Online Fraud: What Tools, Techniques the Fraudsters Use

Online fraud can take many forms and comes from any number of sources. Security firm DataVisor is in the business of helping organizations limit fraud risks, and the company’s research unit DataVisor Threat Labs actively tracks trends in the online security space across the 1 billion users around the world. On March 15, the company released its inaugural DataVisor Online Fraud Report, providing insight into the tools, techniques and accounts used by hackers to commit online fraud. Among the high-level findings in the report is that 56 percent of attackers will launch an attack within seven days of setting up a fraudulent account. The report also found that 82 percent of fraudulent accounts are created from desktop machines, not mobile devices. In this slide show, eWEEK takes a look at some of the highlights of the DataVisor Online Fraud Report.

According to DataVisor, 54 percent of fraudulent accounts are used within one day of creation. Of note, however, is that 37 percent remain as a “sleeper” account for greater than 90 days before any fraud is attempted with the account.

When creating fraudulent accounts, criminals prefer using desktop operating systems. According to DataVisor, 82 percent of fraudulent accounts are created from desktop machines.

For fraudsters who do use mobile platforms, Android is the clear winner over iOS. DataVisor reported that 74 percent of all mobile fraudsters use Android as their mobile operating system.

While a fraudulent account can be created from any type of email account, more than half (53 percent) of fraudulent accounts are registered with email addresses from popular email services including Google Gmail, Microsoft Outlook and Yahoo Mail.

Google’s Chrome has become the most widely used browser in the world in recent years, and as it turns out, it’s also the most used browser among fraudulent users.

While fraudulent accounts can be hosted anywhere in the world, nearly a third (32.1 percent) are hosted in the United States. China comes in a distant second at 9.6 percent, followed by Vietnam at 6.5 percent.

According to DataVisor’s analysis, malicious accounts are seven times more likely to use cloud hosting providers than normal users. Amazon Web Services (AWS) is reported by DataVisor to have the highest number of fraudulent accounts.