Networked Bot Attacks Increase as Human-Initiated Attack Levels Fall

  • Risk Management
  • 14.09.2021 04:40 pm

Digital Transformation throughout the World Continues to Drive Transaction Growth and Fraudulent Activity

LexisNexis® Risk Solutions today released the findings of its latest Cybercrime Report, which covers the first half of 2021. This edition of the biannual report reveals that bot attack volumes grew 41% year over year with human-initiated attacks falling 29%. The report confirms earlier trend patterns showing the financial services industry and media businesses bear the brunt of increased automated bot network attacks.

The Cybercrime Report is an analysis of transaction data from the LexisNexis® Digital Identity Network®. It analyzed 28.7 billion transactions over the six-month period, up 28% year on year, attributed to increased transaction volumes from existing customers and an increased customer base within the Digital Identity Network®. The increased shift to digital payments seen across advanced economies during the pandemic appears to be a permanent change, while accelerated digital transformation in emerging economies and industries continue to drive transaction growth as well as catch the attention of fraudsters.

The first half of 2021 saw geographical shifts in attack volumes observed across transactions occurring within the Digital Identity Network. Based on bot IP addresses, Mexico joins Brazil on the top ten list of largest originators of bot attacks by volume, further establishing Latin America (LATAM) as a hotspot for both automated and human-initiated attacks. Attack rates originating from North America and Europe, Middle East and Africa (EMEA) have historically been similar and lower than the other regions. Since March 2021, however, North America recorded higher daily attack rates that now exceed those in EMEA, marking a sustained change in cybercriminal behavior in the U.S. and Canada, which may be linked to an earlier transition towards a post-pandemic world.

Key findings from The LexisNexis® Risk Solutions Cybercrime Report, January to June 2021:

  • Bot attacks increase globally – All regions have recorded growth in bot volumes between January-June 2021 in comparison to the same period last year. This was most marked in the Asia Pacific (APAC) and LATAM regions, with EMEA experiencing the smallest growth.
  • Industry innovations altered risk profiles – The online payment market continues to proliferate and diversify. Buy now pay later (BNPL) services and digital wallets are becoming an increasingly popular payment method, with BNPL transactions growing 182% year-over-year. This growth is likely to continue as it caters to the increasing population of consumers who are transacting more online. However, it also creates new avenues of attack for cybercriminals.
  • Financial services institutions deployed new methods to track money mules – Advances in beneficiary intelligence within the Digital Identity Network are making it less complicated for banks and other payment service providers to track payment transfers involved in money mule activity. This includes when the beneficiary tries to hide their tracks by splitting the initial payment and routing it via other entities in the payment network.

“Today’s report not only confirms cybercriminals’ reliance on automated processes, but also highlights that fraudsters are further establishing sophisticated and expansive networks to conduct fraud,” said Stephen Topliss, vice president of fraud and identity for LexisNexis Risk Solutions. “Explosive transaction and user growth rates in industry sectors such as virtual banks and buy now pay later are likely exposing emergent risks for these newer businesses as they grab the attention of fraudsters. The digital businesses that survive and thrive will be those that deploy layered cybercrime prevention solutions as they scale.”

Download a copy of the LexisNexis Risk Solutions Cybercrime Report, January through June 2021. Join Stephen Topliss in a global webinar on Tuesday September 14th, 4pm BST, when he will highlight the latest Cybercrime Report findings.

Related News