One-in-50 online transactions was fraudulent in 2019
Two percent of transactions in online banking and online retail were carried out by fraudsters, and 16 percent of transactions were suspicious and required further investigation according to new analysis by Kaspersky.
Based on anonymized statistics of events detected by Kaspersky's anti-fraud solution from January to December 2019, the most common case of fraud (63 percent) was attempts to access personal accounts using malware or legitimate remote control software.
Tools, such as AnyDesk, TeamViewer, AirDroid and AhMyth, are intended for remote working and troubleshooting. Cybercriminals use them to impersonate someone from a banking service’s support team and ask the intended victim to install one of the applications. That way, they obtain access to victims' devices, allowing them to reveal the user’s pin, one-time password, withdraw money or even submit loan applications.
In online retail 44 percent of all cases involved the creation of fake accounts. By signing up for multiple registrations in retail loyalty programs, criminals receive welcome bonus points which they go on to sell at a discount. Creating a large number of accounts manually is a time consuming endeavor though, so fraudsters often use bots or tools programmed to perform the required actions automatically.
"It can be difficult to detect fraudsters as they often use legitimate tools and are good at mimicking genuine user behavior," says Claire Hatcher, head of business development for Kaspersky Fraud Prevention. "For example, remote access tools are not always malicious, so they will not be detected by an anti-virus solution. There is also nothing wrong with registering a new account in a loyalty program, however, it is suspicious when a large number of users come from a single IP address or have similar mouse tracings. That is why we continually examine how fraudulent schemes are evolving in order to optimize our solution."
The full report is available from the Kaspersky site.