Fraudsters Joyride as Digital Business Skyrockets - Read More in our 2021 Report

Digital business is experiencing some serious liftoff as brands interact with customers through an increasing number of digital touchpoints. Customers interact with a company through multiple digital channels, and this extensive contact helps businesses be nimbler and more responsive to their customers’ needs. But it also magnifies the risks, making fraud detection and security more complex. The findings in our recently completed 2021 State of Phishing & Online Fraud Report reinforces these trends.

The COVID-19 pandemic compelled many businesses to fast-track their digital transformation projects in 2020. Employees needed to work remotely, and consumers increased their online activity and spending almost overnight as many countries enacted restrictions to limit the spread of the virus. A global survey of more than 4,300 leaders across multiple sectors found that 80% have successfully accelerated their digital transformation initiatives, according to Dell Technologies 2020 Digital Transformation Index. Reinventing the delivery of digital experiences for customers and employees was among the top five priorities.

The focus on the digital touchpoints is not surprising. More consumers are interacting with brands digitally, and this trend accelerated during the pandemic as people shifted their activities online. In just a few months after COVID-19 restrictions came into effect, eCommerce in the United States saw 10 years’ worth of growth, according to an analysis by Accenture. Consumers also increased their use of multiple shopping channels—45% shopped more on their mobile phones while 23% shopped more via smart digital assistants, according to a global survey of nearly 4,500 consumers by PwC.

While these digital trends were sparked by the pandemic, they’re here to stay. Brands will need to maintain their omnichannel focus. For example, an Accenture global survey of more than 8,800 consumers found that:

• 84% planned to maintain their increased usage of in-app ordering
• 80% planned to sustain their increased shopping via social media channels
• 77% said they would continue shopping more on company websites

Source: “How is COVID-19 changing the retail consumer?” Accenture, August 2020

This digital business explosion comes at a time when security threats and fraud are escalating. We found that the number of phishing and fraudulent sites going up daily increased by nearly 73% from 2019 to 2020, to a total of nearly 7 million. We also saw growth of 185% from the first to the fourth quarter of 2020 in the number of newly created malicious sites. And as our data reveals, the scale of the threat continues to grow—while the environment is becoming increasingly more complicated.

Digital Business = New Threat Vectors and Opportunities for Fraud and Risk

Digital business has amplified risks and created new ones that many companies did not have to consider in the past. Traditionally, fighting fraud was defined primarily as screening payments and securing digital commerce transactions. This is no longer enough in today’s landscape, and businesses need to focus on the wider customer interactions for every digital touchpoint, or, as Gartner calls it, the business-to-customer (B2C) perimeter.

Gartner defines the B2C perimeter as comprising eight touchpoints (Checkout, Login, Fake Domains, Search Engines, App Stores, 3rd Party Sites, Social Media, User-Posted Content), each susceptible to a range of threats. The perimeter is continuously expanding, and the proliferation of touchpoints will lead to even higher risks. Understanding the nature of this evolving threat landscape, and the connections therein, is critical.

Many digital businesses typically take a siloed approach to address these touchpoints. Risk mitigation therefore becomes fragmented among various business functions, each team having a limited view of attack vectors and threats. Why is fragmentation of such concern? Because opportunistic threat actors exploit the cracks and the silos. To perpetrate their schemes, they adapt their tactics to leverage more B2C touchpoints.

In the typical organization, different teams and functions have their own objectives. Brand protection is often a legal issue. But ultimately an attack that impersonates a brand can lead to fraud as well as cybersecurity incidents if, for example, the perpetrators take over the email accounts of a high-level executive to initiate a fraudulent financial transaction or steal credentials.

To close the security and risk gaps, businesses need to:

• Adopt proactive strategies that enable them to anticipate challenges.
• Fight scale with scale, employing artificial intelligence and machine learning for rapid fraud detection.
• Adopt a customer-centric approach that accounts for and catalogs the various customer digital touchpoints and threats.

Looking Ahead: What to Expect in 2021 and Beyond

The data in our report demonstrates that the scale of fraud and risk is growing faster than today’s patchy, reactive approaches can keep up. While no one can predict where the next fraud campaign will come from, it’s clear that threat actors are ready to pounce whenever an opportunity arises. In 2020, the key drivers for phishing and fraud were COVID-19, remote work, and technology. While some of these trends are still evident into 2021, new ones are emerging, and fast. The scope and scale will undoubtedly not get any smaller, and protecting brands—and customers—will not get any easier without more predictable and scalable strategies.

Our 2021 State of Phishing & Online Fraud Report provides insights into the volume of phishing and scam attacks with examples of real phishing and fraud campaign sites being used to steal credentials.

Among the examples of scam sites identified are:

• Online sales of a COVID-19 vaccine with free shipping
• Counterfeit Ray Ban sunglasses being offered for 90% off retail
• Applications to become a mystery shopper for Walmart and Kroger grocery stores

Key findings from the comprehensive 2021 report include:

• 6.95 million new phishing and scam pages created
• Key themes used for scams: COVID, gift cards, gaming hacks
• Highest number of new phishing and scam sites in one month: 206,310
• Top thee industries targeted: technology, retail, finance
• Top three countries where scams were hosted: USA, Russia, British Virgin Isles
• Top email service used for phishing kits: Gmail

Download your copy of the report today!

Additional sources:

Digital Transformation Index 2020, Vanson Bourn Research, Dell Technologies, September 2020
“How is COVID-19 changing the retail consumer?” Accenture, August 2020
“The consumer transformed,” PwC, 2020
“How is COVID-19 changing the retail consumer?” Accenture, August 2020

Jeff Baher

Jeff Baher