Bots presenting a substantial risk to banks and retailers

A report revealed the last 90 days have seen a 35 per cent increase in such attacks

botnet

Banks and online retailers are being increasingly targeted by bots, a report by ThreatMetrix has revealed.

Research carried out for its Q1 Cybercrime Report showed 35 per cent more attacks occurred over the last 90 days than in previous periods, although 311 million of these were stopped.

ThreatMetrix said it is increasingly finding hackers are using "low and slow attacks" to target banks and online retailers, which have the potential to evade detection because they look like genuine users, rather than fraudsters.

Advertisement - Article continues below

One of the reasons criminals are deciding to use this approach is because so much hacked personal information is available for them to buy from the dark web. This data can then be used to attack institutions as if they were real people.

"Consumer data is everywhere. Fraudsters can create pitch-perfect attacks because they know so much about us," Vanita Pandey, vice president of strategy and product marketing at ThreatMetrix, said.

The attacks are harder to detect because they are not always picked up by traditional control measures, meaning the usual ways of finding and reacting to threats aren't working anymore, Pandey added.

"The challenge for digital businesses today is that cybercriminals are becoming so sophisticated at building convincing identities using a jigsaw of stolen credential pieces, it is becoming harder than ever to distinguish them from legitimate customers," continued Pandey.

Advertisement
Advertisement - Article continues below

"It is only by looking holistically at the context of the transaction, along with all the information we know about the user, that organisations have the power to stop fraudsters in their tracks."   

Advertisement - Article continues below

She said businesses must become smarter at detecting every type of attack, including automated identity testing sessions and those that seemingly hijack individual accounts.

"This starts with really understanding the digital identities of consumers so that high-risk behaviour can be detected in real-time," she explained.

Another way businesses can help to quash the threat is by developing tools that can work out the difference between a human and a bot before the risk becomes a problem.

Featured Resources

Navigating the new normal: A fast guide to remote working

A smooth transition will support operations for years to come

Download now

Putting a spotlight on cyber security

An examination of the current cyber security landscape

Download now

The economics of infrastructure scalability

Find the most cost-effective and least risky way to scale

Download now

IT operations overload hinders digital transformation

Clearing the path towards a modernised system of agreement

Download now
Advertisement

Recommended

Visit/security/ransomware/356292/university-of-california-gets-fleeced-by-hackers-for-114-million
ransomware

University of California gets fleeced by hackers for $1.14 million

30 Jun 2020
Visit/security/cyber-security/356289/australia-announces-135b-investment-in-cybersecurity
cyber security

Australia announces $1.35 billion investment in cyber security

30 Jun 2020
Visit/cloud/cloud-security/356288/csa-and-issa-form-cybersecurity-partnership
cloud security

CSA and ISSA form cyber security partnership

30 Jun 2020
Visit/business/policy-legislation/356215/senators-propose-a-bill-aimed-at-ending-warrant-proof-encryption
Policy & legislation

Senators propose a bill aimed at ending warrant-proof encryption

24 Jun 2020

Most Popular

Visit/laptops/29190/how-to-find-ram-speed-size-and-type
Laptops

How to find RAM speed, size and type

24 Jun 2020
Visit/security/vulnerability/356295/microsoft-patches-high-risk-flaws-that-can-be-exploited-with-a
vulnerability

Microsoft releases urgent patch for high-risk Windows 10 flaws

1 Jul 2020
Visit/policy-legislation/data-protection/356344/eu-institutions-warned-against-purchasing-any-further
data protection

EU institutions told to avoid Microsoft software after licence spat

3 Jul 2020