A cybercrime study found that the global rate of human-initiated digital attacks increased by 19%

The growing scale of cybercriminal activity – particularly in e-commerce and across North America – is reflected in a new report from LexisNexis Risk Solutions.

The company’s annual cybercrime report, “Confidence Among Chaos,” analyzes data from 92 billion transactions processed through the LexisNexis digital identity network throughout 2023. It revealed a 19 percent year-over-year increase in the rate of global human-initiated digital attacks.

The LexisNexis Identity Fraud Index, which tracks the rate of attacks per day, shows that attack rates increased sharply in both the beginning and end of 2023. A significant factor was that the attack rate in North America rose to equal and then surpassed the attack rate in Latin America throughout the year.

E-commerce transactions rose slightly by 7% in 2023 as rising interest rates and global inflation cooled consumer spending. But where consumers held back, fraudsters became more active– noted in the report.

The number of human-initiated attacks increased by 80% year over year, resulting in an attack rate of 2.8% (up 59% year over year). A key element of the increase in attacks was fraudsters’ focus on taking over e-commerce accounts, with the login attack rate reaching 3.3% (up 119% year-on-year).

Below are the key findings from the LexisNexis report.

•Account takeover by a third party ranks first. Third-party account takeover fraud was the top fraud type reported by customers in 2023, accounting for 29% of reported fraud classifications, consistent with a significant increase in attack rates observed during account login in 2023 (up 18% year-over-year ).

• Human-initiated attacks are increasing rapidly. While the number of bot-initiated attacks remained steady at 2% year-over-year, reaching 3.6 billion, the number of human-initiated attacks increased by 40% to 1.3 billion.

•Remote fraud centers encourage fraud. Device data, including high-altitude biometric behavioral telemetry, reveals that parts of Southeast Asia are home to specialized remote fraud centers. According to Digital Identity Network, cybercriminals prefer border areas in Cambodia, Myanmar and remote parts of Thailand.

•New challenges Face bot attacks, The rate of automated bot attacks remained steady in 2023, in part due to the threat advanced bot detection capabilities pose to this attack vector. These capabilities include detecting bot traffic imitating legitimate customer locations via IP proxies, as well as identifying abnormal event timing and unusual behavior on a website or app.

Companies are increasingly using proxy piercing technology to break the anonymity of cybercriminals trying to hide their behavior using virtual private networks (VPNs).

“Cybercriminals continue to increase the scale and complexity of their illegal activities, and specialized fraud centers are becoming a regular place to launch digital attacks on consumers around the world.” said Stephen Topliss, vice president of fraud and identity at LexisNexis Risk Solutions. “While these fraud centers will continue to pose the threat of human-initiated attacks, organizations cannot afford to become complacent due to the increasing sophistication of bots, which can exhibit more human-like behavior to bypass traditional preventive solutions. By focusing on identifying advanced bots in real time, companies can reduce the ability to create fake accounts or test stolen credentials for future account takeover attacks.”

.