Arkose Labs revealed new data showing the impact of the rapidly evolving nature of online fraud. In the first half of 2020, the Arkose Labs network detected and stopped 1.1 billion attacks. This represents double the attack volume compared to the second half of 2019 and a 25 percent attack rate increase across all transactions. 

“The digital commerce landscape has fundamentally changed in 2020 due to the COVID-19 pandemic. With digital transactions surging, businesses are operating under intense pressure and incentive levels for fraudsters are sky high,” said Vanita Pandey, VP of Strategy at Arkose Labs. “Fraudsters have been quick to identify how consumers’ digital behavior is evolving, and are adapting their attack targets and tactics accordingly.” 

2020 Emerging Attack Patterns revealed:

  • 21 percent of all attacks were on mobile transactions in the first half of 2020, the Arkose Labs Q3 2020 Fraud and Abuse Report revealed. The mobile attack mix varies significantly by industry, for example 15 percent of retail attacks were mobile, whereas 58 percent of attacks on technology platforms were through the mobile channel; 37 percent of all transactions originated from mobile devices, meaning that mobile attack rates are lagging behind transaction levels. Desktop is still the favored option for cybercrime, with 79 percent of all attacks targeting desktop transactions. 
  • The human versus bot attack mix fluctuates from quarter to quarter, as fraudsters alternate between tactics that prove the most efficient and effective. Q1 saw a barrage of bot attacks, representing 74 percent of all attacks. This happened as fraudsters acted quickly to ramp up attacks when global lockdowns were introduced, forcing more consumers online. In Q2, however, 41 percent of fraud was human-driven, which is the largest proportion of human fraud over the last four quarters. 
  • In the immediate aftermath of COVID-19 lockdowns, high attack levels were seen across all customer touchpoints. This shifted in Q2, with account logins emerging as the most attacked touchpoint in Q2 - 28 percent of login attempts represented an attack.
  • With cross-border attacks operating across time zones and automated scripts running throughout the night, fraudsters' attacks don’t always align with the peak hours of legitimate consumers. Arkose Labs found that 5 AM (PT) is the most dangerous time of the day, with attack rates 10 percent higher than the average throughout the day. 

Fraudsters are quick to shift their focus and methods to align with ever-changing consumer behaviors. Top targets for online fraud in Q2 of 2020 include: 

  • Online Gaming: This sector remains a prime target, with 65 attacks reported every second. Q2 saw a shift to human-driven attacks (41 percent) and the most attacked touchpoint was logins, which saw a 22 percent uptick in the volume of attacks compared to the previous quarter. In-game abuse attacks such as real money trading are also on the rise, with 58 million in-game abuse attacks detected in the first half of 2020 -- a 60 percent increase compared to 2H 2019. 
  • Finance and Fintech: Attack levels on financial institutions in the Arkose Labs network rose notably in Q2, after an initial dip in April. These attacks were primarily human-driven and focused on application fraud.  
  • Retail and Travel: Businesses that have recently incorporated e-commerce in response to COVID-19 are particularly vulnerable to fraud. In Q2, one in five attacks were human-driven, and these largely targeted e-commerce sites, due to low traffic volumes in the travel sector.  
  • Technology: As a result of continued remote work, education and socializing, the technology industry witnessed an uptick in targeted attacks. There was a major swing towards human-driven attacks in Q2 (57 percent) and mobile attacks also increased, with 27 percent of attacks targeting mobile traffic.


Top Attack Originators and Global Rates findings include:

  • In Q2 of 2020, fraud hubs moved away from developing economies toward established markets. This demonstrates the fraud ecosystem’s ability to recruit new actors, particularly during times of economic uncertainty, says the study. Top attack originators include the United States, Russia, the Netherlands, Germany, Israel and Canada.  
  • In terms of regional attack rates, Europe was responsible for the most fraud in Q2, with 47 percent of all attacks originating from there. This represents a 62 percent rise in attack volumes for Europe. 32 percent of global attacks originated from North America, a region that saw a 37 percent increase in attack volume. 32 percent of gaming attacks and 46 percent of media attacks came from North America.

“COVID-19 has drastically accelerated the global digital economy, which presents a double-edged sword for businesses,” said Gosschalk. “On the one hand, it brings more customers into digital channels. On the other hand, it provides more opportunities for fraudsters to attack and blend in with normal online traffic. To remain competitive in the months and years ahead, businesses must be equipped to handle the onslaught of fraud that comes with increased digital adoption.”

The Q3 Arkose Labs Fraud and Abuse Report is based on actual user sessions and attack patterns that were analyzed by the Arkose Labs Fraud and Abuse Prevention Platform from April to June 2020. These sessions, spanning account registrations, logins and payments from financial services, ecommerce, travel, social media, gaming and entertainment were analyzed in real-time to provide insights into the evolving fraud and risk landscape. Unsophisticated bot attacks don’t result in a user session and thus have not been included in this report. The report focuses on attacks from fraud outlets that combine state-of-the-art technology with stolen identity credentials and human efforts.

To access the full Q3 2020 Fraud and Abuse Report, please click here.