January to June 2020 has seen societal change on a global level, as COVID-19 continues to impact the global digital economy, regional economies, industries, businesses and consumer behavior. This includes an increase in cybercrime.
Online transaction volumes in the LexisNexis® Digital Identity Network® continue to grow, particularly across online retailers and digital banking services. However, some sub-industries have experienced a sharp decline in online transactions as demand for products and services fell due to lockdown restrictions.
The Digital Identity Network® tracks these changes in consumer behavior, collecting and processing global shared intelligence from billions of online transactions across the customer journey, giving businesses an enhanced view of trust and risk.
From January to June 2020, the Digital Identity Network also saw a growth in transactions from new devices, as well as new digital identities, with many new-to-digital consumers moving online to procure goods and services that were no longer available in person, or harder to access via a physical store. This contributed to an overall growth in good customer traffic, as is evidenced in the overall decline in attack volume.
While shifting consumer behaviors and an unstable economic environment have impacted transaction patterns, so too have they changed the face of global cybercrime. Despite this state of flux, however, the Digital Identity Network provides organizations with consistent protection against new and evolving attack vectors. Against a backdrop of fraudsters targeting state-backed financial support packages on a mass scale, the human initiated attack rate in the Digital Identity Network has declined.
It may be that with new lines of COVID-19-related credit to attack, traditional targets – particularly those with robust and established security protocols – have been attacked less. Online fraud is still rife, but it may just be targeting new and emerging products and services, and easier targets. This is supported by the fact that the Federal Bureau of Investigation (FBI) has reported that its Internet Crime Center has already received almost as many fraud reports for 2020 as for the whole of 2019.*
However, while human-initiated attacks targeting financial services and e-commerce have declined, automated bot attacks targeting financial services have grown. The media industry has seen a small growth in the human-initiated attack rate year-over-year.
In addition, new account creations remain a key target for fraudsters looking to register for new products and services, and the attack rate for new account creations from mobile devices has also grown.
As COVID-19-related financial support is reduced, it’s possible that many digital businesses that have seen lower attack rates will experience a resurgence in online fraud. Key attack typologies of the last few years will likely persist; mass scale automated bot traffic testing stolen identity credentials, hyperconnected fraud networks operating across industries and organizations, and scams leveraging COVID-19-related anxieties to prey on vulnerable customers.
A growth in new-to-digital customers and a tough economic climate could make these attacks more widespread and diverse, with evidence of mule activity already increasing as mule herders capitalize on economic downturns to recruit new mule accounts into their network.
Businesses must be armed with fraud defenses that layer multiple solutions to detect and block the full spectrum of attacks. These must be future-proofed, evolving as cybercrime moves across geographies, industries, organizations and customers. This relies on differentiating good trusted users – whether new-to-digital or long-established – from potential threats in near real time, before, during and after a transaction is processed.