The total potential loss for financial services globally is estimated at £8 billion

Researchers at ThreatMetrix observed that online financial services and lending companies were the most targeted by crooks in 2016.

Online financial services, lending companies, and alternative payment systems are privileged targets of threat actors. According to the researchers at the security firm ThreatMetrix, the number of cyber attacks against online lending companies and alternative payment systems increased by 122% in 2016.

The cyber attacks against financial services cost consumers £8bn in 2016, the significant increment is associated with the increased propensity of customers in using online financial services.

“Due to its surge in popularity, and fast transaction cycles, online lending has become a prime target for cyber criminals,” explained Vanita Pandey, vice president of strategy at ThreatMetrix. “Online lenders are under increasing pressure to adopt smarter authentication methods to accelerate genuine loans and prevent fraud.”

Let us consider that the number of financial services transactions online in the UK grew by 10% in 2016.

The number of attacks targeting alternative lending has increased by 150% since Q3 2016.

The vast majority of attacks against the financial services leverages on fake or stolen credentials last year, ThreatMetrix detected 80 million attacks.

The identity theft was the most common crime in the UK last year, the availability of data resulting from the numerous data breaches allowed crooks to launch an impressive number of attacks.

According to the latest ThreatMetrix Cybercrime Report, new emerging countries appear on the cybercrime frontlines, the majority of fraudulent activities originated in developing nations, including Brazil, Egypt, Ghana, Jordan, Nigeria, and Macedonia.

“Brazil emerged in Q4 as a major attack destination, and ThreatMetrix saw a significant increase in attacks coming from emerging economies, including Tunisia, Ukraine, Malaysia, Bangladesh, Pakistan, Serbia, Morocco, Guadeloupe, Qatar and Cuba. Identity spoofing is the leading attack vector in such economies.” reads the report.

Below further key findings from the report:

• Nearly 122 million attacks were detected and stopped in real-time, an increase of more than 35% over the previous year.
• Growth in attacks outpaced overall transaction growth, and the overall rejected transaction rate grew 15% — demonstrating heightened risk levels.
• 45% of transactions now come from mobile devices, rising to 55% in financial services, as users log in almost daily to check their bank balance via mobile apps. Mobile devices are increasingly becoming the primary conduit for transacting online, with businesses moving from digital-first strategies to mobile-first ones.
• Mobile-only users have increased across all industry groups, rising to 40% in financial services. For a sizable minority, desktops are becoming obsolete, as the breadth and depth of mobile products and services stretches to allow mobile-only usage.
• Cross-border transactions are growing in prevalence; more than a quarter of transactions in the network are now cross border, but these continue to be approached with caution and are rejected more than twice as much as domestic transactions.

[adrotate banner=”9″]

Pierluigi Paganini

(Security Affairs – financial services, cybercrime)