The accelerated shift to digital payments has made online fraud more prevalent than ever, as losses from it are expected to exceed $206 billion over the next five years, driven by identity fraud, fake accounts, and payment fraud. Catalyzed by the pandemic, the shift gained substantial traction in 2021 as the popularity of digital payments skyrocketed, growing by 104% compared to 2020. Add to that the fact that the average person has over 100 online accounts and many stored payment methods within them, and this has created the perfect playground for bad actors. Organizations must ensure that they are able to detect and stop fraudulent activity on their applications.
With an abundance of online accounts and transactions to attack, the techniques that bad actors devise to commit fraudulent acts online are constantly evolving to maximize profits. From sneaky client-side attacks that steal sensitive data to bots that leverage it for fraudulent acts, online fraud has evolved significantly, rendering traditional security tools ineffective. As financial incentives grow and attack costs decrease, the risk for your business increases.
The 2022 Imperva Bad Bot Report: Evasive Bots Drive Online Fraud is now available for download. Get the report today.
Bad bots are a major source of online fraud, standing in the way of legitimate customers and creating disruptions across organizations, from marketing to eCommerce and fraud teams. The kinds of automated attacks bad bots perform are only growing in frequency, intensity, and complexity. Here are five methods cyber attackers use to leverage bad bots to commit automated fraud online:
Account Takeover (ATO)
ATO is a form of identity theft through which bad actors attempt to gain illegal access to user accounts belonging to someone else through brute force techniques, mainly Credential Stuffing.
65% of people reuse their passwords, which means as soon as one account is taken over, their other accounts using the same password are also at risk. Both individual users and businesses see negative impacts from successful ATO, from financial fraud to supply-chain issues.
New Account Fraud
Bad actors use bad bots to create new accounts automatically in massive amounts, generating an army of fake user accounts to commit online fraud, from comment spam to money laundering.
Credit Card Fraud
The most common types of credit card fraud are card cracking and carding, both of which leverage bad bots. Credit card fraud can negatively impact one’s credit score and damages the fraud score of affected businesses.
Card cracking uses bots to spread its guesses of a cardholder’s CVV number, expiration date, and postal code across multiple websites. Carding fraud occurs when criminals run thousands of small purchases to verify stolen card numbers, then resell verified card info to organized crime rings at a much higher price.
Gift Card Fraud
Also known as Gift Card Cracking and Gift Card Enumeration, gift card fraud is becoming more prevalent as bad bots find gift cards with unused balances and sell the gift card numbers on the dark web for an easy profit.
Fraudulent activity is on the rise in the form of spamming. Bad bots flood the internet with spam comments and can spread fake news and drive users to dubious websites.
See all this information in a handy single page PDF, suitable for distribution. Download it now.
Try Imperva for Free
Protect your business for 30 days on Imperva.