Sift, a payment fraud solutions company has released its Q3 Digital Trust and Safety Index report, finding that account takeover (ATO) is the weapon of choice for fraudsters attacking eCommerce merchants, with ATO rates for physical eCommerce businesses jumping 378% since the start of the Covid-19 pandemic.
According to a recent study by Comparitech, total identity fraud losses reached $16.9 billion in 2019, with Sift finding that ATO rates increased by 282% between the second quarter of 2019 and Q2 2020. This jump represents the percentage of total fraudulent logins across the sift global network that were prevented.
The Index includes findings gleaned from Sift’s global network of 34,000 sites and apps and from a survey of 1000 U.S. adult consumers.
The key findings were:
- Fueled by automation: Between Q2 2019 and Q2 2020, ATO attacks happened in discrete waves about a week apart, indicating that those committing fraud are turning to bots and automation in order to overwhelm trust & safety teams.
- Fraudsters sneak in and cash out: Of those who have experienced ATO, 41% of respondents reported that payment details were stolen and used to make purchases, and 37% of victims had money taken directly from their accounts. Another 37% had rewards points or credits taken and used to buy goods and services.
- Ecommerce is in the crosshairs: Of consumers who confirmed being victims of ATO attacks 61% said their eCommerce (both physical and digital goods and services) accounts were hacked.
Due to the global pandemic, it’s inevitable more spending will be taking place online this fesitve season, with Deloitte expecting holiday e-commerce sales to surge by 25% to 35%, amounting to between $182 billion and $196 billion. This combined with the surge in ATO rates means that the 2020 holiday shopping season will be the perfect situation for fraudsters taking advantage of online shoppers and sites.
