Financial institutions (FIs) receive the highest percentage of sophisticated attacks amongst all industries, with 96%, up from 90% in 2019, according to the report of NuData Security, a behavioral biometrics company based in Canada.
The financial industry is among, if not the top, target of bad actors considering the type of client data it posses. With this in mind, banks and other financial institutions increased their security spending and heightened security posture making it difficult for cybercriminals to conduct “basic attacks.”
As a result, bad actors also stepped up their techniques and developed more sophisticated attacks that “could bypass bot-detection security tools.”
NuData said it expects to continue seeing human-looking attacks increase across all industries.
The report “2020 H1: Fraud Risk at a glance” is the product of six months (January-June) of closely monitoring global online changes across NuData network. One of the major findings is that “human-looking or sophisticated attacks, those that focus on quality instead of volume, continue to increase. “
The report finds that the type of improvement actors did so it can attack FIs is developing tools that exhibit “human-like behaviors.” In the six months NuData conducted the research, it found “high-quality attacks that try to resemble human behavior and often include human intervention” and that includes solving CAPTCHA or “I am not a robot” security tests.
NuData found that FI online traffic grew in mid-April when lockdowns were enforced. High-rish traffic remained unchaged during the pandemic and bad actors were highly focused on FIs.
Attackers found new targets as lockdowns forced consumers and businesses to adopt digital transactions and that includes online and cashless payments. NuData said “account creation attacks increased” signficantly with high-risk account creation attempts among a number of merchants also increased after the lockdowns began.”
Travel follows FI in terms of the percentage of attacks, and attacks on ecommerce had the third most percentage.
Bad actors use new fake accounts prying on online merchants making fraudulent purchases with stolen card information or “to buy sought-after and restricted goods at mass scale for later resale.” NuData said its NuData platform flagged 1 in 2 account creation attempts from March to June this year.
This analysis is enriched by the NuData Trust Consortium, a powerful host of information about attempted attacks on NuData clients. The Consortium is used to gather historical trends and train the machine learning models for attacker recognition and fraud prevention solutions. The insights developed by the Trust Consortium inform Mastercard’s approach to protecting trust and securing the entire digital ecosystem.