eCommerce is abundant and growing. But merchants need to be vigilant as they are excited to tap into new markets worldwide. ThreatMetrix had detected and stopped 210 million cyber attacks in its first quarter in 2018. That is a 62% increase from what the risk solutions company experienced in the same quarter in 2017.
There are multiple causes for this increase, which range from bot attacks to synthetic identity fraud. But who is being targeted and where are these attacks coming from? Those are two of several questions we’ll answer with the ThreatMetrix Q1 2018 Cybercrime Report. We’ll also explain how their findings relate to Automated Dispute Management and Real-time Resolution.
How Do Cyber Attacks Compare to Previous Years?
The year 2018 is set to outpace the last three years that were monitored by ThreatMetrix. Compared to the first quarters in 2015, 2016 and 2017, Q1 2018 had seen more daily attacks that resulted from high-volume attacks across a number of days and weeks. This is a complete contrast to the short, isolated peaks that occurred in the last three first quarters. One main reason for this is because of the proliferation of bots that can be used to create organized cyber attacks.
Who Has Been Targeted So Far in 2018?
ThreatMetrix categorized the targets (and origin of attacks) by country of origin. The eCommerce industry have been the primary target of cyber attacks, no matter where a merchant is physically established. But cyber criminals have also focused on targeting a very specific industry where they can monetize stolen data. ThreatMetrix points to payment processing industry as the specific target. And the numbers paint a dark picture.
In Q1 2018, the attack rate on payment processors was at 7.6% while the overall industry average was 3.9%. That 3.5% margin for payment processors is the largest when you compare it to all four quarters in 2017. The closest margin to match was in Q1 2017 (2.9% margin), but that still puts Q1 2018 ahead by 0.7 percentage points.
Why Are There More Cyber Attacks On Payment Processors?
The positive news about eCommerce is that consumers are adopting it more often in their lives. And that adoption had involved in increase in mobile transactions. However, recurring transactions on mobile devices builds opportunity for cybercriminals. After all, all of the consumers card and account information are saved onto their device, the e-merchants’ database and their respective processors. The more frequent consumers buy products or services via mobile, the more valuable they are to be targeted and affected by account takeovers. This excessive activity makes payment processor more of a primary target, especially when its operations expands in developed and developing countries.
Where Are The Cyber Attacks Coming From? And What Countries Are Most Targeted?
The United States remains to be one of the top five originators and recipients of cyber attacks. However, the Q1 2018 Report showed Brazil to be the top source of attacks. What’s interesting is that most cyber attacks didn’t just happen within the same country, but also within the same region. For example, cyber attacks from the United Kingdom were targeted to eCommerce merchants in the US, the UK, Ireland, Canada and France. Cyber attacks from Brazil focused mainly on the same merchants in the US, Argentina, the UK, Brazil and Columbia.
What Kind Transactions Were Attacked in the eCommerce Industry?
ThreatMetrix focused on metrics from three transaction types, which are payments, account login and account creation. There is a stark difference when you compare the volume of transactions received and the attack rate per transaction type. For example, account creation only obtained 2% of the transaction volume via eCommerce. But account creation had an attack rate of 32.8%. Much of these cyber attacks were meant to perform identity testing, according to ThreatMetrix. In other words, account creation is performed to test the fake (and possibly synthetic) IDs in order to create opportunity for potential fraud.
The risk solutions company emphasized on merchants to analyze the average time it takes for customers to login their profile prior further engagement. Here is one metric that will convince to revamp your fraud prevention methods.
Graph via ThreatMetrix.
The average time it takes for customers to manually login is around 4 seconds, and this accounts for all industries analyzed in this report. The average time for bots, which is represented by the blue line, is less than ½ of a second. Basically, you should be very suspicious whenever a customer’s average login time is close to zero seconds. That ‘customer’ may be a bot. But make sure to cross-reference other metrics, such as the percentage of engagement on a certain device (i.e., mobile vs. desktop). We all want to provide a fast, seamless experience for our customers. But an experience with low (or no) barriers can motivate true customers to file disputes.
What About Customers Who Autosave Login Credentials?
This is where device metrics and IP addresses can play a big role in fraud prevention. The Q1 2018 Report emphasized how customers are remarkably consistent with the devices they use. Whether it’s from browsing through products or even buying said products, eCommerce merchants can create a decent visualization for their true customers, their preferred devices and where said devices are regularly used.
That being said, you should have an idea of the IP addresses affiliated to customers who auto-saved their login credentials. That’s really the key element that can distinguish a true customer from a fraudster. After all, an auto-saving customer may have the average login time as a bot. But if you pay attention to the time when they customers login (and where they login via ISPs), a bot will be more easier to detect.
Is There A Positive Outlook Despite These Cyber Attacks?
Mobile transactions are more pervasive worldwide, along with eCommerce. ThreatMetrix found that 60% of all account creations came from a mobile device. Moreover, all industries in the Q1 2018 Report have received more mobile transactions than desktop transactions. The financial service industry has been the main benefactor of this trend.
But every positive outlook may reveal negative findings. ThreatMetrix founded that 100 million bot attacks came from mobile devices. That may only represent 10% of the 1 billion bots analyzed in the report. But when you consider that 100 million bot attacks came from mobile devices within three months in 2018, suddenly that 10% seems more threatening.
How Much Has Mobile Cyber Attacks Increased Since 2016?
Fraudsters have been to keen to use bots while consumers either register on login to their accounts. That’s the only time when they can effectively perform account takeovers and do excessive damage to one’s business. The attack rate in Q1 2018 (11.6%) have almost tripled when you compare it to Q1 2016 (4.3%).
There are different ways for fraudsters to use bots. And if they have the scale and creativity, the number of attack methods can seem endless. In the Q1 2018 Report, mobile browser bots have been an increasing threat among eCommerce merchants.
What Solutions Are There For Cyber Attacks?
There are several solutions that can be grouped into two categories. One category focuses on fraud prevention, and there are solutions available in detecting bots. We’re going to talk more on another category, which focuses on dispute resolution. The only way to fight automation is with automation. Here are some automated tools we provide that can deter cyber attacks and, if it happens, recover customers who were affected by account takeover.
To be clear, automating refunds doesn’t imply that you’ll automate every single dispute you receive. The Chargeback App gives more precise control to automate refunds, whether you decide to automate based on a certain kind of dispute or a certain kind of transaction. You will be to make adjustments based on your store policies, so that consumers can expect refunds when it’s stated.
Prevent Fulfillment of Goods
A purchase may have been approved by a customer. But a transaction doesn’t have to be fulfilled if it’s found to be fraudulent. This will can in handy whenever you receive excessive and unusual orders from familiar customers. They may have been affected by an account takeover. And if that’s the case, you’ll be able to stop fulfillment, whether it’s line for shipping or if it is en route to the shipping address.
Aggregate Data For a Better Picture
There’s a lot of elements to consider when detecting fraud. And the best way to get the full picture is by aggregating your data into one place. The Chargeback App not only enables merchants with Real-time Resolution. It also allows them extract reports for further analysis. This includes, but not limited to, analysis that is focused on:
- Fraud Prevention
- Customer Service
There more solutions where that came from. Feel free to contact us to learn about Automated Dispute Management and Real-time Resolution. You can also read this article to learn what exactly is Real-time Resolution. Furthermore, you can view our pricing page to know your tailored price for the Chargeback App. And finally, you can request a demo if you want like to experience automated dispute management.