Cyber attacks up, here’s how to protect against fraudsters
New data out from Akamai notes that gamers are now getting even more attention from fraudsters, with many targeting online and mobile gamers with credential stuffing and phishing attacks. About 10% (or 10 billion attacks)of these attacks targeted gamers between 2018 and 2020. During the same time period researchers found more than 150 million application attacks including SQL injections.
Specific to the COVID pandemic, since March when many businesses shut down and people began spending more time in the digital space they’ve discovered more than 3,000 DDoS attacks aimed at gamers and the gaming industry.
“Criminals are launching relentless waves of attacks against games and players alike in order to compromise accounts, steal and profit from personal information and in-game assets, and gain competitive advantages,” said Steve Ragan, Security Researcher, Akamai. “It’s vital that gamers, game publishers, and game services work in concert to combat these malicious activities through a combination of technology, vigilance, and good security hygiene.”
Because of the rise in attacks, DataVisor suggests that security teams take steps to mitigate the risks for consumers by preparing for the unknown rather than relying on traditional methods of fraud mitigation. Fraudsters in 2020, for example use bot-powered and AI-driven attacks that can be hard for businesses to detect, and which can lead to a lag time between when the attack is launched and when they can begin fighting it.
“Fraud and risk solutions that employ AI and advanced machine learning can proactively detect and prevent fraud before an attack successfully infiltrates a business’s network,” write the experts at DataVisor. “Specifically, unsupervised machine learning can be used to spot new, unknown fraud patterns without needing legacy data, labels, or rules regardless of how sophisticated or novel the attack method.”
From there, DataVisor’s experts suggest businesses use real-time detection tools, and that protection crosses the entire customer lifecycle.
“Online fraud begins with a user account and can occur at any point along the customer journey,” say the DataVisor experts. “Attacks can come from anywhere across digital channels and spread quickly throughout the digital ecosystem. That’s why comprehensive account lifecycle protection is essential. Point solutions that only protect against isolated use cases…are no longer sufficient. It’s like locking your front door but leaving a window open.”