ThreatMetrix Report Reveals Fraudulent Transaction Activity on Desktop and Mobile for 2011 Holiday Season

Share Article

The Cybercrime Prevention Provider Analyzed Data Across its Global Network to Identify Risky Transactions by Device

News Image

ThreatMetrix compiled data on the percentage of desktop and mobile transactions that were classified as risky -- or potentially fraudulent -- over the 2011 holiday season.

ThreatMetrix™, the fastest-growing provider of integrated cybercrime prevention solutions, announced today that it has released data on the percentage of desktop and mobile transactions that were classified as risky -- or potentially fraudulent -- over the 2011 holiday season.

Findings revealed that while desktop transactions were still more risky than mobile transactions on average, the risk level remained fairly consistent across devices during the month of December; there was a slight increase in fraudulent activity the days leading up to and following Christmas day. Data was gathered across the ThreatMetrix™ Global Network.

“Online commerce is becoming a preferred channel, as its convenience and oftentimes competitive pricing are appealing factors to today’s consumers,” said Alisdair Faulkner, chief products officer, ThreatMetrix. In fact, comScore reported that shoppers had spent almost $32 billion online for the holiday season during the first 32 days of the November and December 2011 holiday shopping season, which marks a 15% increase from a year ago. “As businesses continue to build a cross-channel presence, it’s essential they understand the inner workings of the fraud network to effectively prevent cybercrime.”

Faulkner added that today’s online fraudsters have evolved from individuals and small groups, to professional worldwide networks. In 2010, fraud-related e-commerce revenue loss in the U.S. and Canada totaled $2.7 billion, according to CyberSource’s 2011 Fraud Report, and those numbers are only expected to rise.

Given the 2011 fraud season of notable cybercrimes, ThreatMetrix compiled a “Circle of Fraud” overview for how fraudsters typically operate in various industries:

  • Banking: Fraudsters write software that can compromise bank accounts. The software intercepts user login sessions, enabling the hacker to transparently access the account funds.
  • Social Networking: Hackers purchase compromised scripts – containing false credentials – to register on social networking sites. Fake social profiles are auto-created using the compromised scripts. Using the fake profiles, hackers distribute spam emails containing viruses that infect the recipients’ device.
  • Domestic E-Commerce: Using stolen credentials from virus-infected computers, e-commerce hackers visit compromised online retailers and steals customers’ credit card information by using SQL injection attacks.
  • Online Gaming: Fraudsters verify the validity of stolen credit cards by sending out scripts to target gaming and gambling sites for the purchasing of virtual currencies. Once these virtual transactions are approved, the fraudster tests the stolen credit cards by using its available funds.
  • Global E-Commerce: Hackers located overseas tunnel through compromised computers and use stolen credit cards to place online orders. The websites don’t detect the invasion because the hacker’s IP address mirrors that of the compromised computer. These more advanced cybercriminals visit online hacker forums where they pursue information about the compromised devices that correspond to the stolen identities.
  • Third-Party: These individuals receive stolen goods and repackage them for fraudsters. They are sometimes unaware of their role in the “Circle of Fraud.”

For more information on how fraud networks typically operate, view the “Circle of Fraud” infographic or visit

About ThreatMetrix

ThreatMetrix is the fastest-growing provider of integrated cybercrime prevention solutions. The ThreatMetrix™ Cybercrime Defender Platform helps companies protect customer data and secure transactions against fraud, malware, data breaches, as well as man-in-the browser (MitB) and Trojan attacks. The Platform consists of advanced cybersecurity technologies, including TrustDefender™ ID, which is cloud-based, real-time device identification, as well as malware protection with TrustDefender™ Cloud and TrustDefender™ Client. The company serves a rapidly growing global customer base across a variety of industries, including financial services, e-commerce, payments, social networks, government, and healthcare.

For more information, visit or call 1-408-200-5755.

© 2012 ThreatMetrix. All rights reserved. ThreatMetrix, TrustDefender ID, TrustDefender Cloud, TrustDefender Client, the ThreatMetrix Cybercrime Defender Platform, and the ThreatMetrix logo are trademarks or registered trademarks of ThreatMetrix in the United States and other countries. All other brand, service or product names are trademarks or registered trademarks of their respective companies or owners.


Share article on social media or email:

View article via:

Pdf Print

Contact Author

Lauren Eichmann
Walker Sands Communications
Email >

Dan Rampe
Email >
Visit website