Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Endpoint Security

07:55 AM
Larry Loeb
Larry Loeb
Larry Loeb

Mobile Fraud Is on the March, Finds New RSA Report

The RSA Quarterly Fraud Report observed several global fraud trends across attack vectors and digital channels, with attacks from rogue mobile applications up 300%.

The RSA Quarterly Fraud Reportis a new brand of report containing fraud attack and consumer fraud data and analysis from the RSA Fraud and Risk Intelligence team. They call it "a snapshot" of the cyber-fraud environment, hoping to provide actionable intelligence to consumer-facing organizations and effect a more effective digital risk management.

Starting January 1, 2019, and ending March 31, 2019, RSA observed several global fraud trends across attack vectors and digital channels.

One was that fraud attacks from rogue mobile applications increased 300%, from 10,390 rogue apps in Q4 to 41,313 in Q1.

Along with this, phishing accounted for 29% of all fraud attacks observed by RSA in Q1. While RSA says that overall phishing volume increased less than 1% quarter over quarter, in terms of overall fraud attacks, phishing decreased sharply due to what they called "the exponential growth of attacks launched by rogue mobile apps."

Forty-eight percent of all the fraud attacks observed in Q1 were phishing attacks, with Canada, the US, India and Brazil being the top countries targeted by phishing.

Canada as a prime target may seem incongruous at first look, but one must remember that Interac, the Canadian interbank network, underwent a relaunch in Q1. Cybercriminals looking to test their efforts against the new version of Interac may be accountable for the rise that was seen by RSA.

Fraud attacks that were involved in introducing financial malware to a system increased 56%, from 6,603 in Q4 to 10,331 in Q1. Let's not forget what powers Internet ecommerce, in all of this. A credit card is the tool used to grease that commerce machine. But the actual card’s presence is not needed for an ecommerce transaction. This disconnect can allow fraud.

RSA saw that Card-not-present (CNP) fraud transactions increased 17% in Q1, and 56% of those were seen by RSA to originate from the mobile channel. The average value of a CNP fraud transaction in the US was $403, nearly double that of an average genuine transaction which came in at $213.

And, of course, RSA would like it to be known that they recovered over 14.2 million unique compromised cards in Q1, which was a 33% increase from the previous quarter.

Now, it's much easier to conduct transactions through the mobile channel than on the web channel. This can be another factor in the spike that RSA has seen. The criminals that are drawn to it can transact as they go. Organizations are also starting to also add new functionality to mobile apps which may be of use to a cybercriminal. New account/new device combinations were found to be 32% of all fraudulent transactions. Fraudsters are seemingly turning to new, unused devices to enable their new profile frauds.

RSA also found the quarter has seen the rise of account checker studio programs. These open up the creation of account checkers-style automated attacks to the broader fraud community. RSA expects a growth in automated credential stuffing and account takeover attacks over the next few quarters as these studio creators gain in popularity.

— Larry Loeb has written for many of the last century's major "dead tree" computer magazines, having been, among other things, a consulting editor for BYTE magazine and senior editor for the launch of WebWeek.

Comment  | 
Print  | 
More Insights
Oldest First  |  Newest First  |  Threaded View
I Smell a RAT! New Cybersecurity Threats for the Crypto Industry
David Trepp, Partner, IT Assurance with accounting and advisory firm BPM LLP,  7/9/2021
Attacks on Kaseya Servers Led to Ransomware in Less Than 2 Hours
Robert Lemos, Contributing Writer,  7/7/2021
It's in the Game (but It Shouldn't Be)
Tal Memran, Cybersecurity Expert, CYE,  7/9/2021
Register for Dark Reading Newsletters
White Papers
Current Issue
How Enterprises are Attacking the Cybersecurity Problem
Concerns over supply chain vulnerabilities and attack visibility drove some significant changes in enterprise cybersecurity strategies over the past year. Dark Reading's 2021 Strategic Security Survey showed that many organizations are staying the course regarding the use of a mix of attack prevention and threat detection technologies and practices for dealing with cyber threats.
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
PUBLISHED: 2021-10-22
BQE BillQuick Web Suite 2018 through 2021 before allows SQL injection for unauthenticated remote code execution, as exploited in the wild in October 2021 for ransomware installation. SQL injection can, for example, use the txtID (aka username) parameter. Successful exploitation can include ...
PUBLISHED: 2021-10-22
Draytek VigorAP 1000C contains a stored cross-site scripting (XSS) vulnerability in the RADIUS Setting - RADIUS Server Configuration module. This vulnerability allows attackers to execute arbitrary web scripts or HTML via a crafted payload in the username input field.
PUBLISHED: 2021-10-22
Aplioxio PDF ShapingUp contains a buffer overflow which allows attackers to cause a denial of service (DoS) via a crafted PDF file.
PUBLISHED: 2021-10-22
Portable Ltd Playable v9.18 was discovered to contain an arbitrary file upload vulnerability in the filename parameter of the upload module. This vulnerability allows attackers to execute arbitrary code via a crafted JPEG file.
PUBLISHED: 2021-10-22
Swift File Transfer Mobile v1.1.2 and below was discovered to contain a cross-site scripting (XSS) vulnerability via the 'path' parameter of the 'list' and 'download' exception-handling.