arrow left facebook twitter linkedin medium menu play circle

Introducing the DataVisor Online Fraud Report

By Ting Fang Yen March 15, 2017

Photo of Ting Fang Yen

about Ting Fang Yen
Director of Research // Ting-Fang specializes in network and information security data analysis and fraud detection in the financial social and eCommerce industries. She holds a PhD in Electrical and Computer Engineering from Carnegie Mellon and has previously worked for E8, RSA, and Microsoft.

DataVisor Online Fraud Report

As DataVisor Co-Founder and CEO Yinglian Xie says in her foreword to the Inaugural DataVisor Online Fraud Report, “Data is power.” We have no shortage of data here at DataVisor and we have taken the opportunity to unlock it and analyze the results.

Through our Global Telemetry Network of more than one billion users across 172+ countries in the world, we were able to identify the favorite tools and attack techniques fraudsters from around the globe are using to create accounts and evade detection.

As with all research, you don’t always know what the results will reveal. When we first set out to develop the report, we set up a series of questions for which we wanted answers:

  • What device platform is used most to conduct attacks?
  • Which operating system are used most frequently by fraudulent accounts?
  • What are the most popular browsers for fraudsters?
  • Where are the most fraudulent accounts located geographically?
  • What percentage of bad actors use cloud hosting providers to launch attacks?
  • Which email domains are used the most to register fake accounts?
  • What is the average size of a fake account army?
  • How long do fraudsters age accounts before they attack?

Some of the most interesting results came when we looked at aging accounts. We knew fraudsters would lie in wait, or sleep, on platforms for extended periods of time but the results were still surprising in terms of just how committed, and patient, these bad guys are when it comes to aging accounts. According to our data, 44 percent of fraudulent accounts sleep at least seven days before an attack. Thirty-seven percent of malicious accounts have still yet to attack even after three months.


For malicious users to be sitting within your online community or user base, pretending to be regular users, for that long is scary. It underscores the importance of not only early detection, but looking at your users beyond their registration. To catch these sophisticated attackers before they strike, you have to look at the whole picture, even if they appear harmless.

Also, cloud-usage is definitely growing among malicious users. We observed that 18 percent of accounts hosted on cloud services are fraudulent. Malicious accounts are seven times more likely to use cloud services than normal users. Using the cloud enables fraudsters to both significantly increase the number of attack campaigns they can conduct, as well as evade detection by hiding behind legitimate network sources.


The fraud ecosystem is constantly evolving, and it’s clear that fraudsters are becoming increasingly more sophisticated in their attack techniques, as well as their adoption of new technology. They are blending in with normal users and circumventing traditional fraud detection methods. They are harder to detect, but we hope the DataVisor Online Fraud Report will help illuminate some of their latest tricks.

To learn the answers to the rest of the questions mentioned above, please download the DataVisor Online Fraud Report here.

Popular Posts

Intelligent solutions. Informed decisions. Unrivaled results.

DataVisor Fraud Index Report: Q2 2019

Learn More

The DataVisor Q2 2019 Fraud Index Report is here.

Customers online want convenience, ease, and access. Fortunately, your business offers it all. Unfortunately, that’s what fraudsters want too. To a cyber criminal, those features mean vulnerabilities. To bring you the very latest and most actionable insights about where the risks are and what you…

Dumb & Dumber vs Ocean’s 11

Learn More

Understand the range of modern fraud attacks to ensure complete coverage for your organization.

Complex and coordinated fraud attacks that are extensively planned, hard to detect, and highly scalable are the new normal for online platforms. Explore and understand the full spectrum of fraud attacks—from simple to sophisticated—and learn how you can defend against each type in this…

Diagnose and Defeat Application Fraud with the Latest AI-Powered Tools

Learn More

Learn how leading financial institutions are using ML to proactively detect card application fraud.

In this insightful webinar, you’ll explore how organizations are leveraging AI-powered fraud management solutions to get tangible, real-world benefits as they work to proactively detect and defeat sophisticated modern fraud attacks. Plus, you’ll discover strategies for empowering cross-team…

Protect your business, your customers, and your data.

Request Demo