Fraud report finds human-bot hybrid attacks increase in Q1

Arkose Labs, a provider of online fraud and abuse prevention technology, has released new data on the latest fraud trends, revealing an increase in human-bot hybrid attacks.

The Q2 Arkose Labs Fraud and Abuse Report, also found that Europe was the top attacking geography, with more than one-third of all attacks originating there. Additionally, there was a significant amount of human-driven attacks originating from North America, which could indicate that many who were drawn to fraud to make money during lockdowns have continued on this path.

“Many who dabbled in fraud in 2020 have continued to find the profession profitable and continue on with it instead of returning to legitimate work,” said Vanita Pandey, CMO at Arkose Labs. “There is an increasing amount of people who, while not pursuing fraud as a full-time job, are engaging in activities like fake reviews, disseminating fake information on social media and new user sign-up bonus abuse. This new face of fraud is emerging as a permanent part of the landscape.”

“A significant number of attacks from Europe originated from Russia,” said Adrian Jenkins, Arkose Labs regional VP EMEA, “In Europe, attacks were focusing on online dating and gaming, with some of the top attackers, in addition to Russia, including The Netherlands, Germany, Ukraine and Turkey.”

2021 started off busy, with heightened attack volumes carrying over from the end of 2020. However, by the midpoint of Q1 there was a drop off in attacks in most industries – except technology, and media/streaming, which continue to see high fraud levels.

At its peak, the Arkose Labs Network detected five million attacks daily during the first half of Q1. The overall attack rate dropped significantly as the quarter went on, from a peak of more than 30 per cent of sessions being identified as malicious, to a much more manageable 17%. This was due to a respite from large scale, targeted bot attacks. Human-driven fraud however did increase slightly this quarter.

Additional highlights from the report include:

Increase in Human-Driven FraudQ1 saw a marked increase in human-based attacks from North America, especially in tech and media, which highlights the continuing presence of fraud farms in carrying out attacks. Humans are required to launch scams on these platforms, which they do by sending phishing messages or malicious links to good users seeking to place malware on their devices or extract sensitive information, which can then be resold at a large profit.

Rise in Malicious Mobile TrafficHigher levels of fraud originated from mobile devices in Q1, up to 28 per cent of all attacks compared to 16.2 per cent last quarter. This speaks to the importance of protecting the entire digital perimeter.

A Diversification of Attack TypeWhile 2020 was dominated by account takeovers (ATOs) and login-based attacks, Q1 2021 saw a significant uptick in bots attacks for things like spam, info scraping, in-game abuse, inventory hoarding and API abuse, with a 36 per cent increase in these types of attacks from Q4 2020 to Q1 2021. There was also a 28 per cent increase in payments attacks during that same time period.

Rise of the CyborgsThe increase in humans launching attacks speaks to the increasing relevance of so-called “cyborg” attacks, with fraudsters deploying a mix of bots and fraud farms to successfully pull off attacks.

Attack of the Smart DevicesIn an effort to blend in and appear as legitimate traffic, fraudsters are hijacking the trove of new IPs associated with IoT-connected devices. These IPs are often from a geography not typically known for fraud attacks, such as North America. There were similar levels of attacks originating from Europe and Asia in Q1 2021, with Europe the top attacking geography, with over one third of all attacks. This is largely influenced by the consistent high attack levels seen emanating from Russia.

The Q2 Arkose Labs Fraud and Abuse Report is based on actual user sessions and attack patterns that were analysed by the Arkose Labs Fraud and Abuse Prevention Platform from January through March 2021. These sessions, spanning account registrations, logins and payments from financial services, eCommerce, travel, social media, gaming and entertainment were analysed in real-time to provide insights into the evolving fraud and risk landscape. Unsophisticated bot attacks don’t result in a user session and thus have not been included in this report. The report focuses on attacks from fraud outlets that combine state-of-the-art technology with stolen identity credentials and human efforts.

Leave a Comment

Your email address will not be published. Required fields are marked *

Related Posts