Anyone that utilizes social media can tell you that every site has a percentage of fake accounts. Typically these accounts are run by bots that post, respond, or follow based on certain parameters. However, a recent report by Arkose Labs has found that much more of these accounts exist than many think. In fact, Arkose Labs found that more than half of logins, 53 percent total, on social media sites are fraudulent. In fact, 25 percent of all new account applications on social media are fraud.
According to the Arkose Labs press release:
The Arkose Labs Q3 Fraud and Abuse Report analyzed over 1.2 billion transactions spanning account registrations, logins and payments from financial services, e-commerce, travel, social media, gaming and entertainment industries, in real time, to provide insights on the evolving threat landscape. The report found that one in 10 transactions are attacks, ranging from automated bots to malicious humans.
For the most part these attacks seek monetary gain. By 2021, it is estimated that cybercrime will cost the global economy more than $6 trillion in damages. According to the report, of the 1.2 billion transactions analyzed, automated attacks have the highest volume. These range from large-scale account validation attacks to bots blocking seats on an airline to scripted attacks scraping user data and inventory. For social media, 75 percent of attacks are automated bot attacks.
“Fraudsters are motivated by financial gain and they will continue to deploy malicious techniques as long as there is money to be made. Sometimes fraudsters have to rely on humans to carry out attacks. These attacks cost more, but the value they can extract from the attack makes the investment worthwhile,” says Vanita Pandey, VP Strategy at Arkose Labs. “Developing economies are quickly becoming fraud hubs because they have easy access to sophisticated tools, cheap manual labor and good economic incentives associated with online fraud.”
Technology companies should look out in particular when it comes to human fraud attacks. 43 percent of all attacks on tech companies are human driven. Specifically, these attackers are targeting account registration over login. Tech companies with a “freemium” model are particularly vulnerable as attackers will test stolen credentials or create fake accounts to access the service.
For more information on the findings you can download the full report.