Fraudsters increasingly focusing on digital accounts, whether existing or fake ones

Fraudsters are increasingly focusing on digital accounts, whether that is by compromising existing user accounts or creating fake new accounts to commit fraud, an Arkose Labs report reveals.

The report also found that attackers are leveraging fraud farms and mobile devices to increase their ability to mimic the way consumers interact today. As mobile continues to be a more predominant channel for consumers to repeatedly access and interact with their favorite platforms, fraud is following suit to blend in with “normal” consumer behaviors.

Digital accounts susceptible to fraud more than ever

Additionally, the report indicated that attacks against logins and registrations are not always independent. More than ever, fraudsters are attacking both of these digital touchpoints, which makes ensuring digital account integrity more vital than ever for businesses.

“Whether they are taking over existing user accounts, or creating fake accounts for a variety of purposes, fraudsters expertly disguise themselves as legitimate users to abuse and monetize digital accounts,” said Kevin Gosschalk, CEO of Arkose Labs.

“With customer-centricity vital for success in this digital world, businesses must enable a seamless account login or registration process, while still being vigilant at monitoring these touchpoints as the starting points of fraud.”

In early 2021, the Arkose Labs team uncovered attacks which first centered on the registration flow, followed immediately by an attack on logins. A declined registration can validate if the account exists already, leading the bad actor to pivot to an account compromise attack. As cybercriminals deploy these multi-pronged strategies, platforms must have an adaptable approach that protects both account entry points.

Additional highlights

• Surge in new account fraud – Fake new account registration comprised over one-third of attacks detected in 2021, an increase of over 70% from the end of 2020. Fake accounts contribute to a wide range of in-platform abuse, such as spam, phishing and info scraping.
• Prevalence of credential stuffing – With stolen credentials and sophisticated tools at their fingertips, fraudsters are continually profiting from high-volume credential stuffing attacks and getting through standard defenses. Credential stuffing accounted for 29% of all attacks across the Arkose Labs network.
• The maturation of mobile – 50% of all digital traffic (good and bad) originated from a mobile device, up from 35% in the second half of 2020. The mobile attack rate was 24%, meaning businesses must be increasingly aware of attacks originating from mobile devices.
• Increase in human-driven attacks – The first half of the year delivered a 6x increase in the human-driven attack rate vs. bot attacks. This is part of a growing trend towards hybrid and human-assisted attacks at scale.
• New attacks out of Asia – In addition to high activity in known fraud countries of origin, such as Russia and Vietnam, China and India are back on the map as top attacking countries. Asia also had the highest percentage of human fraud farm attacks, with 60% of all such attacks originating from Vietnam and China. This illustrates this region’s importance to fraudsters in finding human labor to deploy to supplement automated attacks, or to carry out tasks that require more nuance than bots can currently manage, such as sending phishing messages on online dating scams.

“Fraudsters continue to diversify the nature of their attacks, as well as attack touchpoints,” said Vanita Pandey, CMO, Arkose Labs. “It’s imperative that businesses protect the full digital perimeter of user touchpoints and closely monitor any signs of suspicious activity.”