Criminals are cashing in on cybercrime in a big way. A new report from Arkose Labs reveals that experienced or “master” fraudsters can pull down up to $7.2 million annually and that rookie fraudsters can earn as much as $20,000 per month with an investment of as little as $5 to $10 in a fraud tutorial. By comparison, the median annual salary for chief executive officers in the United States about $790,000, according to Salary.com.
Given the high return on investment fraudsters can realize, it’s not surprising that the number of active fraudsters has increased tenfold since 2019, according to the report.
“The ROI for cyberattacks is greater than ever, so fraudsters are willing to invest more energy in the right mix of tools and resources to be successful and turn profits,” Arkose Labs chief executive and founder Kevin Gosschalk says in a prepared statement. “Our intelligence shows that bot attacks are mimicking human behavior enough to evade security measures and leading to new monetization techniques. Evolving bot and human-led attacks increasingly target fintech, gaming, and technology companies. Simple automation is a thing of the past, as attackers have proven to be quick learners and continue to find ways to sabotage businesses to increase their personal wealth.”
When it comes to the use of automation, Web bots, which are software applications that repeatedly run automated tasks over the Internet, are the technology preferred by fraudsters to launch their attacks. One favored form of Bot-driven attacks is scraping, a technique in which fraudsters scrape a consumer’s personal data from social media and other public Web sites for use in completing fraudulent loan and credit card applications. Scraping attacks increased 60% during the first quarter, compared to the same period a year earlier. Another favored bot-attack vector is credential stuffing, which accounted for 4% of all traffic during the first quarter.
On a per-industry basis, gaming companies were among the hardest hit, experiencing a more than twofold increase in the number of attacks during the first quarter, compared to the same period a year earlier, as well as an 85% increase in fake-account registrations, compared to the fourth quarter of 2021.
E-commerce/retail companies saw the number of fraud attacks during the first quarter increase 30% compared to the same period in 2020 and a 65% increase in fake accounts, compared to the fourth quarter of 2021. Account takeover attempts represent 80% of the attacks launched against e-commerce/retail companies.
Further compounding the problem of increasing fraud attacks is that the cybersecurity industry is not attracting enough new workers to keep pace with the increase in fraudsters. Currently, 2.72 million cybersecurity jobs remain unfilled, according to the (ISC)2 Cybersecurity Workforce Study 2021. As a result, the number of career fraudsters exceeds the 4.19 million active cybersecurity professionals, says Brett Johnson, Arkose Labs chief criminal officer.
“The labor shortage in cybersecurity continues to put companies at risk, especially because the number of people entering cybercrime as a career is growing faster than companies can hire and train cybersecurity employees,” the report says.
Despite the allure of cybercrime, software companies are not standing still when it comes to developing new applications to detect and prevent fraud. Fraugster, a Berlin-based artificial intelligence company, announced Wednesday the launch of Alternative Credit Decisions, an application that allows buy now, pay later merchants to approve more customers for BNPL loans without increasing credit risk.
The application was developed in response to rising BNPL loan losses, which total $19.2 million for every $1 billion in transaction volume processed, the company says. By comparison, credit card issuers experience $270,000 in bad debt for every $1 billion volume processed.
Alternative Credit Decisions enriches BNPL scoring models with more than 100 attributes to provide a more accurate view of a consumer’s credit risk. The attributes used include a consumer’s positive transaction history, account history, purchase history, and unpaid amounts.
“Our mission is simple, we want our customers to feel confident that they can trust the person they are approving to repay the amount they are borrowing,” Fraugster chief executive Christian Mangold says in a prepared statement: “The positive results we are already seeing with trial customers make me confident that we can help the e-commerce ecosystem approve more customers without increasing exposure to loan defaults.”
Read the original article here.