Beware of Sleeper Fraud Accounts
Datavisor Online Fraud report finds that a non-trivial percentage of fraud activity occurs from accounts that are inactive for a week before an attack.
Attackers often create new accounts in order to commit fraud, but how long does it take from the time the account is created until fraud is attempted? That's one of the many questions about fraud that a new report from fraud detection firm Datavisor aims to help answer.
The Inaugural DataVisor Online Fraud report is based on data from the company's global network that benefits from sensor data generated by more than a billion users around the world. In a 2016 video interview, Yinglian Xie, CEO and co-founder of DataVisor, detailed the technology used by her firm to hep combat online fraud.
"The Fraud Economy is flush with billions of dollars in resources. It’s no longer just one malicious user causing trouble, but rather massively funded armies numbering in the hundreds who are providing a big payout for these bad actors," Xie said in a statement. "The fraudsters are becoming adept at looking like normal users and it’s clear from our research that they are increasingly sophisticated and using the latest technologies available to skirt detection."
So how long do fraudsters wait before using a new account? According to Datavisor, 37 percent of malicious accounts take three months or more before they attack. In total, 44 percent of fraudulent accounts will sleep for at least seven days before being used as part of a fraud attack.
In terms of where many of the fraudulent email accounts are coming from, the majority (53 percent) are from well-known popular emails services including Google, Microsoft and Yahoo. Additionally, DataVisor found that 18 percent of accounts hosted in the cloud are fraudulent.
While fraudsters do use mobile device, DataVisor found that they actually prefer desktops. 82 percent of fake accounts were created with desktop operating systems, while only 18 percent came from mobile devices.
While fraudulent accounts can be hosted anywhere in the world, nearly a third (32.1 percent) are hosted in the U.S. with China coming in as a distant second at 9.6 percent.
Sean Michael Kerner is a senior editor at eSecurityPlanet and InternetNews.com. Follow him on Twitter @TechJournalist.