alexskopje -

Phishing remains top fraud enabler, RSA reports

Phishing is the most popular way of enabling fraud for cyber criminals, who are also increasingly using rogue mobile apps, mobile browsers and social media, a report reveals

Phishing accounted for 41% of all fraud attacks observed by RSA in the second quarter, according to the security firm’s latest quarterly fraud report.

Canada, the US and the Netherlands were the top three countries most targeted by phishing, with the Netherlands and Spain seeing increases that moved both into the top five most targeted countries.

France is a new entrant to the top 10 phishing target list this quarter, while South Africa dropped off and the UK does not feature.

“We saw fraud increase 33% compared with the previous quarter, and phishing accounted for 41% of that,” said Daniel Cohen, director of RSA’s fraud and risk intelligence unit.

“Phishing is the oldest trick in the book, but it is still very prominent because it is still an extremely effective way for attackers to get through the front door,” he said, adding that this shows that the security industry still has some work to do in this area.

The report also shows that credit card fraud continues to be extremely popular with cyber criminals. RSA recovered nearly 5.1 million unique compromised cards and card previews from reliable online fraud stores and other sources in the quarter, which represents a 60% increase in cards recovered by RSA in the previous quarter. These figures represent recovered cards with unique card information that can be used for online fraud.

After phishing, rogue apps were the next biggest enabler for fraud in the quarter. RSA detected 9,185 rogue apps, which accounted for 28% of all fraud attacks observed during the second quarter.

“The fraud risk from mobile applications continues to grow,” said Cohen. “Anyone downloading mobile applications should be extremely careful as this is an area that cyber criminals are concentrating on, with the number of rogue applications we are seeing growing from quarter to quarter,” he said.

RSA also saw an increase of fraud from mobile browsers, which – together with mobile applications – represented 71% of total fraud transactions, up 9% compared with the previous quarter and up 16% compared with the same period a year ago.

Mobile applications and browsers represented only 56% of legitimate transactions, up just 14% compared with the same period a year ago.  

The average UK fraud transaction was valued at £278, compared with £151 for legitimate transactions, which means that high-value transactions are more likely to be fraudulent.

The report also shows that while just 0.4% of legitimate payment transactions were attempted from a new account and new device, 27% of the total value of fraudulent payments were made through new accounts and devices, indicating that cyber criminals are increasingly using burner devices and fake accounts for fraud.

RSA reported a spike in the use of burner phones in the first quarter of 2018, with 82% of observed fraudulent e-commerce transactions originating from such devices in an effort by fraudsters to avoid detection.

In terms of fraud evolution, Cohen said fraudsters are increasingly using social media platforms to find, contact and communicate with other fraudsters as well as advertise their fraud-related services, such as credit card details for sale or carding services to buy and deliver goods purchased using stolen credit card details.

“Social media has become a huge source of intelligence for us because all social media platforms are heavily used by fraudsters, enabling them to communicate effectively and quickly with each other and potential customers without needing to use difficult-to-find forums on the dark web,” said Cohen.

“WhatsApp, for example, is encrypted end-to-end, making it the perfect tool for cyber criminals because whatever they send to each other is encrypted, which is one of the reasons the cyber fraud market continues to bloom,” he said.

In response, Cohen said there needs to be a greater focus on corroborating online identities in multiple ways, including behaviour analysis.

“We need to look at a wide variety of corroborating sources to build a more comprehensive picture of each digital identity and establish what good behavior for each identity looks like,” he said.

Looking ahead, the report highlights the emerging challenge of “human-not-present” transactions as the world moves rapidly toward increased frequency and depth of automation directed toward tasks that traditionally required human participation.

The report said it is critical to learn from lessons of the past to ensure that, while the world embraces the convenience and freedom that automation can provide, everything possible is being done to ensure the probable risks are accurately assessed and mitigated.

“We should continue to understand, invest in and improve identity’s role and effectiveness in all transactions, and understand the gaps it leaves,” the report said.

The challenge of human-not-present transactions is explored in detail in a recent article by Computer Weekly.

Read more about cyber fraud

Read more on Hackers and cybercrime prevention

Data Center
Data Management