Fraudulent transactions originating from a mobile app during the first quarter increased by 200 percent since 2015, a new report found.
In addition, abuse of social media platforms is a growing problem, with social media replacing the dark web as the top hacker marketplace, said researchers in the RSA Quarterly Fraud Report.
As it turns out, the proportion of fraudulent transactions carried out on a mobile app has jumped from 5 percent in 2015 to 39 percent in the first quarter of 2018 – the volume of fraudulent transactions has risen by 680 percent overall and by 63 percent since Q1 2017, according to the report.
On the good news side, the use of traditional web browsers for fraudulent transactions is on the decline, dropping from 62 percent to 35 percent since 2015.
Eighty-two percent of observed fraudulent e-commerce transactions originated from a new device in Q1 2018, as hackers try to avoid detection.
The survey found bad guys used a new account and new device in 32 percent of all the fraudulent transactions seen during the quarter, suggesting many are attempting to use stolen identities to create “money mule” accounts as part of their cashing out process.
In addition, despite being one of the oldest online fraud tactics, phishing accounted for 48 per cent of all fraud attacks observed in Q1 2018.
“There has been a sharp rise in the volume of legitimate transactions carried out over mobile apps, so it’s only natural that hackers have followed suit in targeting mobile channels for fraud,” said Daniel Cohen, director at the RSA Fraud and Risk Intelligence Unit. “Unfortunately, many mobile apps fail to build security from the ground up. This means cybercriminals and fraudsters are able to slip through the cracks, hijacking mobile applications and siphoning off credentials and funds. As mobile-related fraud continues to grow, consumers and businesses alike need to be aware of the risks.”
The increasing availability of social media on mobile devices has created a thriving cyber-criminal ecosystem, with more than 4 out of 5 hackers using new devices to carry out fraudulent transactions and avoid being caught.
“Social media provides the perfect control station for cyber criminals, who can easily create profiles using fake details to operate on the platforms before collaborating with other fraudsters in closed groups, or peddling stolen wares in online marketplaces,” Cohen said. “Social media’s scalability, anonymity and reach is providing cyber criminals with the perfect disguise; they can jump between accounts and devices at will, rarely using the same device twice.”
RSA provided recommendations to help from becoming a cyber fraud victim:
• People must practice caution when downloading new apps, making sure to verify the publisher and pay close attention to what permissions each app requests
• Avoid clicking on links in text messages or emails from unfamiliar senders
• Smaller purchases will often be made first to test the waters, so monitoring bank accounts for suspicious purchasing activity is vital to catch fraudsters early in the act
“We all need to take a share of the responsibility for reducing and preventing fraud – from the consumer, through to the banks and social media platforms,” Cohen said. “After all, fraud is not going away any time soon and can be very costly, to individuals and businesses alike. We need to get better at spotting it, by being more aware of it.”