Holidays Could See 1 Million Fraud Attacks per Day
Posted by: Timothy Weaver on 11/19/2016 10:24 AM
[
Comments
]
What’s on the agenda for the holidays in retail? If you’re working in the U.K., it means an estimated 1 million fraud attempt per day.
Black Friday and Cyber Monday are also expected to be flooded by fraud to the level of 50 million global online fraud attacks.
ThreatMetrix product and data evangelist, Rebekah Moody, said: “It’s not that fraudsters expect IT teams to take their eye off the ball, but they are opportunists, so are looking to take advantage of periods where their fraudulent transactions are less likely to be spotted."
This is the time of year when high level transactions take place and fraudsters are looking to sneak past the gate watchers.
Retailers can expect the scammers to be using automated bots.
“These have evolved from being the traditional brute force attacks that were traditionally stopped by WAFs,” she added. “They’re now much cleverer, adopting low and slow attack rate patterns to masquerade as legitimate human traffic. They might even sneak in a good transaction to trick the system as they mass test and validate stolen identity credentials harvested from data breaches.”
Users should also be aware of socially engineered emails in order to take over the account after the customer has legitimately logged in.
Source: Info Security
Black Friday and Cyber Monday are also expected to be flooded by fraud to the level of 50 million global online fraud attacks.
ThreatMetrix product and data evangelist, Rebekah Moody, said: “It’s not that fraudsters expect IT teams to take their eye off the ball, but they are opportunists, so are looking to take advantage of periods where their fraudulent transactions are less likely to be spotted."
This is the time of year when high level transactions take place and fraudsters are looking to sneak past the gate watchers.
Retailers can expect the scammers to be using automated bots.
“These have evolved from being the traditional brute force attacks that were traditionally stopped by WAFs,” she added. “They’re now much cleverer, adopting low and slow attack rate patterns to masquerade as legitimate human traffic. They might even sneak in a good transaction to trick the system as they mass test and validate stolen identity credentials harvested from data breaches.”
Users should also be aware of socially engineered emails in order to take over the account after the customer has legitimately logged in.
Source: Info Security
Comments
