Subscribe to:

Subscribe to :: ::

IBM And Maersk Joing Forces For Blockchain Venture

January 26, 2018 by  
Filed under Around The Net

IBM and Danish transport and logistics company Maersk are teaming up to create an as-yet-unnamed Blockchain-based shipping and supply chain company.

The move will commercialize Blockchain for all aspects of the global supply chain system, from shipping to ports, and banks to customs offices. Blockchain technology a provide control for the logistics industry since it can replace tedious and insecure paperwork with secure digital records that are also transparent.

Maersk’s chief commercial officer Vincent Clerc, who will serve as chairman of the newly formed board for the joint venture, said: “The potential from offering a neutral, open digital platform for safe and easy ways of exchanging information is huge, and all players across the supply chain stand to benefit.”

The company had promised to make delivery of the new project by the end of last year. The offering is the fulfilment of a year’s worth of planning by both companies, each of whom have invested in Blockchain in various other ways. The joint venture is hoping to start offering their software solutions by Q3 2018.

The global shipping industry has seen little innovation since the container was invented in the 1950s, and cross-border trade still leaves an enormous trail of paperwork and bureaucracy.

The success of the platform, which will be made available to the ocean shipping industry around mid-2018, depends on whether Maersk and IBM can convince shippers, freight forwarders, ocean carriers, ports and customs authorities to sign up.

It will help manage and track tens of millions of shipping containers globally by digitizing the supply chain process from end to end, the companies said.

A shipment of refrigerated goods from East Africa to Europe can go through nearly 30 people and organizations and involve more than 200 different communications, according to Maersk. Documentation and bureaucracy can be as much as a fifth of the total cost of moving a container.

Customs and port authorities in the United States, Singapore, the Netherlands and China’s Guangdong province have shown interest in using the platform, and some other shipping companies are also interested, he said.

The move could also improve distribution security. A cyber-attack last year caused some of the biggest-ever disruptions to global shipping, displaying the vulnerability of outdated communication systems. Maersk’s container and port operations were hit for weeks, as it struggled to bring its IT systems including some 1500 applications back online.


Is The Andromeda Botnet Network On The Ropes

December 12, 2017 by  
Filed under Computing

A Botnet -busting joint task force has taken down the two million device-strong malware-spreading Andromeda network.

Cybersecurity agents from a combination of the Europol’s European Cybercrime Centre, the FBI, EuroJust and the Joint Cybercrime Action Task force, alongside help from a clutch of companies like Microsoft, moved to scupper what is thought to be the biggest botnet ever.

Using a technique called ‘sinkholing’, whereby domains carrying malware distributed by Andromeda were redirected to servers used to investigate the botnet, some 1,500 command and control domains were destabilised and traffic from two million infected devices worldwide were prevented from making contact with the control domains.

All this effort cut off the cyber criminals’ access to the infected devices that formed the botnet and resulted in knocking Andromeda offline.

The taskforce discovered Andromeda had a massive reach having spread across 223 countries including the UK, Belgium, Italy, Singapore and Australia.

The investigation led to the arrest of a person in Belarus and the effective end of the Andromeda botnet.

Andromeda is thought to have spawned out of the now out-of-operation Avalanche trojan speading malware network, and was used to distribute 80 different kinds of malware at a global scale.

Steven Wilson, the head of Europol’s European Cybercrime Centre, noted the Andromeda takedown is a good example of how law enforcement organisations and the private sector can work together to combat the ever growing presence of cyber threats.

“This is another example of international law enforcement working together with industry partners to tackle the most significant cyber criminals and the dedicated infrastructure they use to distribute malware on a global scale. The clear message is that public-private partnerships can impact these criminals and make the internet safer for all of us,” he said.

That’s all very well but if Brexit does indeed go ahead, such partnerships between the UK and European law enforcement could be stymied, despite Britain being keen to share intelligence after it leaves the EU.


Emonet Trojan Back On The Scene

September 1, 2017 by  
Filed under Around The Net

A banking trojan dubbed Emotet, first uncovered in 2014, has returned and is targeting Brits with phishing emails.

The new variant of the Emotet Trojan appears to be targeting the UK, with more than three-quarters of attacks reported in Blighty, according to security software company Zscaler.

The Trojan is spread via phishing emails and, if activated, steals banking credentials and email addresses. It is commonly distributed through documents sent via email, with what Zscaler describes as highly obfuscated macros that serve payloads to download and install the Trojan onto a victim’s machine.

Furthermore, warns Zscaler, there have also been reports that the Trojan can spread via network exploits, presumably using the US National Security Agency exploits ‘showcased’ in the recent WannaCry and NotPetya malware outbreaks.

However, these reports have yet to be confirmed and Zscaler admits that such features in the malware haven’t yet been identified.

Emotet first emerged in 2014 when it wreaked havoc in the US and Europe, according to Zscaler, but has re-emerged this year, with the first reports coming in April 2017.

“Emotet is a multi-component malware which specialises in a multitude of nefarious activities, including stealing credentials from browsers and mail clients, banking theft via Man-in-the-Browser attack, email harvesting and propagation through spam emails from infected systems,” warns Zscaler in its report.

It’s typically propagated via phishing emails either containing malicious attachments, or links to a URL hosting a JavaScript or document file that downloads and installs the Emotet payload.

The code is encrypted to obfuscate the attack from security software “[It] is decrypted in the memory using a custom algorithm involving ‘Base-64 decode’ and ‘XOR’. A new process is created in suspended mode and the decrypted Emotet binary is written in the address space of this process”.

A new process and system service is created in Windows and, once the service is started, a Windows API is invoked to periodically trigger core malicious code that is responsible for communication with the command and control (C&C) servers, send collected information, and await commands from the server.


Identity Theft In The U.K. Reaches Epidemic Levels

August 24, 2017 by  
Filed under Around The Net

Identity theft has reached “epidemic levels” in the UK, as criminals perfect their methods to steal information to get loans or buy stuff online.

Fraud prevention service Cifas today revealed 89,000 identity frauds have been recorded in 2017 so far — a record rise of 5 percent over last year. The number of cases of fraudsters trying to target Brits’ bank accounts or plastic cards has fallen, but scammers are now better at finding your details online and using that information to spend your money without your knowledge.

“Be careful who you give your information to,” warned Detective Superintendent Glenn Maleary, Head of the City of London Police’s Economic Crime Directorate, in a statement. “Always consider whether it is necessary to part with those details. We urge everyone both at home and at work to ensure that they have the right security settings on all of their devices. Be conscious of identity fraudsters and use our protection advice to help stop them in their tracks.”

In the US, the recent 2017 Identity Fraud Study by analysts Javelin Strategy & Research also recorded a record high increase in identity fraud. Fraudsters managed to dupe two million more victims to steal a total of $16 billion.

Linux Debuts Hyberledger 1.0 Blockchain Software

July 14, 2017 by  
Filed under Around The Net

The Linux Foundation’s Hyperledger project officially rolled out the Fabric 1.0, a collaboration tool for building blockchain distributed ledger business networks  such as smart contract technology.

The Hyperledger project, a collaborative cross-industry effort created to advance blockchain technology, said the Hyperledger Fabric framework can be a foundation for developing blockchain applications, products or customized business solutions

Under development for the past 16 months, Hyberledger Fabric 1.0 is ready to be used to create an immutable, secure electronic ledger in industries such as financial services for completing transactions, including clearance and settlement, and healthcare, as a way to validate where electronic patient records exist and who has  access to them.

“Fabric 1.0 will help substantially in both those use cases,” said Hyperledger’s executive director, Brian Behlendorf.

Blockchains can be encrypted or unencrypted, depending on the level of security required, but in both cases the records are auditable because the data in the database cannot be changed and is tied to each authorized participant in the chain. A blockchain, for example, could be used during the clearance and settlement process between Wall Street traders and the banks that support the transactions to verify in real time when each party has received data and agreed to the exchange of funds.

Fabric 1.0 offers a modular architecture allowing components, such as consensus and membership services, to be plug-and-play. It leverages container technology to host smart contracts called “chaincode” that comprise the application logic of the system.

Fabric has been through several release cycles or pilots with 28 of Hyperledger’s member organizations. The include The Depository Trust & Clearing Corp. (DTCC), Fujitsu, GE, Hitachi, Huawei Technologies, State Street Bank, SecureKey, IBM, SAP, and Wanda Group.

There were also contributions from 35 unaffiliated individuals. In total, 159 developers contributed to Hyperledger Fabric, Behlendorf said.

“We had to push this out and encourage companies to start using them in proof-of-concepts and pilots, and some even were happy with the data code at that time and pushed them into production,” Behlendorf said.

“After over a year of public collaboration, testing, and validation… Fabric 1.0 is a true milestone for our community,” Behlendorf said. “Fabric can now advance to production deployment and operations. I look forward to seeing even more products and services being powered by Hyperledger Fabric in the next year and beyond.”

Credit Suisse Says It Has Banking Robots

May 3, 2017 by  
Filed under Around The Net

Credit Suisse AG has rolled out an army of 20 robots within the bank, some of which are helping employees answer basic compliance questions, the Swiss bank’s global markets chief executive, Brian Chin, said on Monday.

Chin, speaking at the Milken Institute Global Conference in Beverly Hills, California, said the technology may help reduce the number of calls coming into the bank’s compliance call center by as much as 50 percent.

The technology works like Inc’s Alexa voice system. While Chin called them robots, it was not clear if they had a physical presence or how exactly employees interacted with them.

“You ask it questions and it spits out the appropriate regulation, rather than going to a manual or a website,” Chin said. “It’s been really good for simple questions.”

Chin said although technology has allowed Credit Suisse to cut back and middle office staff, headcount has remained flat because the bank has hired a large number of programmers.

Bitcoin Value Hits Another High Mark

May 3, 2017 by  
Filed under Around The Net

Bitcoin surged to yet another all-time high above $1,400, after more than tripling in value over the past year, with its most recent rise attributed to strong demand in Japan, where the digital currency has been deemed a legal means of payment.

Cryptocompare, a data website that analyses bitcoin trading across dozens of exchanges globally, said around 50 percent of trading volume over the past 24 hours had been on the bitcoin/Japanese yen exchange rate.

“The Japanese have recently warmed their approach towards bitcoin by treating it legally as a form of payment – a ratification and bringing into the regulatory fold,” said Charles Hayter, the website’s founder.

“China’s clampdown on exchanges can also be seen as a positive move for the industry too,” he added.

Chinese authorities have increased scrutiny of exchanges this year and have forced them to start charging trading fees, after becoming concerned about bitcoin speculation and its potential use in money laundering.

Bitcoin surged as much as 3 percent on Tuesday on the Europe-based Bitstamp exchange, where trading is dollar-denominated, to hit $1,437, its highest since its 2008 launch. That marked a more than 200 percent increase from its price in early May last year.

Its current levels put the total value of all bitcoins in circulation – the so-called “market cap” – close to $25 billion, putting its worth on a par with a large-cap company.

Bitcoin analysts said the price had also been boosted by a request by the BATS exchange that the U.S. Securities and Exchange Commission review its March decision not to approve a bitcoin-tracking ETF set up by the Winklevoss brothers.

Fidelity Investments Jumps Into Blockchain Alliance

April 11, 2017 by  
Filed under Around The Net

Fidelity Investments Inc has become the first financial institution to join the Initiative for CryptoCurrencies & Contracts, a group of academic institutions and technology firms exploring the development of blockchain-based technology.

Fidelity Labs, the innovation arm of asset manager Fidelity, will be a member of IC3 along with Cornell University, University of California at Berkeley, University of Illinois at Urbana–Champaign, the Technion, IBM Corp and Intel Corp, the company said in a statement.

The Boston-based fund manager will collaborate with the group to develop blockchain programs to help make financial systems more efficient and secure.

Blockchain, which first emerged as the system underpinning cryptocurrency bitcoin, is a distributed record of transactions that is maintained by a network of computers, rather than a centralized authority.

Over the past two years, financial institutions have been ramping up their investments in the technology in the hopes that it can help the make some of its processes simpler and cheaper. Potential use cases range from systems to manage international payments, to programs to settle securities trades.

In a bid to accelerate development and adoption of blockchain, companies have been joining forces in several industry consortia and groups.

Banks have been more vocal about their efforts than asset managers, with most large lenders having joined a group led by New York-based startup R3. Most recently a group of 30 companies, including several banks, launched a new blockchain consortium called the Enterprise Ethereum Alliance.

“What IC3 brings is that academic computer science legacy that can help us explore how this technology can be applied,” said Hadley Stern, senior vice president at Fidelity Labs, explaining why the asset manager had chosen the group.

Use cases the asset manager is interested include the settlement of repurchase agreements transactions, Stern said.

Despite the excitement around blockchain, the technology is still in its early days and proponents warn that it may take years before financial institutions can fully reap its benefits.

IC3, which is based at the Jacobs Technion-Cornell Institute at Cornell Tech in New York City, conducts research aimed at developing blockchain that meets the standards needed to be deployed by businesses.

“Expected outcomes of our work include new blockchain and smart contract technologies that are secure, incrementally deployable, and efficient to meet the industry’s needs,” said Emin Gün Sirer, co-director of IC3 and a professor at Cornell University in Ithaca, New York

Will Online Security Get Better?

April 11, 2017 by  
Filed under Around The Net

Big Blue has issued a warning about the poor state of online security and claimed that things are getting worse.

In its IBM Security 2017 IBM X-Force Threat Intelligence Index, Big Blue said that the number of hacked records grew 566 percent in 2016 from 600 million to more than four billion.

In one case, a source leaked more than 1.5 billion records which was probably the Yahoo breach, only that was a few years ago.

In the first three months of 2016, the FBI estimated cybercriminals were paid a reported $209 million via ransomware. This would put criminals on pace to make a billion dollars from their use of the malware just last year.

In 2016, many significant breaches related to unstructured data such as email archives, business documents, intellectual property and source code were also compromised.

IBM said that the most popular malware in 2016 was Android malware, banking Trojans, ransomware offerings and DDoS-as-a-service vendors.

IBM said that while the healthcare industry continued to be beleaguered by a high number of incidents, attackers hit on smaller targets resulting in a lower number of leaked records.

In 2016, only 12 million records were compromised in healthcare – keeping it out of the top five most breached industries..

In 2016 more than four billion records were leaked, more than the combined total from the two previous years, redefining the meaning of the term “mega breach”.  In one case, a single source leaked more than 1.5 billion records, IBM wrote.

Caleb Barlow, Vice President of Threat Intelligence, IBM Security said: “While the volume of records compromised, last year reached historic highs, we see this shift to unstructured data as a seminal moment. The value of structured data to cybercriminals is beginning to wane as the supply outstrips the demand. Unstructured data is big-game hunting for hackers and we expect to see them monetize it this year in innovative ways.”


Data Breaches Appear To Be On The Rise

April 7, 2017 by  
Filed under Around The Net

Analyst at Gemalto have released the findings of the Breach Level Index revealing that 1,792 data breaches led to almost 1.4 billion data records being compromised worldwide during 2016, an increase of 86 per cent compared to 2015.

Identity theft was the leading type of data breach in 2016, accounting for 59 per cent of all data breaches. In addition, 52 per cent of the data breaches in 2016 did not disclose the number of compromised records at the time they were reported.

The Breach Level Index is a global database that tracks data breaches and measures their severity based on multiple dimensions, including the number of records compromised, the type of data, the source of the breach, how the data was used, and whether the data was encrypted. By assigning a severity score to each breach, the Breach Level Index gives a comparative list of breaches, distinguishing data breaches that are a not serious versus those that are.

According to the Breach Level Index, more than seven billion data records have been exposed since 2013 when the index began benchmarking publicly disclosed data breaches. Breaking it down that is over 3 million records compromised every day or 44 records a second.

Last year, the account access based attack on AdultFriend Finder exposing 400 million records scored a 10 in terms of severity on the Breach Level Index. Other notable breaches in 2016 included Fling . Philippines’ Commission on Elections, 17 Media and Dailymotion.

The top 10 breaches in terms of severity accounted for over half of all compromised records. In 2016, Yahoo! reported two major data breaches involving 1.5 billion user accounts, but are not accounted for in the BLI’s 2016 numbers since they occurred in 2013 and 2014.

Gemalto’s Vice President and Chief Technology Officer for Data Protection Jason Hart said: “The Breach Level Index highlights four major cybercriminal trends over the past year. Hackers are casting a wider net and are using easily-attainable account and identity information as a starting point for high value targets. Fraudsters are also shifting from attacks targeted at financial organizations to infiltrating large data bases such as entertainment and social media sites. Lastly, fraudsters have been using encryption to make breached data unreadable, then hold it for ransom and decrypting once they are paid.”

In 2016, identity theft was the leading type of data breach, accounting for 59 per cent of all data breaches, up by 5 per cent from 2015. The second most prevalent type of breach in 2016 is account access based breaches.

The incidence of this type of data breach decreased by three per cent, it made up 54 per cent of all breached records, which is an increase of 336per cent from last year.

This highlights the cybercriminal trend from financial information attacks to bigger databases with large volumes of personally identifiable information. Another notable data point is the nuisance category with an increase of 101 per cent accounting for 18 per cent of all breached records up 1474 per cent since 2015.

Malicious outsiders were the leading source of data breaches, accounting for 68 per cent of breaches, up from 13 per cent in 2015. The number of records breached in malicious outsider attacks increased by 286 per cent from 2015. Hacktivist data breaches also increased in 2016 by 31per cent, but only account for three per cent of all breaches that occurred last year.

The technology sector had the largest increase in data breaches in 2016. Breaches rose 55per cent, but only accounted for 11 per cent of all breaches last year. Nearly 80 per cent of the breaches in this sector were account access and identity theft related. They also represented 28per cent of compromised records in 2016, an increase of 278 per cent from 2015.

The healthcare industry accounted for 28 per cent of data breaches, rising 11 per cent compared to 2015. However, the number of compromised data records in healthcare decreased by 75 per cent since 2015.

Education saw a five per cent decrease in data breaches between 2015 and 2016 and a drop of 78per cent in compromised data records. Government accounted for 15 per cent of all data breaches in 2016. However, the number of compromised data records increased 27 per cent from 2015. Financial services companies accounted for 12 per cent of all data breaches, a 23per cent decline compared to last year.

All industries listed in the ‘Other’ category represented 13per cent of data breaches and 36 per cent of compromised data records. In this category, the overall number of data breaches decreased by 29 per cent, while the number of compromised records jumped by 300per cent since 2015. Social media and entertainment industry related data breaches made up the majority.

Last year 4.2 per cent of the total number of breach incidents involved data that had been encrypted in part or in full, compared to four per cent in 2015. In some of these instances, the password was encrypted, but other information was left unencrypted. However of the almost 1.4 billion records compromised, lost or stolen in 2016, only six per cent were encrypted partially or in full (compared to two per cent in 2015).


IBM Launches Blockchain Service For Developers

March 21, 2017 by  
Filed under Computing

International Business Machines Corp has unveiled a service that will allow businesses to build applications on its cloud using blockchain code from the Hyperledger Project, the cross-industry group led by the Linux Foundation.

The U.S. technology company said on Monday its new product called IBM Blockchain was the first service for developers to build enterprise-grade technology using Hyperledger Fabric, the first code set to be released by the open source group.

The Fabric blockchain can process more than 1,000 transactions per second and has the necessary features to be used by large enterprises to build their applications, IBM said.

It added it was working with technology company SecureKey Technologies and a group of Canadian banks to build a digital identity network using its new blockchain services.

The network, set for launch later this year, is aimed at making it easier for consumers to prove their identities when accessing services such as new bank accounts, driver’s licenses or utilities. Banks involved include Bank of Montreal, Royal Bank of Canada, Bank of Nova Scotia, Canadian Imperial Bank of Commerce and Toronto-Dominion Bank.

Blockchain, which emerged as the system running cryptocurrency bitcoin, is a digital shared record of transactions that is maintained by a network of computers on the internet, without the need of a centralized authority.

Big businesses, including many of the world’s largest banks, have been increasing their investment in the technology in hopes it can help them reduce the complexity and costs of some of their most burdensome processes, such as the settlement of securities or international payments.

Technology companies and professional services firms have also been ramping up their investment in blockchain, as they race to capture the nascent market.

IBM has been one of the most aggressive large technology companies on blockchain and has several large clients developing applications with the technology, including Northern Trust Corp, Wal-Mart Stores Inc and the Depository Trust & Clearing Corporation.

IBM said it had also tested a blockchain-based asset management platform for carbon assets with Chinese company Energy-Blockchain Labs. The companies aim to release the platform, built using the new IBM Blockchain, later this year.

Was Visa Hacked?

March 16, 2017 by  
Filed under Around The Net

Thank you very much for the Aintree Iron.

Card holders with Visa credit cards have been hacked today, although the extent of the hack is not yet known.

How does Fudzilla know?  Well yours truly is the holder of a Barclaycard Visa card, and earlier on this afternoon received an automated call from Barclaycard, just verifiying that I could be compromised by a fraudulent attempt to use my card.

I persisted with the automatic call until I finally got through to a real person, who confirmed the reason my card had been stopped was because of a hack of the Visa database.

At press time, a Visa representative wasn’t there to provide further details of how and when the attack took place. How do I know this isn’t a scam itself? That’s easy – I bought a paltry item from Amazon for £1.89 and soon got an email telling me my card had been stopped.

It would have been a bit inconvenient if I only had one credit card and was working in overseas, wouldn’t it?


Bitcoin Continues Gaining Value, Hits New High

March 6, 2017 by  
Filed under Around The Net

Digital currency bitcoin hit a record high this past Friday as optimism about the approval of the first U.S. bitcoin exchange-traded fund by the Securities and Exchange Commission grows.

“There’s one catalyst at the moment and that is the expectation that the Winklevoss Trust will be approved on the 11th of March. That’s the only game in town,” said Daniel Masters, portfolio manager of Jersey-based Global Advisors Bitcoin Investment Program.

Investors Cameron and Tyler Winklevoss have a pending application with the SEC for a bitcoin ETF, which was filed nearly four years ago. On March 11, the twins are expected to receive a final decision from the U.S. Securities and Exchange Commission on whether they can list their ETF.

If approved by the SEC, this would be the first bitcoin ETF issued by a U.S. entity.

On Friday, bitcoin climbed to a record $1,298 on the BitStamp platform. Bitcoin last traded at $1,263.01, up nearly 5 percent on the day. So far this year, bitcoin has surged more than 30 percent.

Bitcoin is a virtual currency that can be used to move money around the world quickly and anonymously without the need for a central authority.

Darin Stanchfield, founder and chief executive officer of bitcoin wallet KeepKey, said the approval of the Winklevoss ETF would be a big boost to the market. “It should add a fair amount of liquidity to the bitcoin market,” added.

To date, there are two other bitcoin ETF applications with the SEC. Grayscale’s Bitcoin Investment Trust, backed by early bitcoin advocate Barry Silbert and his Digital Currency Group, filed its application with the SEC in March last year.

SolidX Partners Inc, a U.S. technology company that provides blockchain services, also filed its ETF application in July of last year.

Bitcoin relies on so-called “mining” computers that validate blocks of transactions by competing to solve mathematical puzzles every 10 minutes. In return, the first to solve the puzzle and clear the transaction is rewarded with new bitcoins.

Analysts said the groundwork for bitcoin gains was laid in July last year in a process called “halving,” where rewards offered to bitcoin miners shrink. That has constrained the supply of the digital currency.

Dan Morehead, chief executive officer at hedge fund Pantera Capital, said in his recent letter to investors that the bitcoin price moves in line with the currency’s use in transactions and both have risen sharply.

He sees the bitcoin price possibly rising to $2,288 by the end of the year.

After Chip Cards Introduced Online Fraud Increased

February 6, 2017 by  
Filed under Around The Net

One unintended consequence from the use of chip cards for in-store purchases has been an increase in online credit-card fraud.

Hackers have taken the path of least resistance, moving from in-store fraud to e-commerce fraud, according to security experts.

Deterred by the security capabilities of chip cards for in-store payments, thieves have resorted to stealing credit-card numbers and passwords or opening new accounts with false credentials to use in making online payments for purchases, according to recent studies. Botnets also comprise some of the biggest increases in online card fraud.

Chip cards were instituted on Oct. 1, 2015, and since then, e-commerce fraud on U.S. merchants has jumped 42% as of the fourth quarter of 2016, according to a study by research firm

“We predicted this [online fraud increase] would happen following [chip] cards in the banking industry years ago,” said Mike Lynch, chief strategy officer at InAuth, a vendor of mobile and browser security products. (InAuth was recently purchased by American Express, but will remain a subsidiary.) Other countries, including Canada and Australia, also saw big jumps in online card fraud after chip cards were adopted, he said.

Lynch said the online fraud increase is probably higher for financial institutions than for merchants, but merchants are more open about the problem and discuss it more freely. “Banks don’t typically want to disclose fraud,” he said.

The amount of dollars put at risk by online fraud went up 55% from the second quarter of 2015 to the second quarter of 2016, according to the study. That was a jump from $4.90 to $7.60 per $100 of online sales. For luxury goods alone, the dollars at risk were $12.10 per $100 in sales in late 2016.

Botnets were behind many of these attacks. The rate of attacks by botnets increased by 47% for the same period for all goods and by 87% for luxury goods alone, said.

Javelin Strategy & Research this week reported that identity fraud of all types, the bulk of which comes from card activity, hit a record high in 2016. There were 15.4 million U.S. victims in 2016, up 16% from 2015. Losses from fraud in 2016 hit $16 billion.

“The increase in [chip] cards and terminals was a catalyst for driving fraudsters to shift to fraudulently opening new accounts,” Javelin said in a statement. Fraud using existing cards also increased by 40% in 2016.

Online Fraud Over Holidays Spiked By 31%

January 20, 2017 by  
Filed under Around The Net

Fraud attempts on digital retail sales increased 31% from Thanksgiving to Dec. 31 over the previous year, according to a survey of purchasing data from ACI Worldwide.

The fraud increase was based on hundreds of millions of online transactions with major merchants globally. Also, the number of e-commerce transactions grew by 16% for the same period, ACI said.

Some of the fraud attempts came from the use of credit card numbers purchased in underground chat channels, ACI said.

“Given the consistent and alarming uptick in fraudulent activity on key dates, merchants must be proactive in their efforts to identify weak spots and define short and long-term strategies for improved security and enhanced customer experience,” said Markus Rinderer, senior vice president of platform solutions at ACI.

 ACI provides electronic payments technology for more than 5,000 organizations globally. One of its products, ReD Shield, was used to collect the data in the survey. ReD Shield, a fraud detection and prevention software product, was used to process 7% of all Black Friday online spending and 13% of Cyber Monday’s spending.

The data showed that the highest fraud attempt rates were on Christmas Eve and on days when shipments were cut off. The key shopping dates by volume (number of transactions) were Cyber Monday, which showed 15% growth, and Black Friday, which showed 19% growth.

The average sales ticket declined by 7% during the 2016 holiday period. The average was $228 in 2016, down from $243 in 2015.

In 2016, one of every 97 transactions was a fraudulent attempt, compared with 1 out of 109 transactions in 2015.

ACI defines a fraud attempt as a transaction confirmed by a merchant as fraudulent; a transaction that matched a record in an ACI database for a credit card number that was sold online in an underground chat channel; or as reported as fraud by a bank or other issuer. ACI also includes as fraud attempts those data patterns that match a recently confirmed fraud behavior.


Next Page »