According to Javelin’s 2020 Identity Fraud Report, financial institutions’ methods to identify and respond to fraud are no match for criminals’ high-tech schemes to hijack consumer accounts. Fraud losses grew 13 percent in 2019 to $16.9 billion even as instances of fraud fell from 14.4 million in 2018 to 13 million in 2019, which resulted in consumers facing $3.5 billion in out-of-pocket costs last year as criminals shifted their focus from card fraud to opening and taking over accounts.
PerimeterX researchers are finding similar attacks in related industries.
We are entering another week of the social distancing effort to fight the coronavirus. We’ve seen increased attacks across many verticals, as outlined in our blog series COVID-19: Data Tells the Story. We are seeing that along with the expected surge in web traffic to e-commerce sites, there is a marked increase in automated fraud, contributing to account takeover (ATO) attacks. For example, in the home goods category, we are seeing that almost 90% of login traffic consists of ATO attacks. As consumers shift away from in-store interactions to home delivery, and as payments move online, the fraudsters are following the money.
We differentiate between two types of fraud, human and automated. Automated fraud, such as bot-driven ATO which is on the rise, is sometimes more difficult to prevent because it requires real-time decision making and some fraud solutions take seconds instead of the milliseconds required. Businesses need to take both types of fraud into account in order to protect their customers’ account data and preserve their brand reputation.