Arkose Labs, a fraud prevention solution, released its Q4 Fraud and Abuse Report. In post to its corporate blog, Arkose said it used data from more than 1 billion transactions to draw conclusions about the current state of fraud. Findings include increases in fraud in the following sectors:
- Finance sector — a 15% increase from Q3
- Technology platforms — fraudulent account registrations were 9x higher than legitimate ones
- Gaming — 30% increase from Q3
- Social Media: 15% increase in human-driven attacks on logins
- Retail/Travel — a 30% increase in account takeover attacks
The prevalence of human-powered attacks is one of the major fraud trends discussed in the report. This is both interesting and surprising, since the current industry focus is on the increasing sophistication of automated attacks and the use of artificial intelligence.
Arkose Labs Attack Incentive Index Launched
Specifically, the report focuses on the impact of fraud “sweatshops” where a large volume of low paid workers are paid to manually perform attacks at scale.
“[The report] closely investigates the mechanics of inauthentic attacks as they range from automated bots to human or sweatshop-driven attacks. Our analysis reveals that half the attacks from Russia and China are human-driven,” the post said. “This underscores the trend that while automated attacks still constitute the bulk of all attacks, the rate of human-driven attacks is growing—whether lone fraudsters, click farms or sweatshops. This is largely because the success rate of automated attacks is declining, and improved access to cheap human sweatshop resources.”
In addition to analyzing fraud patterns, the report announces the creation of the “Arkose Labs Attack Incentive Index” (AII). This new corporate indicator discusses country-specific reasons for cyber crime. The goal is for merchants to use the index as a resource to better evaluate their own fraud prevention strategies and tools.
“When the incentive levels are higher, fraudsters have stronger economic drivers pushing them into fraud. They also have a greater propensity to invest more resources in an attack while still preserving the return on investment (ROI),” the post said. “The AII can, therefore, provide valuable insights into the effort fraudsters are willing to expend on attacks and can help businesses craft strategy around authentication and targeted friction.”