A Quarter of New Online Accounts Are Fake – Report
There was an 85% year-on-year increase in attacks targeting logins or account creation in 2021 as bot-driven fraud attempts soared, according to Arkose Labs.
The fraud prevention firm analyzed over 150 billion transaction requests across 254 countries across the 12-month period to compile its latest report, The 2022 State of Fraud and Account Security.
It found one in four newly created accounts were fake, one in five logins was an account takeover (ATO) attempt and a fifth (21%) of all traffic was linked to fraud.
ATOs are commonly used to steal personal and financial data or launch phishing attacks. Fraudulent new accounts could be used for “inventory hoarding, content scraping and sending spam and phishing messages,” according to Arkose Labs CEO and founder, Kevin Gosschalk.
“As expected, businesses that hit high-growth periods in 2021 saw an increase in attack. For example, gaming saw sky-high attacks in 2020 but leveled off in 2021, which led to attacks dispersing across other industries,” he told Infosecurity.
“Online media and entertainment continued to grow in popularity, bringing more in-platform spam and scam attacks. Attackers flocked to the travel industry to take advantage of scraping and inventory hoarding opportunities as the world shifted more toward post-pandemic normalcy.”
Driving most of these attacks is the use of intelligent, automated bots. Arkose Labs claimed that today’s bot signatures are three times more complex than those of previous years, making it even harder to discern real human behavior imposters.
Some 86% of attacks in 2021 were linked to bots, while bot-driven credential stuffing attempts peaked at 76 million per week. The Black Friday/Thanksgiving month of November was the worst hit.
The worst attacked sectors in the UK in 2021 were online gaming, accounting for 46% of all attacks, then social networks and online streaming sites, which comprised a third of malicious activity
More Stories
Pension Firms Report 4000% Surge in Breaches
Financial services targeted remorselessly over past year Read More
Sophisticated APT Clusters Target Southeast Asia
Unit 42 uncovered three separate threat actor clusters: Stately Taurus, Alloy Taurus and Gelsemium Read More
China-Linked EvilBamboo Targets Mobiles
This extensive operation is directed at Tibetan, Uyghur and Taiwanese individuals and organizations Read More
Voting Equipment Giants Team Up For Security
The move aims to combat the rampant spread of misinformation among American voters Read More
“The good and the bad that comes with the growth of AI” – watch this series of webinars with Abnormal, OpenAI, and others
Graham Cluley Security News is sponsored this week by the folks at Abnormal. Thanks to the great team there for...
iOS 17 update secretly changed your privacy settings; here’s how to set them back
Many iPhone users who upgraded their iPhones to the recently-released iOS 17 will be alarmed to hear that they may...