World Cup Russia 2018: Running the Fraud Defenses Ragged
Alisdair Faulkner, Chief Products Officer, ThreatMetrix
As France and Croatia look towards Sunday’s final, the tournament is already being lauded as one of the best FIFA World Cups we have ever seen. The drama started before we even got to Russia, with Italy, Holland and USA all failing to qualify, and since then we have seen a shock group-stage exit from the defending champions, dramatic last-minute goals aplenty and 4 penalty shoot-outs to date!
Hosts Russia have blown away any concerns prior to the tournament by putting on a well-organised, safe and good-spirited show. However, according to the latest data from the ThreatMetrix Digital Identity Network® danger does still lurk – but the danger is online.
FIFA issued a warning on the danger of email scams linked to the World Cup that are looking to trick individuals into leaking personal or financial data. However, businesses are also being hit with attacks, with the major deviations from normal transaction trends primarily hitting the travel and online gambling sectors.
Online Gambling Hit by Bot Attacks Amidst a Dramatic Spike in Transactions
Gambling companies have been hit by a big spike in transaction volumes coming from Russia, in particular mobile transactions which saw an 850% growth in volume. As the tournament captures the imagination of people all over the world and an estimated 1 million fans travel to Russia, online betting companies need to ensure they are equipped to process cross-border transactions quickly, efficiently and securely.
In the lead up to the World Cup, ThreatMetrix detected a series of bot attacks on online betting companies. Attackers were testing their defenses to see if high-scale attack would go unnoticed when transaction volumes are abnormally high during the World Cup itself. For example, in the case of one major European betting company, during peak periods bot attacks made 40% of daily traffic.
Organisations experiencing high seasonal online volumes need an accurate way to detect human behaviour from automated attacks without slowing down performance and delaying true consumers.
Increased Fraud Attack Rates on Online Travel Companies
Data from the global ThreatMetrix network also shows that fraudsters are acting to capitalise on higher than normal transaction volumes on travel organisations as we hit the summer months and the peak of a sporting tournament that has captured such large-scale global attention. We are seeing elevated attack rates coming among transactions originating from Russia, meaning fraudsters in the country are deliberately targeting this industry. The key attack vector is identity spoofing, as fraudsters look to use stolen and synthesized identity credentials to open up fraudulent new accounts, make fraudulent payments and take over existing accounts, which often store personal and credit card information.
The experience of one global travel company on the network demonstrates this trend, as they have seen dramatic changes since the beginning of April with a 20% growth in transaction volume accompanied by a 46% growth in attack rates. Attacks are far outpacing the rise in the volume of transactions showing this is a deliberate move from fraudsters to target this industry. In particular, they have seen a 52% growth in identity spoofing as this has emerged as the attack vector of choice when targeting travel companies this summer.
The travel industry has become a highly competitive space, with consumers looking for a fast, easy experience online to quickly book and amend their trips. As travel companies invest in digital strategies that are centered around lowering barriers and increasing conversion rates, they need to employ fraud prevention technologies that work completely behind the scenes and require no additional steps from trusted users.
Just as South Korea featured in the Q1 Cybercrime Report as a surprise originator of attacks when the Winter Olympics were taking place earlier in 2018, attacks from Russia hitting global businesses show interesting trends around the 2018 World Cup. Fraudsters are essentially opportunists – however in today’s world they are sophisticated opportunists operating global cybercrime rings to deliver well-organised and thought-out attacks on areas that they see to be at higher-than-average risk. Around the World Cup, those top targets seem to be online betting and travel industries. However, with the correct technologies in place, all digital businesses can ensure that the focus remains on the action on the pitch – and not on a spike in fraud.
Image Source – Medium https://medium.com/@eclecticiq/a-look-at-the-fifa-world-cup-2018-from-a-cyber-security-perspective-9eb875e316e2
