We are in the midst of a week predicted to be record breaking in terms of cyberattack volumes, with malicious activity set to spike aggressively on Black Friday and Cyber Monday.
A colossal 50 million attacks globally are expected to hit throughout the prime shopping period, meaning that potentially billions of pounds are hanging in the balance in the UK alone.
In the run up to what may prove to be the worst week of cyberattacks on record, it is also important to note that 171 million attacks have been logged in just the last quarter. This tremendous figure is a 100 per cent increase compared to the same time span in 2015.
Hackers are thought to be prepared for capitalising on the season of spending, with ThreatMetrix recognising an increase in bot activity in the run up to the booming retail period. Fear surrounding the potentially crippling power of bots has peaked recently upon the discovery of the Reaper botnet.
In the past 90 days, 450 million bot attacks have been recorded, with a focus found to be on automated attacks and identity testing.
The massive data breaches of 2017 have brought personal credentials to centre stage, masses of data is available to purchase and use, making the Black Friday even more appealing to fraudsters.
Vanita Pandey, vice president of product marketing and strategy at ThreatMetrix comments, “Cybercrime continues to grow, with organisations being attacked more than ever before, fueled in large part by the proliferation of data breaches that continue to provide fresh identity data to exploit. Fraudsters are acting with haste, before data breaches are disclosed publicly, to test stolen credentials with a view to perpetrate large-volume attacks on digital businesses.
The value of identity data has now surpassed the value of card data, and the cybercrime statistics for EMEA are significantly more troubling than those in North America. In EMEA you are 63 per cent more likely to face an attack via a transaction.
“We predict that the top retailers will sustain heightened attacks from bot operators, looking to test personal accounts. Over the next week, we are expecting approximately 5 to 8 million daily identity testing attacks… By analyzing our most recent data, we can see that the scale of eCommerce attacks in the final quarter of 2017 is likely to surpass the entire attack number for all industries – including banking and media – during Q4 2016,” Pandey said.
Putting into perspective the ease with which identity data can be accessed by malicious actors, Tim Ayling, EMEA Director of Fraud and Risk Intelligence at RSA Security has outlined the paltry cost of personal information.
“With hundreds of thousands of UK card credentials available to buy on the dark web for less than £10, you can bet that cybercriminals and fraudsters will be on their own shopping spree. Major sales events like Black Friday have historically seen a huge number of compromised accounts being sold by hackers, used to make illegitimate purchases and siphon funds from virtual wallets. In the past, there has even been a dialing-down of proactive fraud detection on big shopping days like these. Merchants and card issuers were so insistent on allowing their transactions to flow through, they would often choose to allow more risky transactions to continue.”
While the scene may seem bleak, you are not powerless to improve your chances of keeping your information safe. Being mindful of where and how you submit your personal information is a solid start, while also improving passwords, ensuring that the goals of hackers are not made more achievable still.
“This is slowly changing and anecdotal evidence suggests that both maturity in fraud prevention tools, as well as the scale of the fraud problem, are allowing the financial institutions to become more stringent on these days. However, shoppers must remain vigilant. Fraudsters are opportunists by their very nature, and many will see Black Friday as a golden opportunity, hiding amongst the spike in legitimate purchases,” the EMEA Director of Fraud and Risk Intelligence at RSA Security said.
This article is from the CBROnline archive: some formatting and images may not be present.