March 12, 2020

RSA: Financial fraud occurred every two minutes in the end of 2019

By Ellen Daniel

Financial fraud attacks were uncovered every two minutes in 2019 as phishing and malware continues to rise.

This is according to the RSA’s Quarterly Fraud Report, an analysis of the cyber-fraud environment and consumer fraud data in order to “support decision-makers on how to build or refine their digital risk management strategy across customer-facing deployments”.

Between October 1 2019 and December 31 2019 the RSA observed 225,095 financial fraud attacks around the world, amounting to 30 per hour, a 7% increase year-on-year.

The most common types of financial fraud attacks

Phishing, the most common attack vector accounted for 60% of attacks, with this type of attack increasing 54% year-on-year. The country from which most phishing attacks originated was the US, AND Canada was the top targeted country. The United Kingdom and the Netherlands re-entered the top ten for phishing hosting countries in the quarter.

The RSA also observed a rise in fraud and brand abuse attacks, in which an organisation’s brand is misused in order to commit fraud, on social media, which increased 62% year-on-year from 2018.

Financial malware attacks increased 41% in the quarter with account takeover activity continuing to be a preferred attack vector. The RSA also highlighted the risk of credential stuffing in financial malware attacks

This comes after new protection for scam victims was introduced in the UK last year, with eight banks committing to refunding customers affected by fraud.

The number of rogue mobile apps uncovered across popular app stores increased 175%, with three out of five fraudulent transactions originating from mobile browsers in the last quarter of 2019, with the average fraudulent mobile payment worth £371. This suggests that the most common attack vector is shifting from web to mobile.

The RSA also uncovered over 6 million compromised cards, an increase of 19% from the previous quarter, with 83% of compromised cards for sale can be attributed to the United States, India, Spain, Brazil and the United Kingdom.

Read more: Buguroo raises $11m to expand deep learning fraud detection tech.

Verdict deals analysis methodology

This analysis considers only announced and completed deals from the GlobalData financial deals database and excludes all terminated and rumoured deals. Country and industry are defined according to the headquarters and dominant industry of the target firm. The term ‘acquisition’ refers to both completed deals and those in the bidding stage.

GlobalData tracks real-time data concerning all merger and acquisition, private equity/venture capital and asset transaction activity around the world from thousands of company websites and other reliable sources.

More in-depth reports and analysis on all reported deals are available for subscribers to GlobalData’s deals database.

Topics in this article: