New account registrations represent the highest rate of online attacks according to new data just by ThreatMetrix, a provider of cybercrime prevention solutions.
Attacks on new account registrations, using both spoofed and synthetic identities, saw the highest rate of attacks followed by account logins and payment fraud. One in ten registrations for online services, according to Threatmetrix data, originates from a cybercriminal.
“This isn’t surprising in light of large scale data breaches recently highlighted by Symantec in their Internet Security Threat Report 2013 and Verizon in its 2013 Data Breach Investigations Report,” said said Alisdair Faulkner, chief products officer, ThreatMetrix. “These breaches underscore the relative ease of obtaining a person’s full identity information sufficient enough to bypass most identity verification capabilities.”
According to Faulkner, the most common form of stolen identities is by human or bot-generated fraud attacks directed through proxies and Virtual Private Networks (VPNs) intended to disguise the true origin of the attacker. These bypass IP address-based geo filter blacklists that also have the downside of unknowingly blocking legitimate visitors.
“The economic impact of these attacks varies by industry,” added Faulkner. “However, the common thread is that without automated visibility into the true device, persona, relationship and global behavior, the only alternative is additional verification roadblocks put in front of legitimate customers and extended review and hold-out periods.”