Arkose Labs Data Predicts 60% Increase In Online Fraud As Attempts Across All Industries Heat Up For Seasonal Shopping

Arkose Labs, the fraud deterrence platform, today released new data on the latest fraud trends, revealing increased threats during the holidays; rising attacks by bots; and a resurgence in attacks on travel companies. As shoppers fill their online carts, account takeover (ATO) attacks and gift-card fraud remain persistent.

The Q4 Arkose Labs Fraud and Abuse Report, released today, shares the top six fraud-fighting trends from the previous 3 months and provides data highlighting that no digital business is immune from attack. Financial industries saw 32 percent more attacks than in the first half of 2021. Retail and travel attacks increased 63 percent in Q3, and gaming saw a spate of fake new accounts being set up for fraudulent purposes. Media and streaming businesses saw 60 percent of malicious activity targeting logins, and 20 percent of these attacks originating from human fraud farms. Technology platforms see 91 percent of all attacks powered by bots. Overall, attacks are increasing in every industry, and they are growing more sophisticated.

Highlights from the report include:

Holiday Season is also Cybercrime Season. Attacks have steadily increased over 2020, becoming more frequent, launching on a larger scale, and initiating with greater sophistication. Digital companies need to understand how fraudsters work and protect the parts of their business that are vulnerable to attack. Arkose Labs estimates that eight million attacks will occur daily during the 2021 holiday shopping season that is now underway. As long as fraudulent attacks are profitable for bad actors, companies must be vigilant in their defense. 

Travel Industry is Back in the Crosshairs. The world is traveling again, and that means more online bookings through travel sites. The travel sector enjoyed a 40 percent increase in digital traffic, creating the perfect opportunity for attacks, which increased 80 percent from Q2 to Q3 2021. Digital traffic to U.S. travel sites was hit particularly hard, with 66 percent of those online visits marked as fraud or bot attacks.

Asia Leads the Globe in Attacks. Asia has returned as the top originator of fraud attacks, with China driving nearly half of all attacks in Q3. In comparison, the United States, in second place, accounted for 19.4 percent of attacks. 

Bots Take Center Stage. While human fraud attempts are increasing, machine attacks are predicted to hold steady and possibly ramp up during the holiday season. Bots now account for 88 percent of attacks. In 2020, more than 2 million bot attacks occurred between October and December. This year, the number will likely be even higher, making it all the more important for businesses to increase scrutiny of traffic intended to do harm.

Fraud Has a New Face. Digital businesses are experiencing a massive surge of fake new accounts. Arkose Labs detected 560 million malicious attempts on registration flows last quarter, which is four times more than at the beginning of the year. These fake accounts open the doors to downstream fraud that directly impacts the bottom line of e-commerce firms. 

Credential Stuffing Continues to Plague Online Businesses. As more customers open digital accounts, account takeover attempts fueled by large-scale credential stuffing soon follow. Arkose Labs stopped 3 billion credential stuffing attacks over the past year, nearly doubling over the past 12 months. In 2020 digital businesses saw 90% higher volume of credential stuffing attacks during the final quarter of the year, over the holiday shopping period. 

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.

%d bloggers like this: