The RSA Monthly Online Fraud Report discusses the latest trends in cybercrime and phishing around the globe.

1. CYBERCRIME BELLS ARE
RINGING, ARE YOU LISTENING?
The Top Nine Threats to Retailers this Holiday Season
November 2013
October marked a record breaking month for the number of phishing attacks identified by
RSA in a single month – an astounding 62,105 attacks. This is not surprising as past
phishing trends have demonstrated a surge in attacks right before the holiday shopping
season. And with more consumers conducting e-commerce online and through their mobile
devices than ever before, it is safe to say cybercriminals will be following the money.
This month’s highlight focuses on the top threats to retailers and e-commerce merchants
during peak holiday shopping times. For merchants, cybercrime and Web threats go way
beyond phishing. According to a new report by the Ponemon Institute and sponsored by
RSA, the biggest concern for merchants during these peak shopping times is to ensure
that their website remains live and functional because just one hour of website downtime
can cost $500,000, or $8,000 per minute, in lost revenue.
The top nine threats identified by merchants in the Ponemon study, as well as how likely
these threats are to occur and how difficult they feel these threats are to detect, are
outlined below.
1. Botnets and Distributed Denial of Service (DDoS) attacks. Besides the direct cost of
loss sales from downtime, a DDoS attack could result in lost consumer confidence and
brand value which could have long-term impact. 83% of merchants expect to see DDoS
attacks during the holiday shopping season.
2. App store fraud. From the delivery of rogue mobile apps masquerading as a legitimate
merchant to cashing in on rebates and credit card reward promotions, the mobile
channel is particularly vulnerable for merchants. 72% of merchants indicate app store
fraud is difficult to detect.
FRAUD REPORT
R S A M O N T H LY F R A U D R E P O R T
page 1

2. 3. alware on mobile devices/credential theft. Merchants are investing more to support
M
e-commerce sales in the mobile channel. Mobile devices will account for a larger-thanexpected share of total U.S. retail ecommerce sales, with a forecast for the mobile’s
share of shopping to surpass 16% of all e-commerce shopping. Malware capable of
capturing account credentials by infiltrating consumers’ mobile devices could
potentially rise.
4. Click fraud. Click fraud is a big on the cybercriminal list, taking advantage of “per click”
advertising through botnets and automated scripts. Click fraud is typically an issue
during the holiday shopping season as merchants invest heavily in advertising to lure
consumers to shop online. 74% of merchants indicate this activity is difficult to detect.
5. Testing stolen credit cards. With the high volume of e-commerce transactions taking
place during the holiday season, this is usually a good time for cybercriminals to test
stolen credit cards they have purchased in bulk from the underground.
6. E-coupon fraud. This type of fraud is often the result of business logic abuse which
takes advantage of a vulnerability on a website such as the shopping cart software. In
this case, a cybercriminal does an end-run around an online retailer’s pricing policy.
They select a heavily discounted item, place it in the “shopping cart” and then delay
the checkout. They come back to the cart later after obtaining an e-coupon, and apply
the discount to the final purchase price – thus obtaining the item well below the
retailer’s cost. 70% of merchants indicate business logic abuse is difficult to detect.
7. ccount hijacking. Account hijacking usually begins with a phishing attack to obtain
A
customers’ credentials. 61% of merchants expect to see account hijacking activity
during peak shopping times.
8. lectronic wallet fraud. Merchants continue to expand customer payment options
E
including e-wallets and other forms of emerging payments at checkout. As many of
these electronic payment options are still new, they offer more vulnerabilities for
cybercriminals to take advantage of.
9. ew account fraud/mass registrations. New account fraud typically occurs when there
N
is a popular promotion or sweepstakes being offered. Cybercriminals will leverage
botnets to overload a website with fraudulent new account registrations in order to
increase their chances of winning the prize. 71% of merchants indicate new account
fraud is difficult to detect.
Merchants that view cybercrime and other fraudulent activity as simply part of the cost of
doing business online need to consider the numbers. As noted earlier, one website being
down for just one hour can cost a retailer as much as $500,000 in terms of lost traffic
and revenue which equates to $8,000 for every minute a purchase is prevented or the
integrity of a website is compromised. Most companies typically have about 44 customerfacing websites. If all sites were down for just one hour on one day, a company could lose
about $22 million. Just as consumers need to beware as they gear up for the hustle and
bustle of holiday shopping, retailers and other organizations who could potentially be
affected by cybercrime need to be mindful of the myriad of threats that could be targeting
their websites and their customers.
R S A M O N T H LY F R A U D R E P O R T
page 2

3. RSA CYBERCRIME STATISTICS
NOVEMBER 2013
Source: RSA Anti-Fraud Command Center
Phishing Attacks per Month
RSA identified 62,105 phishing attacks
launched worldwide in October – the
highest number of attacks ever recorded
by RSA in a single month. This marks a
35% increase in attack volume from
September.
62,105
Attacks
US Bank Types Attacked
U.S. nationwide banks remained the most
targeted with 57% of phishing attacks
targeted at that sector in October.
Credit Unions
Regional
National
Top Countries by Attack Volume
81%
The U.S. remained the most targeted
country in October with an overwhelming
81% of the total phishing volume, followed
by the UK, India and Germany.
5%
2%
R S A M O N T H LY F R A U D R E P O R T
UK
3%
U.S.
India
Germany
page 3

4. Top Countries by Attacked Brands
In October, 32% of phishing attacks were
targeted at brands in the U.S., followed by
the UK, India, France and Brazil.
U.S.
32%
UK
9%
45%
Top Hosting Countries
The U.S. continues to host the most
phishing attacks, hosting 45% of
global phishing attacks in October.
5%
4%
4%
GLOBAL PHISHING LOSSES
OCTOBER 2013
CONTACT US
To learn more about how RSA products, services, and solutions help solve your
business and IT challenges contact your local representative or authorized reseller –
or visit us at www.emc.com/rsa
www.emc.com/rsa
©2013 EMC Corporation. EMC, RSA, the RSA logo, and FraudAction are trademarks or registered trademarks of EMC
Corporation in the U.S. and/or other countries. All other trademarks mentioned are the property of their respective
holders. NOV RPT 1113