Endpoint/Device Security, Security Architecture, Threat Management, Threat Management

Cybercriminals target mobile as consumers embrace digital transactions

The growth of digital transactions provide fraudsters another avenue to target, according to a LexisNexis report. Pictured: An iPhone is used to make an Apple Pay purchase at the Post Office on July 14, 2015, in London. (Photo by Peter Macdiarmid/Getty Images)

Just as financial customers have increasingly embraced mobile access, so too have cybercriminals.

With 75% of potential cyberattacks targeting mobile digital transactions, it seems clear that bad actors are going after mobile financial transactions as they see those as easier and more lucrative, according to a cybercrime report from LexisNexis Solutions. The findings were based on an analysis of transaction data from the LexisNexis Digital Identity Network in the second half of last year, which analyzed 35.5 billion transactions.

Even with pandemic restrictions easing up, the growth in digital transactions continued to boom, especially in financial services, where online transactions increased 52% over the same period last year and mobile transactions specifically shot up 45% year-over-year.

The growth in digital transactions is not only due to the lockdown, but also increased consumer confidence in digital channels and commerce, according to LexisNexis. However, while the use of these channels is a boon to legitimate customers, it also “may lead to opportunities for fraudsters,” according to the LexisNexis Risk Solutions Cybercrime Report.

“It is time to unite in the fight against cybercrime. In a truly global digital economy, borders are no longer boundaries for trade or cybercriminals,” Stephen Topliss, vice president of fraud and identity strategy for LexisNexis Risk Solutions, said in a prepared release. “It is more apparent than ever that fraud goes beyond single industries or countries.” 

That said, the report’s findings were not altogether surprising according to Christopher Schnieper, director of fraud and identity for LexisNexis Risk Solutions.

“There were no big surprises,” Schneiper of the survey. “Most of these organizations are on a digital-first journey, and having a pretty good journey... even though they have seen a continuous increase on attacks on the mobile channel.”

Indeed, according to the LexisNexis research, cyberattacks on mobile delivery channels have more than tripled.

“Mobile is the channel more consumers and organizations are shifting to,” Schnieper said, adding that bad actors are perpetrating more and different types of scams as a result.

In the second half of last year, mobile transactions represented three-quarters (75%) of overall commerce, as younger consumers began to assert their presence in digital commerce, mobile-only financial technology firms emerged and the cost of smart mobile devices dropped, according to the study.

Monica Jain, chief customer officer and co-founder of LogicHub, is not surprised by the findings either.

“Mobile apps now dominate how financial transactions are done, but the security of many mobile apps has not had the scrutiny of traditional desktop browser apps,” Jain said.

“This tends to fragment security as mobile apps often have little-or-no visibility by corporate IT security teams,” she continued. “It's no surprise that automated bot attacks continue to rise, but it is notable that manual attacks are also going up — not declining.”

Automated attacks, largely using bots, increased by 32% worldwide, according to the study. And, while automated attacks are giving bad actors the opportunity to attack financial institutions and their service providers on a larger scale than ever before, the LexisNexis study (which tracked more than 15.3 billion transactions in the second half of last year) found that there was also a 50% rise year-over-year in the number of human-initiated attacks, for the first time since 2019.

“For businesses to succeed in the digital world, they need to collaborate in the fight against fraud,” Topliss said in a prepared release. “This can be achieved by utilizing the power of a global anonymized digital identity network and through the establishment of more focused digital consortiums among industry peers.”

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.