Security experts are warning consumers and e-commerce merchants that over 50 million global fraud attacks are expected next week as scammers look to capitalize on a busy shopping season.
Next week marks Thanksgiving in the United States, followed by the notorious Black Friday sales event, and then Cyber Monday- a weekend that’s expected to generate over £7 billion in sales for UK retailers. These fraudsters typically use these busy shopping periods to hide their activity from e-commerce filters.
While consumers are busy scrambling looking for the best deals, fraudsters are stockpiling identity data that’s flooded the dark from recent high profile breaches. These criminals typically use automated bots to test credentials first before the breaches are publicly disclosed, claims ThreatrMetric VP, Vanita Pandey. She also claims that next week there will be an estimated 5-8 million daily identity testing attacks.
Those that pass the initial test will be used to launch large-scale fraud attempts, with new account registrations twice as likely to be fraudulent than payments.
Over the past 90 days, the fraud prevention vendor detected 171 million attacks, representing at 32 percent increase since the start of 2017. “Many e-commerce merchants choose to accept a greater degree of risk on these key days in order to accept more transactions and reduce the chance that good customers experience friction when placing orders,” claims Pandey.
Pandey also explained, “Fraudsters see peak shopping days as the opportunity to make larger purchases/attempt to redeem bigger basket sizes, which are less likely to be flagged as suspicious in among the sea of other high-value purchases being made by good customers.”
Security experts are warning the UK and European retailers, in particular, to be extra careful of fraudulent activity, because online transactions are 63 percent more likely to be fraudulent there than in the North America.
Ahead of the upcoming busy shopping season, NNT recommends retailers remove all system vulnerabilities by applying our PCI Compliance Benchmark Reports to your servers, databases, firewalls, and network devices. Then, continuously monitor critical systems for signs of breach activity with real-time, contextual FIM, combined with configuration hardening and monitoring.
For details on how NNT can help you achieve PCI Compliance, check out NNT’s PCI CSS Compliance Briefing listing the requirements of PCI DSS V3.2 where NNT Change Tracker and Log Tracker can provide a solution. View the chart here
Read the article on InfoSecurity Magazine