In 2011, RSA’s e-commerce authentication technology was used by many of the top card issuers around the globe to protect nearly a half a billion e-commerce transactions and their statistics for 2011 (2012 will be posted when available) are;
- Over the course of 2011, 7% of all e-commerce transactions were identified as fraudulent, an increase of 2% in 2010
- During the 2011 holiday shopping season (November 1 – December 31), U.S. consumers spent over $1.4 billion online, an increase of 18% from 2010
- Identified fraudulent transactions during this same time totaled more than $82 million, an increase of 219% from 2010. Cyber Monday accounted for $2.5 million
- Top online retailers based on e-commerce transaction volume and amounts in 2011 included three major airlines
- The top five cities where e-commerce fraud originated over the holiday season include New York, Los Angeles, Chicago, Washington DC and Houston
Fraud is always lurking around every corner, but is especially prolific at this time of year with so many people shopping online. Consumers can follow some very simple tips to stay safe online:
- Tune up defenses for ALL devices. Just like you would tune up your car before driving to visit relatives during the holidays, you should ensure that any device you plan to shop with (computers, tablets, smartphones and even gaming systems) gets a tune up with the latest browsers and security patches.
- Shop with retailers that take security seriously. Before entering any personal or payment information, you should look for the closed padlock on your web browser’s address bar and ensure the web address starts with “https” – the “s” standing for secure. Also, look for protection beyond just passwords. For example, many merchants now support the Verified by Visa / MasterCard SecureCode standards which will provide you with additional security. Finally, always make sure there is a phone number or physical address for the merchant in case there is an issue with your purchase.
- Avoid advertisements, coupons or deals that seem too good to be true. Fraudsters use many scams to try to direct you to a malicious website to download a Trojan onto your computer.
- Be on the lookout for phishing emails. Fraudsters will be launching countless phishing attacks this time of year trying to secure your payment account information so be on high alert. When the emails start coming in with subject lines screaming “Account Alert” or “Reactivate your account” and making claims such as “invalid login attempts into your account online from an unknown IP address have been identified,” ensure you delete it right away.
Phishing Attacks per Month
In October, RSA identified 33,768 unique phishing attacks launched worldwide, a 5% decrease from September. While attack volume has been decreasing over the last three months, total phishing attack numbers for the second half of 2012 already represent a 9% increase over first half numbers with November and December still to go.
Number of Brands Attacked
In October, 269 brands were subject to phishing attacks, marking a 14% decrease from September. A decrease in the number of targeted brands is likely the result of an increased focus of attacks on several familiar brands.
US Bank Types Attacked
Nationwide banks in the U.S. experienced a slight decline in attacks, down 3%, while U.S. credit unions saw a 5% increase in phishing attacks in October.
Top Countries by Attack Volume
In October, the U.K continued to be the country targeted by the most volume of phishing, with a total of 34%, despite a 14% drop from September’s number. Canada and the U.S. together were targeted by 51% of phishing volume in October. South Africa made a surprising appearance in October, targeted by 4% of phishing volume throughout the month.
Top Countries by Attacked Brands
In October, U.S. brands were targeted the most by phishing,– representing 34% of targeted brands, followed by brands in the UK (12%), and Australia and Canada (both 6% respectively)
Top Hosting Countries
The U.S. continued to host the majority of phishing attacks in October – with three out of every four attacks during the month being hosted in the U.S. Other top hosting countries in October included the UK, Germany, and Canada.
You might also want to read “What will fraud look like in 2013?”
Previous RSA Online Fraud Report Summaries:
- The RSA October 2012 Online Fraud Report Summary here.
- The RSA September 2012 Online Fraud Report Summary here.
- The RSA August 2012 Online Fraud Report Summary here.
- The RSA July 2012 Online Fraud Report Summary here.
- The RSA June 2012 Online Fraud Report Summary here.
- The RSA April 2012 Online Fraud Report Summary here.
- The RSA March 2012 Online Fraud Report Summary here.
- The RSA February 2012 Online Fraud Report Summary here.
- The RSA January 2012 Online Fraud Report Summary is here.
- The RSA December 2011 Online Fraud Report Summary is here.
- The RSA November 2011 Online Fraud Report Summary is here.
- The RSA October 2011 Online Fraud Report Summary is here.
- The RSA September 2011 Online Fraud Report Summary is here.