LONDON & SAN FRANCISCO--(BUSINESS WIRE)--Arkose Labs, the fraud deterrence platform, today released new data on the latest fraud trends, revealing increased threats during the holidays; rising attacks by bots; and a resurgence in attacks on travel companies. As shoppers fill their online carts, account takeover (ATO) attacks and gift-card fraud remain persistent.
The Q4 Arkose Labs Fraud and Abuse Report, released today, shares the top six fraud-fighting trends from the previous 3 months and provides data highlighting that no digital business is immune from attack. Financial industries saw 32 percent more attacks than in the first half of 2021. Retail and travel attacks increased 63 percent in Q3, and gaming saw a spate of fake new accounts being set up for fraudulent purposes. Media and streaming businesses saw 60 percent of malicious activity targeting logins, and 20 percent of these attacks originating from human fraud farms. Technology platforms see 91 percent of all attacks powered by bots. Overall, attacks are increasing in every industry, and they are growing more sophisticated.
“As we approach 2022, the frequency and severity of fraud continues to threaten any organization doing business online,” said Arkose Labs CMO Vanita Pandey. “Based on intelligence garnered from the Arkose Labs Network, we predict a 60 percent increase in attacks for the upcoming 2021 holiday shopping season. No digital business is immune to this threat.”
Highlights from the report include:
Holiday Season is also Cybercrime Season. Attacks have steadily increased over 2020, becoming more frequent, launching on a larger scale, and initiating with greater sophistication. Digital companies need to understand how fraudsters work and protect the parts of their business that are vulnerable to attack. Arkose Labs estimates that eight million attacks will occur daily during the 2021 holiday shopping season that is now underway. As long as fraudulent attacks are profitable for bad actors, companies must be vigilant in their defense.
Travel Industry is Back in the Crosshairs. The world is traveling again, and that means more online bookings through travel sites. The travel sector enjoyed a 40 percent increase in digital traffic, creating the perfect opportunity for attacks, which increased 80 percent from Q2 to Q3 2021. Digital traffic to U.S. travel sites was hit particularly hard, with 66 percent of those online visits marked as fraud or bot attacks.
Asia Leads the Globe in Attacks. Asia has returned as the top originator of fraud attacks, with China driving nearly half of all attacks in Q3. In comparison, the United States, in second place, accounted for 19.4 percent of attacks.
Bots Take Center Stage. While human fraud attempts are increasing, machine attacks are predicted to hold steady and possibly ramp up during the holiday season. Bots now account for 88 percent of attacks. In 2020, more than 2 million bot attacks occurred between October and December. This year, the number will likely be even higher, making it all the more important for businesses to increase scrutiny of traffic intended to do harm.
Fraud Has a New Face. Digital businesses are experiencing a massive surge of fake new accounts. Arkose Labs detected 560 million malicious attempts on registration flows last quarter, which is four times more than at the beginning of the year. These fake accounts open the doors to downstream fraud that directly impacts the bottom line of e-commerce firms.
Credential Stuffing Continues to Plague Online Businesses. As more customers open digital accounts, account takeover attempts fueled by large-scale credential stuffing soon follow. Arkose Labs stopped 3 billion credential stuffing attacks over the past year, nearly doubling over the past 12 months. In 2020 digital businesses saw 90% higher volume of credential stuffing attacks during the final quarter of the year, over the holiday shopping period.
About the Report: The Q4 Arkose Labs Fraud and Abuse Report is based on actual user sessions and attack patterns analyzed by the Arkose Labs Fraud Deterrence Prevention Platform from July to September 2021. These sessions, spanning account registrations, logins, and payments from financial services, ecommerce, travel, social media, gaming, and entertainment, were analyzed in real-time to provide insights into the evolving fraud and risk landscape. Unsophisticated bot attacks don’t result in a user session and have not been included in this report. The report focuses on attacks from fraud outlets that combine state-of-the-art technology with stolen identity credentials and human efforts.
About Arkose Labs
Arkose Labs bankrupts the business model of fraud. Recognized by Gartner as a “Cool Vendor in Fraud and Authentication,” the company offers an industry-first warranty on account protection. Its AI-powered platform combines powerful risk assessments with dynamic attack response that undermines the ROI behind attacks, while improving good user throughput. Based in San Francisco, CA with offices in Brisbane, Australia and London, UK, the company was honored as the 195th fastest growing company in the United States on the 2021 Inc. 5000 list.