And the quarterly fraud report from risk management vendor RSA, covering the period from 1 January to 31`March 2019, also found that globally, fraud attacks from rogue mobile applications increased by 300%.
RSA also highlights what it says is a new and growing trend in account takeover and credential stuffing as a result of mass data breaches.
“Account checkers have been around for a long time, but fraud-as-a-service offerings have continued to evolve rapidly in the last couple of years due to the high volume of password breaches,” RSA says.
“Credential stuffing tools such as Sentry MBA and SNIPR have been popular among fraudsters. However, their use is restricted by the limited availability of pre-built configurations, mostly for large websites.”
RSA says it recently identified an online studio for developing account checkers capable of attacking nearly any website.
And, in addition to facilitating the development of new checkers, RSA says the site has also created a new source of income for fraudsters as the revenue generated from each checker is split between the site owner and the developer.
“This has introduced new opportunities for fraudsters to attack organisations not traditionally targeted by account takeover,” RSA warns.
As well as the decrease in transactions in Australia, for the period starting 1 January 2019, and ending 31 March 2019, RSA says it observed several global fraud trends and digital risks including:
Phishing accounted for 29% of all fraud attacks observed by RSA in Q1. While overall phishing volume increased less than 1% quarter over quarter, in terms of overall fraud attacks, phishing decreased sharply due to the exponential growth of attacks from rogue mobile apps.
Fraud attacks from rogue mobile applications increased 300%, from 10,390 rogue apps in Q4 to 41,313 in Q1.
Fraud attacks introducing financial malware increased 56%, from 6,603 in Q4 to 10,331 in Q1