arrow left facebook twitter linkedin medium menu play circle

Introducing the DataVisor Online Fraud Report

By Ting Fang Yen March 15, 2017

Photo of Ting Fang Yen

about Ting Fang Yen
Director of Research // Ting-Fang specializes in network and information security data analysis and fraud detection in the financial social and eCommerce industries. She holds a PhD in Electrical and Computer Engineering from Carnegie Mellon and has previously worked for E8, RSA, and Microsoft.

DataVisor Online Fraud Report

As DataVisor Co-Founder and CEO Yinglian Xie says in her foreword to the Inaugural DataVisor Online Fraud Report, “Data is power.” We have no shortage of data here at DataVisor and we have taken the opportunity to unlock it and analyze the results.

Through our Global Telemetry Network of more than one billion users across 172+ countries in the world, we were able to identify the favorite tools and attack techniques fraudsters from around the globe are using to create accounts and evade detection.

As with all research, you don’t always know what the results will reveal. When we first set out to develop the report, we set up a series of questions for which we wanted answers:

  • What device platform is used most to conduct attacks?
  • Which operating system are used most frequently by fraudulent accounts?
  • What are the most popular browsers for fraudsters?
  • Where are the most fraudulent accounts located geographically?
  • What percentage of bad actors use cloud hosting providers to launch attacks?
  • Which email domains are used the most to register fake accounts?
  • What is the average size of a fake account army?
  • How long do fraudsters age accounts before they attack?

Some of the most interesting results came when we looked at aging accounts. We knew fraudsters would lie in wait, or sleep, on platforms for extended periods of time but the results were still surprising in terms of just how committed, and patient, these bad guys are when it comes to aging accounts. According to our data, 44 percent of fraudulent accounts sleep at least seven days before an attack. Thirty-seven percent of malicious accounts have still yet to attack even after three months.

22-2

For malicious users to be sitting within your online community or user base, pretending to be regular users, for that long is scary. It underscores the importance of not only early detection, but looking at your users beyond their registration. To catch these sophisticated attackers before they strike, you have to look at the whole picture, even if they appear harmless.

Also, cloud-usage is definitely growing among malicious users. We observed that 18 percent of accounts hosted on cloud services are fraudulent. Malicious accounts are seven times more likely to use cloud services than normal users. Using the cloud enables fraudsters to both significantly increase the number of attack campaigns they can conduct, as well as evade detection by hiding behind legitimate network sources.

17

The fraud ecosystem is constantly evolving, and it’s clear that fraudsters are becoming increasingly more sophisticated in their attack techniques, as well as their adoption of new technology. They are blending in with normal users and circumventing traditional fraud detection methods. They are harder to detect, but we hope the DataVisor Online Fraud Report will help illuminate some of their latest tricks.

To learn the answers to the rest of the questions mentioned above, please download the DataVisor Online Fraud Report here.


Popular Posts

Intelligent solutions. Informed decisions. Unrivaled results.

DataVisor Fraud Index Report: Q3 2019

Learn More

Drawing on 80B events, 758M users, and 368M IPs, DataVisor’s Fraud Index Report tackles content abuse—how it happens,…

Drawing on 80B events, 758M users, and 368M IPs, DataVisor’s Fraud Index Report tackles content abuse—how it happens, why it’s scaling, and how to stop it.

Improve Fraud Protection and Customer Experience with AI

Learn More

Strides in artificial intelligence (AI) promise to strengthen fraud protection while also significantly improving the customer experience.

Strides in artificial intelligence (AI) promise to strengthen fraud protection while also significantly improving the customer experience—two vital sources of competitive differentiation in today’s competitive landscape. As lending activity moves online, AI leverages advanced analytics to stop new…

Keeping Platforms Safe: AI and Machine Learning for Fraud Prevention

Learn More

Every company is different, and every attack is different. When it comes to defeating fraud, success is determined…

Every company is different, and every attack is different. When it comes to defeating fraud, success is determined organization by organization. From mass registrations and fake listings, to ATO and spam, to promo abuse and bot attacks, DataVisor’s AI-powered fraud management solutions deliver the…


Protect your business, your customers, and your data.

Request Demo