ThreatList: Amidst Data Breaches, Account Creation Fraud Soars in 2019 | Threatpost

The first half of 2019 saw a 13 percent increase in fraudulent activity compared to the previous six months, with a spike in June representing the highest-volume bot attack that’s been recorded since 2016, according to an analysis from LexisNexis.

The firm’s report, with data gleaned from 277 million human-initiated attacks across its Digital Identity Network, shows that bot attacks focused on new account creations are on the rise, bent on building fake online identities across diverse sectors. This type of attack is the only criminal “use case” that saw growth in the study period.

The June attack targeted a virtual gift-card provider, with a bot trying to set up accounts using different email addresses. LexisNexis found that the attack originated in the U.S., but the browser language was set to Russian.

There were also two smaller peaks in attacks in the first six months of 2019; in January, a global e-commerce merchant was the key target for a series of bot attacks coming from the U.S., Chile, Switzerland and Canada. These bots were attempting fraudulent new account creations from desktop devices, using stolen identity credentials. In February, fraudsters used device-spoofing and IP-spoofing to target a multinational bank, with the attacks originating from the U.S.

From a trend perspective, different industries are being targeted in different ways, according to the report. Within media, for example, bot attacks targeting new account creations saw a 65 percent increase in just six months, looking to abuse bonus offers. This is where fraudsters attempt to sign up for new accounts to capitalize on free trials and streaming bonuses, which they in turn sell on the black market for profit. E-commerce companies also saw bot attacks on new account creations increase – to the tune of 305 percent – and were most prevalent in online marketplaces, virtual gift card companies and ridesharing sites.

Mobile fraud is another hotspot (though it lags far behind desktop attacks), as fraudsters look to new mobile account creations and app registrations as opportunities to intercept one-time passcodes to fraudulently register mobile apps, according to LexisNexis. Globally, attacks on mobile apps rose 148 percent in six months.

Mobile account creation bots are targeting social media apps to test, validate or build synthetic identities: “The Digital Identity Network saw hundreds of thousands of bot events from Russia, Indonesia, Brazil, Thailand, India, Ukraine and Bangladesh, suggesting stolen/synthetic identity farms may be supporting emerging and growth economies,” according to the report.

And, crooks are targeting gaming/gambling organizations, where bad actors register for new player bonuses to sell for profit.

Regionally speaking, LexisNexis found that data breaches continue to spur attacks in North America.

“In some cases, identity data may have been stolen several times over, with fraudsters continually validating and building stolen and synthetic identities to improve the success of attacks,” according to the report. “The impact of these breaches is highlighted in the e-commerce new account creation attack rate.”

Globally the attack rate is 30.4 percent, but in North America the attack rate is almost 40 percent. Desktop transactions are by far the biggest target for these attacks, according to the firm, and a large proportion of these new account creations attacks are carried out by automated bots trying to validate, augment or build out identities, or attempting to benefit from new account bonuses or discounts. Meanwhile, the e-commerce payments attack rate from North America is growing at a rate of 52 percent year-on-year compared to 12 percent globally.

Interested in more on the internet of things (IoT)? Don’t miss our on-demand Threatpost webinar, IoT: Implementing Security in a 5G World. Join experts from Nokia, iboss and Sectigo as they offer enterprises and other organizations insights about how to approach security for the next wave of IoT deployments. Click here to listen to the recorded webinar.