Data gathered by RSA’s Fraud and Risk Intelligence (FRI) unit – a team of experts who infiltrate cybercriminal groups to unearth fraud campaigns and track their proliferation – shows that the total number of global fraud attacks the team detected in the first half of 2019 was 63% higher than the number detected in the second half of 2018, rising from 86,344 to 140,344.
According to the research, fraud attacks originating from fake mobile applications rose by 191% in the first half of 2019, to more than 57,000, as cybercriminals continue to abuse legitimate brands as a channel to commit fraud.
E-commerce payment fraud attempts originating from a ‘trusted’ account – such as one known to the RSA fraud system for 90+ days – but a ‘new’ device increased from 20% to 80% of total e-commerce fraud, as perpetrators double-down on account takeovers as a means to evade fraud detection.
There was an 80% rise in financial malware attacks in the first half of 2019 and fraudsters have been spotted using adapted versions of the old Ramnit Banking Trojan to circumvent defences; for instance, the fraud team found it’s now being distributed via executable files that are downloaded and opened by unknowing users.
Commenting on the findings, Daniel Cohen, Director of the Fraud and Risk Intelligence Unit at RSA Security says: “The digital transformation of finance is well underway and yet, this transformation is a double-edged sword; while digital has created opportunities for organisations to improve customer experience, it also introduces new digital risks that need to be managed. Take for example the number of digital touchpoints that consumers can engage with to access financial services: these have increased dramatically through initiatives such as open banking and this widens the attack surface that fraudsters can take advantage of.”
Cohen continues: “The fact that fraud via fake mobile applications tripled in the first half of 2019 is testament to how perpetrators will constantly seek out weak points. Here, they are exploiting consumers’ growing trust in mobile apps as a means to interact with brands and make purchases. To keep pace with constantly evolving tactics, banks need to take a layered approach to proactively manage the risk of fraud across all channels. This will help them embrace the opportunities that come with digital transformation whilst maintaining confidence in their ability to detect and respond to fraud, protecting both themselves and their customers.”
He concludes: “It’s also essential that, as consumers, we all stay vigilant of new digital risks and there are several simple steps we can follow. Firstly, avoid clicking on links in text messages or emails from unfamiliar senders as this lowers the chance of having your bank details stolen, or malware being installed on your device. It’s also important to keep track of bank transactions; often, fraudsters will start with smaller purchases to test the water, so monitoring bank accounts closely is vital to catch fraudsters early. Finally, in light of the rise in fake mobile apps, download new applications with caution, make sure to verify the publisher and pay close attention to what data permissions each app requests.”
One such fraud is that uncovered by Upstream featuring the Snaptube app. Snaptube, a popular Android smartphone video app which claims some 40 million users, has been caught making millions of suspicious transactions without the knowledge of its users.
The Snaptube app features the same piece of developer software code, Mango SDK, that was at the center of the Vidmate expose earlier this year – when another popular video app from a Chinese developer was found to be conducting mass scale advertising and premium services’ subscription fraud. Snaptube also displays a common traffic pattern and similar URLs and domains as those reported with Vidmate.