Security Magazine logo
search
cart
facebook twitter linkedin youtube
  • Sign In
  • Create Account
  • Sign Out
  • My Account
Security Magazine logo
  • NEWS
    • Security Newswire
    • Technologies & Solutions
  • MANAGEMENT
    • Leadership Management
    • Enterprise Services
    • Security Education & Training
    • Logical Security
    • Security & Business Resilience
    • Profiles in Excellence
  • PHYSICAL
    • Access Management
    • Fire & Life Safety
    • Identity Management
    • Physical Security
    • Video Surveillance
    • Case Studies (Physical)
  • CYBER
    • Cybersecurity News
    • More
  • BLOG
  • COLUMNS
    • Cyber Tactics
    • Leadership & Management
    • Security Talk
    • Career Intelligence
    • Leader to Leader
    • Cybersecurity Education & Training
  • EXCLUSIVES
    • Annual Guarding Report
    • Most Influential People in Security
    • The Security Benchmark Report
    • The Security Leadership Issue
    • Top Guard and Security Officer Companies
    • Top Cybersecurity Leaders
    • Women in Security
  • SECTORS
    • Arenas / Stadiums / Leagues / Entertainment
    • Banking/Finance/Insurance
    • Construction, Real Estate, Property Management
    • Education: K-12
    • Education: University
    • Government: Federal, State and Local
    • Hospitality & Casinos
    • Hospitals & Medical Centers
    • Infrastructure:Electric,Gas & Water
    • Ports: Sea, Land, & Air
    • Retail/Restaurants/Convenience
    • Transportation/Logistics/Supply Chain/Distribution/ Warehousing
  • EVENTS
    • Industry Events
    • Webinars
    • Solutions by Sector
    • Security 500 Conference
  • MEDIA
    • Videos
      • Cybersecurity & Geopolitical Discussion
      • Ask Me Anything (AMA) Series
    • Podcasts
    • Polls
    • Photo Galleries
  • MORE
    • Call for Entries
    • Classifieds & Job Listings
    • Continuing Education
    • Newsletter
    • Sponsor Insights
    • Store
    • White Papers
  • EMAG
    • eMagazine
    • This Month's Content
    • Advertise
  • SIGN UP!
CybersecurityPhysicalSecurity NewswirePhysical SecurityCybersecurity News

Massive spike in fraud across all industries - 4.3 billion attacks detected since Black Friday

identity theft, fraud prevention, cybersecurity, data theft
February 10, 2021

Arkose Labs, provider of online fraud and abuse prevention technology, released new data on the latest fraud trends that reveal a massive spike in fraud across all industries from Black Friday onwards. As consumers continue to flock online in droves greater than ever before, credential stuffing, account takeover (ATO) attacks and gift card fraud are poised to be top attack vectors in 2021.

“2021 remains full of unknowns, however what’s certain is the frequency and severity of fraud will never return to pre-pandemic levels,” said Vanita Pandey, VP of Marketing and Strategy at Arkose Labs. “With digital channels serving as an invaluable lifeline for much of the world, the Arkose Labs network saw 4 times as many transactions compared to the year prior. This increased activity has created an ideal breeding ground for attacks as fraudsters work to blend in with trusted users, rendering typical models of good versus bad user behavior obsolete.” 

 

The Black Friday Effect and Gift Card Fraud

As in previous years, the Arkose Labs network recorded a sustained increase in fraud in the ecommerce industry from Black Friday through the end of the year. This year, however, this sustained increase in fraud occurred across all industries -- even those not typically associated with Black Friday, such as social media, online dating and financial services. This could be attributed to fraudsters leveraging social media or cloud-based communications platforms to spread disinformation about deals. It’s likely also a result of attackers targeting payment platforms or financial accounts, and blending in with traffic due to increased consumer usage.

Also during the holiday season this year, electronic gift card fraud ran rampant. Fungible and difficult to track, gift cards provide fraudsters with quick money and generally easy getaways. In Q4 of 2020, fraudsters used botnets to brute force attacks on gift card websites by testing thousands of card number and PIN combinations per minute. Bots and sweatshops were also used to continually check the card balances and redeem them.  

 

Credential Stuffing and New Attack Types

The influx of new digital accounts created in Q4 of 2020 led to a drastic increase in credential stuffing attacks, which power account takeover attacks. Account takeovers fuel fraud, as once an account is compromised, an attacker can use that information to carry out numerous types of downstream fraud. Credential stuffing attacks more than doubled in Q4 compared to Q3, and increased by nearly 90% compared to Q1.  

Hybrid attacks also increased in Q4 of 2020, with bots being used to launch large-scale, low-reward attacks requiring brute force and humans supplementing attacks in which more nuance is required. 

 

Geographical Fraud Trends

In Q4 of 2020, North America experienced a marked increase in fraud attacks, specifically from the United States, where tens of millions of people experienced unemployment and financial distress due to COVID-19 lockdowns. Bots drove the region’s 24.2% attack rate, with just 3.5% of attacks originating from humans. Gaming was the top attacked industry, however social media and retail transactions also served as popular targets. 

Asia returned to the forefront of attacks, accounting for 50% of all attacks, with top attacking countries from this region including Vietnam, India, Indonesia, Thailand and the Philippines. 

Europe also had another busy quarter for attacks, as many major countries returned to lockdowns, spurring on incentives to carry out fraud. 52% of all EU-based attacks originated from Russia, however non-typical fraud nations like the Netherlands, Germany, Ukraine and Turkey also joined in. In terms of human-driven attacks, Russia also topped the leaderboard, followed by the United Kingdom.  

“Looking ahead, we can expect to see high levels of credential stuffing continue as fraudsters test stolen credentials to repeatedly launch ATO attacks. As more consumers engage with digital commerce, companies will offer more promotions to remain competitive, which in turn will lead to fraudsters opening even more new accounts at scale in order to take advantage of these promotional efforts,” said Pandey. “Fighting fraud may be more complicated than ever, but with the right approach and tools businesses have a timely opportunity to stop fraudsters in their tracks, while at the same time maintaining a great digital experience for their customers.”   

The Q1 Arkose Labs Fraud and Abuse Report is based on actual user sessions and attack patterns that were analyzed by the Arkose Labs Fraud and Abuse Prevention Platform from October to December 2020. These sessions, spanning account registrations, logins and payments from financial services, ecommerce, travel, social media, gaming and entertainment were analyzed in real-time to provide insights into the evolving fraud and risk landscape. Unsophisticated bot attacks don’t result in a user session and thus have not been included in this report. The report focuses on attacks from fraud outlets that combine state-of-the-art technology with stolen identity credentials and human efforts.

To access the full Q1 2021 Fraud and Abuse Report, please click here. 

KEYWORDS: cyber security fraud prevention risk management

Share This Story

Looking for a reprint of this article?
From high-res PDFs to custom plaques, order your copy today!

Recommended Content

JOIN TODAY
To unlock your recommendations.

Already have an account? Sign In

  • Security's Top Cybersecurity Leaders 2024

    Security's Top Cybersecurity Leaders 2024

    Security magazine's Top Cybersecurity Leaders 2024 award...
    Security Leadership and Management
    By: Security Staff
  • cyber brain

    The intersection of cybersecurity and artificial intelligence

    Artificial intelligence (AI) is a valuable cybersecurity...
    Cybersecurity
    By: Pam Nigro
  • artificial intelligence AI graphic

    Assessing the pros and cons of AI for cybersecurity

    Artificial intelligence (AI) has significant implications...
    Cybersecurity
    By: Charles Denyer
Subscribe For Free!
  • Security eNewsletter & Other eNews Alerts
  • eMagazine Subscriptions
  • Manage My Preferences
  • Online Registration
  • Mobile App
  • Subscription Customer Service

More Videos

Sponsored Content

Sponsored Content is a special paid section where industry companies provide high quality, objective, non-commercial content around topics of interest to the Security audience. All Sponsored Content is supplied by the advertising company and any opinions expressed in this article are those of the author and not necessarily reflect the views of Security or its parent company, BNP Media. Interested in participating in our Sponsored Content section? Contact your local rep!

close
  • Crisis Response Team
    Sponsored byEverbridge

    Automate or Fall Behind – Crisis Response at the Speed of Risk

  • Perimeter security
    Sponsored byAMAROK

    Why Property Security is the New Competitive Advantage

  • Duty of Care
    Sponsored byAMAROK

    Integrating Technology and Physical Security to Advance Duty of Care

Popular Stories

Pills spilled

More than 20,000 sensitive medical records exposed

Laptop in darkness

Verizon 2025 Data Breach Investigations Report shows rise in cyberattacks

Coding on screen

Research reveals mass scanning and exploitation campaigns

White post office truck

Department of Labor Sues USPS Over Texas Whistleblower Termination

Computer with binary code hovering nearby

Cyberattacks Targeting US Increased by 136%

2025 Security Benchmark banner

Events

May 22, 2025

Proactive Crisis Communication

Crisis doesn't wait for the right time - it strikes when least expected. Is your team prepared to communicate clearly and effectively when it matters most?

September 29, 2025

Global Security Exchange (GSX)

 

View All Submit An Event

Products

Security Culture: A How-to Guide for Improving Security Culture and Dealing with People Risk in Your Organisation

Security Culture: A How-to Guide for Improving Security Culture and Dealing with People Risk in Your Organisation

See More Products

Related Articles

  • fraud-enews

    1.1 billion fraud attacks detected since the beginning of 2020

    See More
  • cyber5-900px.jpg

    77% of all Ransomware Detected in Four Industries

    See More
  • Dangling fishing hook

    Phishing attacks rose by more than 600% in the buildup to Black Friday

    See More

Events

View AllSubmit An Event
  • September 25, 2024

    How to Incorporate Security Into Your Company Culture

    ON DEMAND: From this webinar, you will learn how to promote collaboration between IT and physical security teams to streamline corporate security initiatives.
View AllSubmit An Event
×

Sign-up to receive top management & result-driven techniques in the industry.

Join over 20,000+ industry leaders who receive our premium content.

SIGN UP TODAY!
  • RESOURCES
    • Advertise
    • Contact Us
    • Store
    • Want More
  • SIGN UP TODAY
    • Create Account
    • eMagazine
    • eNewsletter
    • Customer Service
    • Manage Preferences
  • SERVICES
    • Marketing Services
    • Reprints
    • Market Research
    • List Rental
    • Survey/Respondent Access
  • STAY CONNECTED
    • LinkedIn
    • Facebook
    • YouTube
    • X (Twitter)
  • PRIVACY
    • PRIVACY POLICY
    • TERMS & CONDITIONS
    • DO NOT SELL MY PERSONAL INFORMATION
    • PRIVACY REQUEST
    • ACCESSIBILITY

Copyright ©2025. All Rights Reserved BNP Media.

Design, CMS, Hosting & Web Development :: ePublishing