‘Twas the Season to Attack: Large Online Retailers Pummeled Over 2016 Holiday Season

Share Article

NuData's intelligence shows that leading online retailers were attacked relentlessly by bots, botnets and other scripted attacks.

Bad Bots Attack

NuData Finds Bad Bots Attack Over Holidays

The growing sophistication of cybercriminals is evident in the evolution of attacks, their strategic timing, and the use of advanced tools such as malicious programs that allow a relatively few technically skilled cybercriminals to conduct cybercrimes.

NuData Security – RSA Booth N2907 | NuData's Intelligence +400% Increase in Automated Attacks over Q4 holidays

NuData Security, an award-winning behavioral biometrics company, announced today that they had observed a 400 percent surge in automated online attacks over the 2016 holiday period.

  • NuData data scientists discovered an increase in maliciously scripted botnet activity of over 400 percent against many large online retail client sites during the last quarter of 2016 compared to the previous year.

     - Malicious scripted, bot, and bot-net activity accounted for 31% of all login activity for the month of December.
     - Had they been successful, these automated attacks would have been used to power identity-based account takeover (ATO) and a wide array of cybercrime activities over the holiday period, including account data theft, transaction fraud, coupon and reward abuse.

  • NuData found high levels of new account fraud in September and October of 2016, with some online merchants experiencing a record-breaking 60 percent of new accounts opened with fraudulent intent in the lead up to the holiday season.

         - Much of the increase in new account fraud was spoofing human input characters such as keystrokes and mouse movements and putting these in through scripts to look more legitimate. For a good example of how this type of attack can occur, see this rewards fraud case.
     - The fraudulent creation of new accounts waned during the last few weeks of the fourth quarter, falling to 22 percent in late December, indicating that cybercriminals switched their focus from fraudulent new account openings to scripted account-based fraud attempts over the holidays.

  • In 2016 NuData found that attacks against the login of NuData’s clients’ sites doubled over the previous year.

         - Both the volume and sophistication of these attacks spiked, fed by the increased availability and low-cost of stolen consumer credentials available for sale on the Dark Web, harvested from massive data breaches in 2015 – 2016.

  • There is a demonstrated increase in the sophistication of automation, with bad actors using legitimate GUI-like automation trying to manipulate how pages are used.

         - Fraudsters leverage volumetric spikes in activity over holiday shopping periods to circumvent detection – and policies that retailers deploy to lower the risk threshold to ensure good customer experience over the holidays.
         - Bad actors are using increasingly sophisticated tactics to mimic human behavior and adjust the timing of their attacks, such as using basic bots to perform velocity type functions to complex bots that are spoofing IPs, emulating devices, apps or browsers.

  • NuData found that account takeover continues to be a dire problem. What makes ATO so dangerous is fraudsters target accounts created by real users, containing legitimate consumer payment methods such as credit cards, and use their stolen credentials to access these accounts.

        - November/December 2016 ATO events on several large retailers
        - Over 7.6 Million confirmed attack events -- that’s nearly 40 legitimate accounts compromised, every second.

Robert Capps, vp of business development for NuData Security explains, “Cybercriminals are using bots to run automated tasks that increase the efficiency of attacks on confidential data such as login and payment details. The growing sophistication of cybercriminals is evident in the evolution of attacks, their strategic timing, and the use of advanced tools such as malicious programs that allow a relatively few technically skilled cybercriminals to conduct global cybercrimes, effectively scaling the growth of cybercrime exponentially.”

_________________________

About NuData
NuData Security is a behavioral biometrics company. It helps companies identify users based on their online interactions. NuData’s flagship product - NuDetect is used by some of the biggest brands in the world to prevent fraud and offer a great customer experience. NuDetect is trusted by some of the largest e-commerce and banking companies in the world to protect them from threats like automated account creation, account takeover, and transaction fraud. NuDetect continuously verifies a users’ online identity by authenticating the user based on their natural interactions online – behavior that can't be mimicked or replicated by a third party. NuData Security verifies that the behavior observed in a session is consistent with their profile. By analyzing over 80 billion behaviors annually, NuData harnesses the power of behavioral and biometric analysis, enabling its clients to accurately identify the human behind the device. This allows clients to verify users before a critical decision, stop automation, reduce customer insult, and investigate bad actors efficiently. Unlike single-point solutions, NuDetect uses the power of its four integrated technologies to detect anomalous and high-risk behavior in real-time and across the NuData Trust Consortium.

Share article on social media or email:

View article via:

Pdf Print

Contact Author

Lara Lackie

Jan Wiedrick-Kozlowski
@NuDataSecurity
Follow >
Follow us on
Visit website