New data reveals the global circulation of stolen identities is leading to major shifts in cybercrime worldwide, with developing countries cultivating newly formed internet-based economies responsible for a generous amount of fake and stolen account activity.
Notably, as ecommerce markets in Latin America continue to expand, incidents of fraud are beginning to skyrocket. Stolen and forged identities used to create fake accounts is, in turn, becoming a market unto itself.
ThreatMetrix, the threat solutions division of research service LexisNexis, reports flourish fraud in the developing world, largely involving identity abuse, with particular emphasis on South America.
“Global cybercrime expansion is being driven by developing economies recently emerging as major perpetrators of fraud, creating new epicenters of cybercrime off the back of attacks that extend beyond their own borders into the surrounding region,” the company says.
ThreatMetrix cites as an example a swell of identity-based attacks originating from Brazil, where neighbouring countries such as Columbia and Argentina are prime targets, in addition to the US and UK. In early 2018, Brazil found its way into the top five on a list of attacking nations.
“Billions of online users are generating huge swathes of data and unfortunately it is becoming easier and easier for cybercriminals to steal and monetize this, wherever they are in the world,” said Vanita Pandey, VP of marketing and product strategy at ThreatMetrix.
“Stolen data gives cybercrime a fraudulent mask, as they hijack identities to open new accounts, takeover legitimate user accounts or perform fraudulent transactions,” Pandey said.
In the first quarter of 2018, researchers registered more than 150 million rejected transaction, indicating online fraud is soaring; the figure represents an 88 per cent increase from the same period in 2017.
Moreover, new and emerging economies—Egypt, South Korea, Ecuador, Ukraine, and Vietnam are offered as examples—have contributed to 820 million bot-based attacks targeting e-commerce sites worldwide.
These attacks continue to be focused on identity abuse and testing. As a result, the overall attack rates for account logins and new account creations have steadily grown in the ecommerce sector, with fraudsters targeting account takeovers to access sensitive personal credentials and saved credit cards.
Specifically, fraudulent new account registrations increased more than 30 per cent over the previous year, as fraudsters used the relatively modest sign up requirements of ecommerce vendors as a breeding ground to test stolen identity credentials. And these tests often serve as a gateway to further attacks in other industries.
Attacks on mobile account creations, meanwhile, have risen by 150 per cent in 2018's first quarter, compared to the same period last year.
Per ThreatMetrix, 58 per cent of all accounts are now created using mobile devices and 51 per cent of financial transactions are now completed using a mobile device, a 200 per cent increase since early 2015.