While digital transformation has been underway for years, and consumer behavior has adapted to the increasing dominance of the online world, nobody could have predicted the seismic jump forward the COVID-19 pandemic would catalyze, forcing entire sectors online. This was common knowledge to those in the retail sector and to cybercriminals looking to monetize this trend. The PerimeterX Automated Fraud Benchmark Report analyzed billions of online transactions revealing dramatic shifts in online behavior during 2020, including a new normal of higher volume, frequency and sophistication of account takeover (ATO), carding, scraping, and checkout attacks. Here are five key takeaways retailers should be aware of as they respond to this new, digitally transformed world:
1. Cybercriminals Ramped Up Their Activity
Chaos is a cybercriminal's best friend. PerimeterX found a dramatic increase in malicious activity, from ATO attacks, e-gift card fraud, checkout attacks, which spiked 664 percent at the beginning of the pandemic, and web scraping attacks. Traffic from scraping increased 56.7 percent in the spring of 2020. The cybercriminal economy was thriving as the overall economy was faltering. This was hugely evident when we observed triple-digit spikes in malicious checkout activity in April 2020, which we believe was a result of cybercriminals working to arbitrage harder-to-find goods in order to drive revenue at increased margins. In short, cybercrime doesn't exist in a vacuum.
2. New Sectors and Verticals Were Exposed to Cybercrime
A diverse mix of online merchants faced attacks throughout the pandemic as criminals expanded both into new verticals such as cleaning supplies and exercise equipment, and attacked smaller businesses more frequently than before. This change reflects something that security practitioners have known for some time: you’re never too small or niche to be a target.
3. ATO Attacks Became King
The sectors which did experience more automated fraud in 2020, such as home goods, e-learning and exercise equipment, were targets of increasingly sophisticated ATO attacks. Increased ATO attacks were made possible by the ongoing cadence of data breaches, making an ever-larger set of credentials available for purchase on the dark web. Our research showed that cybercriminals began testing login credentials and passwords in September, preparing early for attacks during the classic Cyber 5 holiday period — the five-day period between Thanksgiving and Cyber Monday.
4. Fraud Specialization is a Major Concern
Specialization is the next stage in the monetization of fraudulent activity targeting retailers. This may involve selling lists, renting botnets, or offering attack technology as a service. This has led to greater efficiency and a lower bar for attackers, who can literally rent attack tools to run a campaign. The growing concern here is that as-a-service offerings will facilitate further explosions of fraudulent activity, in the same way that the expansion of ransomware-as-a-service did for ransomware infections.
5. The Seasonality of Cybercrime for Retailers is Disappearing
Once upon a time, the security teams of e-commerce retailers knew they would be busiest around Cyber 5. However, Cyber 5-caliber attacks began to appear earlier in the year and occurred at every holiday, with Valentine’s Day, Memorial Day, Mother’s Day, Father’s Day, and Fourth of July seeing increases in gift-carding attacks of between four and eight times. This indicates that the previously understood seasonality of cybercriminal activity is disappearing. This means that the measures previously only deployed for Cyber 5 and the holiday season need to be deployed year-round in order to keep the digital storefront of your business safe.
With this new normal and environment of higher volume, frequency and sophistication of attack activity, e-commerce retailers must adopt strategies to secure their web applications. Only then will they continue to grow their sales and profits, use their infrastructure efficiently, and protect their customers and their brand reputation.