2017 "a record setting year" for cyber crime, claims ThreatMetrix

Hackers are becoming craftier and focusing on identity theft

2017 turned out to be "a record-setting year" for cyber crime, according to new research from digital identity firm ThreatMetrix.

In its latest Cybercrime Report, the company claimed that there had been a doubling in the number of cyber attacks over the past two years. But companies are responding with "innovative, digital-first strategies" to protect consumers.

The company claims that fraudsters are turning their attention away from credit cards and are now leveraging identity data to launch attacks that "produce long-term profits".

There was "a highly elevated attack rate on account creations", according to the company. And more than one in nine of accounts created last year were fraudulent.

Bot-net activity levels grew in 2017 too, accounting for 90 per cent of traffic sent to retail sites, ThreatMetrix claims. It also claims that there were "extreme spikes" in cyber attack levels throughout the year. For instance, it suggests that there was a growth in "irregular behaviour" after the Equifax data breach.

Overall, the organisation warned, hackers are getting craftier. The company explained that they're "layering their efforts to make them harder for the individual to detect".

Social engineering attacks are the best example, said the company. While far from new, they remain highly effective with phishing attacks, in particular, persuading consumers that their accounts have been compromised so that they change their passwords.

Account takeover attacks surged by 170 per cent in 2017, with one taking place every 10 seconds. Meanwhile, 83 million fraudulent bank accounts were opened between 2015 and 2017, and questionable payments grew by 100 per cent over this period.

Vanita Pandey, vice president of product marketing and strategy at ThreatMetrix, said that any organisation can fall victim to a serious security breach.

"As attacks intensify, so does the need for investment in advanced technologies to protect consumers, including individuals with breached identity and financial credentials," said Pandey.

"Analysing transactions based on true digital identity is the most effective way to instantly differentiate between legitimate users and cybercriminals."

She added: "With the volume and complexity of attacks increasing daily, businesses need to accurately differentiate customers from criminals in real time, without impacting transaction speeds or introducing unnecessary friction.

"By looking beyond static data—and drilling down to the dynamic intricacies of how people transact online—companies can continue to grow their digital businesses with confidence."