mitigation is not sufficient
Analysis of 2020 fraud trends highlights why Gartner recently stated that businesses will not succeed in today’s threat landscape by relying on mitigation-focused strategies of risk scores and behavioral analysis.
Gartner's Cool Vendors in IAM and Fraud Detection report recommends more robust fraud detection capabilities that allow businesses to deliver a great user experience. Arkose Labs was featured as a Gartner Cool Vendor for our ability to address this twin challenge by combining risk assessments with targeted enforcement challenges in a very user-friendly way.
Global 2020 Fraud Trends Report
For a more in-depth analysis of fraud trends across geographies, industries, use cases, and attack methods, read the Q3 2020 Fraud and Abuse Report from Arkose Labs. Insights into the evolving threat landscape are based on the analysis of attack patterns across real user sessions. These span account registrations, logins, and payments; from financial services, e-commerce, travel, media, gaming, and technology companies.
For data-driven insights from the first 6 months of 2020, download your copy of the Q3 2020 Arkose Labs Fraud and Abuse Report.