SlideShare une entreprise Scribd logo

RSA Monthly Online Fraud Report -- November 2013

E
EMC

The RSA Monthly Online Fraud Report discusses the latest trends in cybercrime and phishing around the globe.

TechnologieÉconomie & finance
1  sur  4
Télécharger pour lire hors ligne
CYBERCRIME BELLS ARE RINGING, ARE YOU LISTENING? The Top Nine Threats to Retailers this Holiday Season November 2013 October marked a record breaking month for the number of phishing attacks identified by RSA in a single month – an astounding 62,105 attacks. This is not surprising as past phishing trends have demonstrated a surge in attacks right before the holiday shopping season. And with more consumers conducting e-commerce online and through their mobile devices than ever before, it is safe to say cybercriminals will be following the money. This month’s highlight focuses on the top threats to retailers and e-commerce merchants during peak holiday shopping times. For merchants, cybercrime and Web threats go way beyond phishing. According to a new report by the Ponemon Institute and sponsored by RSA, the biggest concern for merchants during these peak shopping times is to ensure that their website remains live and functional because just one hour of website downtime can cost $500,000, or $8,000 per minute, in lost revenue. The top nine threats identified by merchants in the Ponemon study, as well as how likely these threats are to occur and how difficult they feel these threats are to detect, are outlined below. 1. Botnets and Distributed Denial of Service (DDoS) attacks. Besides the direct cost of loss sales from downtime, a DDoS attack could result in lost consumer confidence and brand value which could have long-term impact. 83% of merchants expect to see DDoS attacks during the holiday shopping season. 2. App store fraud. From the delivery of rogue mobile apps masquerading as a legitimate merchant to cashing in on rebates and credit card reward promotions, the mobile channel is particularly vulnerable for merchants. 72% of merchants indicate app store fraud is difficult to detect. FRAUD REPORT R S A M O N T H LY F R A U D R E P O R T page 1
3. alware on mobile devices/credential theft. Merchants are investing more to support M e-commerce sales in the mobile channel. Mobile devices will account for a larger-thanexpected share of total U.S. retail ecommerce sales, with a forecast for the mobile’s share of shopping to surpass 16% of all e-commerce shopping. Malware capable of capturing account credentials by infiltrating consumers’ mobile devices could potentially rise. 4. Click fraud. Click fraud is a big on the cybercriminal list, taking advantage of “per click” advertising through botnets and automated scripts. Click fraud is typically an issue during the holiday shopping season as merchants invest heavily in advertising to lure consumers to shop online. 74% of merchants indicate this activity is difficult to detect. 5. Testing stolen credit cards. With the high volume of e-commerce transactions taking place during the holiday season, this is usually a good time for cybercriminals to test stolen credit cards they have purchased in bulk from the underground. 6. E-coupon fraud. This type of fraud is often the result of business logic abuse which takes advantage of a vulnerability on a website such as the shopping cart software. In this case, a cybercriminal does an end-run around an online retailer’s pricing policy. They select a heavily discounted item, place it in the “shopping cart” and then delay the checkout. They come back to the cart later after obtaining an e-coupon, and apply the discount to the final purchase price – thus obtaining the item well below the retailer’s cost. 70% of merchants indicate business logic abuse is difficult to detect. 7. ccount hijacking. Account hijacking usually begins with a phishing attack to obtain A customers’ credentials. 61% of merchants expect to see account hijacking activity during peak shopping times. 8. lectronic wallet fraud. Merchants continue to expand customer payment options E including e-wallets and other forms of emerging payments at checkout. As many of these electronic payment options are still new, they offer more vulnerabilities for cybercriminals to take advantage of. 9. ew account fraud/mass registrations. New account fraud typically occurs when there N is a popular promotion or sweepstakes being offered. Cybercriminals will leverage botnets to overload a website with fraudulent new account registrations in order to increase their chances of winning the prize. 71% of merchants indicate new account fraud is difficult to detect. Merchants that view cybercrime and other fraudulent activity as simply part of the cost of doing business online need to consider the numbers. As noted earlier, one website being down for just one hour can cost a retailer as much as $500,000 in terms of lost traffic and revenue which equates to $8,000 for every minute a purchase is prevented or the integrity of a website is compromised. Most companies typically have about 44 customerfacing websites. If all sites were down for just one hour on one day, a company could lose about $22 million. Just as consumers need to beware as they gear up for the hustle and bustle of holiday shopping, retailers and other organizations who could potentially be affected by cybercrime need to be mindful of the myriad of threats that could be targeting their websites and their customers. R S A M O N T H LY F R A U D R E P O R T page 2
RSA CYBERCRIME STATISTICS NOVEMBER 2013 Source: RSA Anti-Fraud Command Center Phishing Attacks per Month RSA identified 62,105 phishing attacks launched worldwide in October – the highest number of attacks ever recorded by RSA in a single month. This marks a 35% increase in attack volume from September. 62,105 Attacks US Bank Types Attacked U.S. nationwide banks remained the most targeted with 57% of phishing attacks targeted at that sector in October. Credit Unions Regional National Top Countries by Attack Volume 81% The U.S. remained the most targeted country in October with an overwhelming 81% of the total phishing volume, followed by the UK, India and Germany. 5% 2% R S A M O N T H LY F R A U D R E P O R T UK 3% U.S. India Germany page 3
Top Countries by Attacked Brands In October, 32% of phishing attacks were targeted at brands in the U.S., followed by the UK, India, France and Brazil. U.S. 32% UK 9% 45% Top Hosting Countries The U.S. continues to host the most phishing attacks, hosting 45% of global phishing attacks in October. 5% 4% 4% GLOBAL PHISHING LOSSES OCTOBER 2013 CONTACT US To learn more about how RSA products, services, and solutions help solve your business and IT challenges contact your local representative or authorized reseller – or visit us at www.emc.com/rsa www.emc.com/rsa ©2013 EMC Corporation. EMC, RSA, the RSA logo, and FraudAction are trademarks or registered trademarks of EMC Corporation in the U.S. and/or other countries. All other trademarks mentioned are the property of their respective holders. NOV RPT 1113

Recommandé

Private cloud day session 5 a solution for private cloud security
Private cloud day session 5 a solution for private cloud securityPrivate cloud day session 5 a solution for private cloud security
Private cloud day session 5 a solution for private cloud securityMicrosoft TechNet - Belgium and Luxembourg
 
Citophobia apa
Citophobia apaCitophobia apa
Citophobia apaCheckIt Out
 
Big Data & Security Have Collided - What Are You Going to do About It?
Big Data & Security Have Collided - What Are You Going to do About It?Big Data & Security Have Collided - What Are You Going to do About It?
Big Data & Security Have Collided - What Are You Going to do About It?EMC
 
Private Cloud Day Session 1: Building your Private Cloud Infrastructure
Private Cloud Day Session 1: Building your Private Cloud InfrastructurePrivate Cloud Day Session 1: Building your Private Cloud Infrastructure
Private Cloud Day Session 1: Building your Private Cloud InfrastructureMicrosoft TechNet - Belgium and Luxembourg
 
Mit2 092 f09_lec11
Mit2 092 f09_lec11Mit2 092 f09_lec11
Mit2 092 f09_lec11Rahman Hakim
 
PyCon PL 2014 executable api
PyCon PL 2014 executable apiPyCon PL 2014 executable api
PyCon PL 2014 executable apiWojtek Erbetowski
 
4. referencing not plagiarising presentation (1)
4. referencing not plagiarising presentation (1)4. referencing not plagiarising presentation (1)
4. referencing not plagiarising presentation (1)Khendle Christie
 
The Industrial Internet@Work
The Industrial Internet@WorkThe Industrial Internet@Work
The Industrial Internet@WorkEMC
 

Recommandé

Private cloud day session 5 a solution for private cloud security
Private cloud day session 5 a solution for private cloud securityPrivate cloud day session 5 a solution for private cloud security
Private cloud day session 5 a solution for private cloud securityMicrosoft TechNet - Belgium and Luxembourg
 
Citophobia apa
Citophobia apaCitophobia apa
Citophobia apaCheckIt Out
 
Big Data & Security Have Collided - What Are You Going to do About It?
Big Data & Security Have Collided - What Are You Going to do About It?Big Data & Security Have Collided - What Are You Going to do About It?
Big Data & Security Have Collided - What Are You Going to do About It?EMC
 
Private Cloud Day Session 1: Building your Private Cloud Infrastructure
Private Cloud Day Session 1: Building your Private Cloud InfrastructurePrivate Cloud Day Session 1: Building your Private Cloud Infrastructure
Private Cloud Day Session 1: Building your Private Cloud InfrastructureMicrosoft TechNet - Belgium and Luxembourg
 
Mit2 092 f09_lec11
Mit2 092 f09_lec11Mit2 092 f09_lec11
Mit2 092 f09_lec11Rahman Hakim
 
PyCon PL 2014 executable api
PyCon PL 2014 executable apiPyCon PL 2014 executable api
PyCon PL 2014 executable apiWojtek Erbetowski
 
4. referencing not plagiarising presentation (1)
4. referencing not plagiarising presentation (1)4. referencing not plagiarising presentation (1)
4. referencing not plagiarising presentation (1)Khendle Christie
 
The Industrial Internet@Work
The Industrial Internet@WorkThe Industrial Internet@Work
The Industrial Internet@WorkEMC
 
RSA Laboratories' Frequently Asked Questions About Today's Cryptography, Vers...
RSA Laboratories' Frequently Asked Questions About Today's Cryptography, Vers...RSA Laboratories' Frequently Asked Questions About Today's Cryptography, Vers...
RSA Laboratories' Frequently Asked Questions About Today's Cryptography, Vers...EMC
 
Federmanager Bologna - Presentazione dei servizi (aggiornata a ottobre 2014)
Federmanager Bologna - Presentazione dei servizi (aggiornata a ottobre 2014)Federmanager Bologna - Presentazione dei servizi (aggiornata a ottobre 2014)
Federmanager Bologna - Presentazione dei servizi (aggiornata a ottobre 2014)Marco Frullanti
 
מנהלי אחריות תאגידית בישראל - סקר קריירה והשפעה ארגונית
מנהלי אחריות תאגידית בישראל - סקר קריירה והשפעה ארגוניתמנהלי אחריות תאגידית בישראל - סקר קריירה והשפעה ארגונית
מנהלי אחריות תאגידית בישראל - סקר קריירה והשפעה ארגוניתShirley Kantor
 
Valentine & Kebartas
Valentine & KebartasValentine & Kebartas
Valentine & Kebartasvalentineandkebartas
 
07 friday command vs market economies
07 friday command vs market economies07 friday command vs market economies
07 friday command vs market economiesTravis Klein
 
Intelligence Driven Threat Detection and Response
Intelligence Driven Threat Detection and ResponseIntelligence Driven Threat Detection and Response
Intelligence Driven Threat Detection and ResponseEMC
 
Virtualization 2.0: The Next Generation of Virtualization
Virtualization 2.0: The Next Generation of VirtualizationVirtualization 2.0: The Next Generation of Virtualization
Virtualization 2.0: The Next Generation of VirtualizationEMC
 
Germansk mytologi og_verdensanskuelse_nor
Germansk mytologi og_verdensanskuelse_norGermansk mytologi og_verdensanskuelse_nor
Germansk mytologi og_verdensanskuelse_norSebastian Hübner
 
2014 Reformation plays
2014 Reformation plays2014 Reformation plays
2014 Reformation playsTravis Klein
 
An overview of agile methodologies
An overview of agile methodologiesAn overview of agile methodologies
An overview of agile methodologiesparvezmisarwala
 
EMC Hybrid Cloud Solution with VMware: Hadoop Applications Solution Guide 2.5
EMC Hybrid Cloud Solution with VMware: Hadoop Applications Solution Guide 2.5EMC Hybrid Cloud Solution with VMware: Hadoop Applications Solution Guide 2.5
EMC Hybrid Cloud Solution with VMware: Hadoop Applications Solution Guide 2.5EMC
 
INDUSTRY-LEADING TECHNOLOGY FOR LONG TERM RETENTION OF BACKUPS IN THE CLOUD
INDUSTRY-LEADING TECHNOLOGY FOR LONG TERM RETENTION OF BACKUPS IN THE CLOUDINDUSTRY-LEADING TECHNOLOGY FOR LONG TERM RETENTION OF BACKUPS IN THE CLOUD
INDUSTRY-LEADING TECHNOLOGY FOR LONG TERM RETENTION OF BACKUPS IN THE CLOUDEMC
 
Cloud Foundry Summit Berlin Keynote
Cloud Foundry Summit Berlin Keynote Cloud Foundry Summit Berlin Keynote
Cloud Foundry Summit Berlin Keynote EMC
 
EMC GLOBAL DATA PROTECTION INDEX
EMC GLOBAL DATA PROTECTION INDEX EMC GLOBAL DATA PROTECTION INDEX
EMC GLOBAL DATA PROTECTION INDEX EMC
 
Transforming Desktop Virtualization with Citrix XenDesktop and EMC XtremIO
Transforming Desktop Virtualization with Citrix XenDesktop and EMC XtremIOTransforming Desktop Virtualization with Citrix XenDesktop and EMC XtremIO
Transforming Desktop Virtualization with Citrix XenDesktop and EMC XtremIOEMC
 
Citrix ready-webinar-xtremio
Citrix ready-webinar-xtremioCitrix ready-webinar-xtremio
Citrix ready-webinar-xtremioEMC
 
EMC FORUM RESEARCH GLOBAL RESULTS - 10,451 RESPONSES ACROSS 33 COUNTRIES
EMC FORUM RESEARCH GLOBAL RESULTS - 10,451 RESPONSES ACROSS 33 COUNTRIES EMC FORUM RESEARCH GLOBAL RESULTS - 10,451 RESPONSES ACROSS 33 COUNTRIES
EMC FORUM RESEARCH GLOBAL RESULTS - 10,451 RESPONSES ACROSS 33 COUNTRIES EMC
 
EMC with Mirantis Openstack
EMC with Mirantis OpenstackEMC with Mirantis Openstack
EMC with Mirantis OpenstackEMC
 
Modern infrastructure for business data lake
Modern infrastructure for business data lakeModern infrastructure for business data lake
Modern infrastructure for business data lakeEMC
 
Force Cyber Criminals to Shop Elsewhere
Force Cyber Criminals to Shop ElsewhereForce Cyber Criminals to Shop Elsewhere
Force Cyber Criminals to Shop ElsewhereEMC
 
Pivotal : Moments in Container History
Pivotal : Moments in Container History Pivotal : Moments in Container History
Pivotal : Moments in Container History EMC
 
Data Lake Protection - A Technical Review
Data Lake Protection - A Technical ReviewData Lake Protection - A Technical Review
Data Lake Protection - A Technical ReviewEMC
 

Contenu connexe

En vedette

RSA Laboratories' Frequently Asked Questions About Today's Cryptography, Vers...
RSA Laboratories' Frequently Asked Questions About Today's Cryptography, Vers...RSA Laboratories' Frequently Asked Questions About Today's Cryptography, Vers...
RSA Laboratories' Frequently Asked Questions About Today's Cryptography, Vers...EMC
 
Federmanager Bologna - Presentazione dei servizi (aggiornata a ottobre 2014)
Federmanager Bologna - Presentazione dei servizi (aggiornata a ottobre 2014)Federmanager Bologna - Presentazione dei servizi (aggiornata a ottobre 2014)
Federmanager Bologna - Presentazione dei servizi (aggiornata a ottobre 2014)Marco Frullanti
 
מנהלי אחריות תאגידית בישראל - סקר קריירה והשפעה ארגונית
מנהלי אחריות תאגידית בישראל - סקר קריירה והשפעה ארגוניתמנהלי אחריות תאגידית בישראל - סקר קריירה והשפעה ארגונית
מנהלי אחריות תאגידית בישראל - סקר קריירה והשפעה ארגוניתShirley Kantor
 
07 friday command vs market economies
07 friday command vs market economies07 friday command vs market economies
07 friday command vs market economiesTravis Klein
 
Intelligence Driven Threat Detection and Response
Intelligence Driven Threat Detection and ResponseIntelligence Driven Threat Detection and Response
Intelligence Driven Threat Detection and ResponseEMC
 
Virtualization 2.0: The Next Generation of Virtualization
Virtualization 2.0: The Next Generation of VirtualizationVirtualization 2.0: The Next Generation of Virtualization
Virtualization 2.0: The Next Generation of VirtualizationEMC
 
Germansk mytologi og_verdensanskuelse_nor
Germansk mytologi og_verdensanskuelse_norGermansk mytologi og_verdensanskuelse_nor
Germansk mytologi og_verdensanskuelse_norSebastian Hübner
 
2014 Reformation plays
2014 Reformation plays2014 Reformation plays
2014 Reformation playsTravis Klein
 
An overview of agile methodologies
An overview of agile methodologiesAn overview of agile methodologies
An overview of agile methodologiesparvezmisarwala
 
EMC Hybrid Cloud Solution with VMware: Hadoop Applications Solution Guide 2.5
EMC Hybrid Cloud Solution with VMware: Hadoop Applications Solution Guide 2.5EMC Hybrid Cloud Solution with VMware: Hadoop Applications Solution Guide 2.5
EMC Hybrid Cloud Solution with VMware: Hadoop Applications Solution Guide 2.5EMC
 

En vedette (11)

RSA Laboratories' Frequently Asked Questions About Today's Cryptography, Vers...
RSA Laboratories' Frequently Asked Questions About Today's Cryptography, Vers...RSA Laboratories' Frequently Asked Questions About Today's Cryptography, Vers...
RSA Laboratories' Frequently Asked Questions About Today's Cryptography, Vers...
 
Federmanager Bologna - Presentazione dei servizi (aggiornata a ottobre 2014)
Federmanager Bologna - Presentazione dei servizi (aggiornata a ottobre 2014)Federmanager Bologna - Presentazione dei servizi (aggiornata a ottobre 2014)
Federmanager Bologna - Presentazione dei servizi (aggiornata a ottobre 2014)
 
מנהלי אחריות תאגידית בישראל - סקר קריירה והשפעה ארגונית
מנהלי אחריות תאגידית בישראל - סקר קריירה והשפעה ארגוניתמנהלי אחריות תאגידית בישראל - סקר קריירה והשפעה ארגונית
מנהלי אחריות תאגידית בישראל - סקר קריירה והשפעה ארגונית
 
Valentine & Kebartas
Valentine & KebartasValentine & Kebartas
Valentine & Kebartas
 
07 friday command vs market economies
07 friday command vs market economies07 friday command vs market economies
07 friday command vs market economies
 
Intelligence Driven Threat Detection and Response
Intelligence Driven Threat Detection and ResponseIntelligence Driven Threat Detection and Response
Intelligence Driven Threat Detection and Response
 
Virtualization 2.0: The Next Generation of Virtualization
Virtualization 2.0: The Next Generation of VirtualizationVirtualization 2.0: The Next Generation of Virtualization
Virtualization 2.0: The Next Generation of Virtualization
 
Germansk mytologi og_verdensanskuelse_nor
Germansk mytologi og_verdensanskuelse_norGermansk mytologi og_verdensanskuelse_nor
Germansk mytologi og_verdensanskuelse_nor
 
2014 Reformation plays
2014 Reformation plays2014 Reformation plays
2014 Reformation plays
 
An overview of agile methodologies
An overview of agile methodologiesAn overview of agile methodologies
An overview of agile methodologies
 
EMC Hybrid Cloud Solution with VMware: Hadoop Applications Solution Guide 2.5
EMC Hybrid Cloud Solution with VMware: Hadoop Applications Solution Guide 2.5EMC Hybrid Cloud Solution with VMware: Hadoop Applications Solution Guide 2.5
EMC Hybrid Cloud Solution with VMware: Hadoop Applications Solution Guide 2.5
 

Plus de EMC

INDUSTRY-LEADING TECHNOLOGY FOR LONG TERM RETENTION OF BACKUPS IN THE CLOUD
INDUSTRY-LEADING TECHNOLOGY FOR LONG TERM RETENTION OF BACKUPS IN THE CLOUDINDUSTRY-LEADING TECHNOLOGY FOR LONG TERM RETENTION OF BACKUPS IN THE CLOUD
INDUSTRY-LEADING TECHNOLOGY FOR LONG TERM RETENTION OF BACKUPS IN THE CLOUDEMC
 
Cloud Foundry Summit Berlin Keynote
Cloud Foundry Summit Berlin Keynote Cloud Foundry Summit Berlin Keynote
Cloud Foundry Summit Berlin Keynote EMC
 
EMC GLOBAL DATA PROTECTION INDEX
EMC GLOBAL DATA PROTECTION INDEX EMC GLOBAL DATA PROTECTION INDEX
EMC GLOBAL DATA PROTECTION INDEX EMC
 
Transforming Desktop Virtualization with Citrix XenDesktop and EMC XtremIO
Transforming Desktop Virtualization with Citrix XenDesktop and EMC XtremIOTransforming Desktop Virtualization with Citrix XenDesktop and EMC XtremIO
Transforming Desktop Virtualization with Citrix XenDesktop and EMC XtremIOEMC
 
Citrix ready-webinar-xtremio
Citrix ready-webinar-xtremioCitrix ready-webinar-xtremio
Citrix ready-webinar-xtremioEMC
 
EMC FORUM RESEARCH GLOBAL RESULTS - 10,451 RESPONSES ACROSS 33 COUNTRIES
EMC FORUM RESEARCH GLOBAL RESULTS - 10,451 RESPONSES ACROSS 33 COUNTRIES EMC FORUM RESEARCH GLOBAL RESULTS - 10,451 RESPONSES ACROSS 33 COUNTRIES
EMC FORUM RESEARCH GLOBAL RESULTS - 10,451 RESPONSES ACROSS 33 COUNTRIES EMC
 
EMC with Mirantis Openstack
EMC with Mirantis OpenstackEMC with Mirantis Openstack
EMC with Mirantis OpenstackEMC
 
Modern infrastructure for business data lake
Modern infrastructure for business data lakeModern infrastructure for business data lake
Modern infrastructure for business data lakeEMC
 
Force Cyber Criminals to Shop Elsewhere
Force Cyber Criminals to Shop ElsewhereForce Cyber Criminals to Shop Elsewhere
Force Cyber Criminals to Shop ElsewhereEMC
 
Pivotal : Moments in Container History
Pivotal : Moments in Container History Pivotal : Moments in Container History
Pivotal : Moments in Container History EMC
 
Data Lake Protection - A Technical Review
Data Lake Protection - A Technical ReviewData Lake Protection - A Technical Review
Data Lake Protection - A Technical ReviewEMC
 
Mobile E-commerce: Friend or Foe
Mobile E-commerce: Friend or FoeMobile E-commerce: Friend or Foe
Mobile E-commerce: Friend or FoeEMC
 
Virtualization Myths Infographic
Virtualization Myths Infographic Virtualization Myths Infographic
Virtualization Myths Infographic EMC
 
Intelligence-Driven GRC for Security
Intelligence-Driven GRC for SecurityIntelligence-Driven GRC for Security
Intelligence-Driven GRC for SecurityEMC
 
The Trust Paradox: Access Management and Trust in an Insecure Age
The Trust Paradox: Access Management and Trust in an Insecure AgeThe Trust Paradox: Access Management and Trust in an Insecure Age
The Trust Paradox: Access Management and Trust in an Insecure AgeEMC
 
EMC Technology Day - SRM University 2015
EMC Technology Day - SRM University 2015EMC Technology Day - SRM University 2015
EMC Technology Day - SRM University 2015EMC
 
EMC Academic Summit 2015
EMC Academic Summit 2015EMC Academic Summit 2015
EMC Academic Summit 2015EMC
 
Data Science and Big Data Analytics Book from EMC Education Services
Data Science and Big Data Analytics Book from EMC Education ServicesData Science and Big Data Analytics Book from EMC Education Services
Data Science and Big Data Analytics Book from EMC Education ServicesEMC
 
Using EMC Symmetrix Storage in VMware vSphere Environments
Using EMC Symmetrix Storage in VMware vSphere EnvironmentsUsing EMC Symmetrix Storage in VMware vSphere Environments
Using EMC Symmetrix Storage in VMware vSphere EnvironmentsEMC
 
Using EMC VNX storage with VMware vSphereTechBook
Using EMC VNX storage with VMware vSphereTechBookUsing EMC VNX storage with VMware vSphereTechBook
Using EMC VNX storage with VMware vSphereTechBookEMC
 

Plus de EMC (20)

INDUSTRY-LEADING TECHNOLOGY FOR LONG TERM RETENTION OF BACKUPS IN THE CLOUD
INDUSTRY-LEADING TECHNOLOGY FOR LONG TERM RETENTION OF BACKUPS IN THE CLOUDINDUSTRY-LEADING TECHNOLOGY FOR LONG TERM RETENTION OF BACKUPS IN THE CLOUD
INDUSTRY-LEADING TECHNOLOGY FOR LONG TERM RETENTION OF BACKUPS IN THE CLOUD
 
Cloud Foundry Summit Berlin Keynote
Cloud Foundry Summit Berlin Keynote Cloud Foundry Summit Berlin Keynote
Cloud Foundry Summit Berlin Keynote
 
EMC GLOBAL DATA PROTECTION INDEX
EMC GLOBAL DATA PROTECTION INDEX EMC GLOBAL DATA PROTECTION INDEX
EMC GLOBAL DATA PROTECTION INDEX
 
Transforming Desktop Virtualization with Citrix XenDesktop and EMC XtremIO
Transforming Desktop Virtualization with Citrix XenDesktop and EMC XtremIOTransforming Desktop Virtualization with Citrix XenDesktop and EMC XtremIO
Transforming Desktop Virtualization with Citrix XenDesktop and EMC XtremIO
 
Citrix ready-webinar-xtremio
Citrix ready-webinar-xtremioCitrix ready-webinar-xtremio
Citrix ready-webinar-xtremio
 
EMC FORUM RESEARCH GLOBAL RESULTS - 10,451 RESPONSES ACROSS 33 COUNTRIES
EMC FORUM RESEARCH GLOBAL RESULTS - 10,451 RESPONSES ACROSS 33 COUNTRIES EMC FORUM RESEARCH GLOBAL RESULTS - 10,451 RESPONSES ACROSS 33 COUNTRIES
EMC FORUM RESEARCH GLOBAL RESULTS - 10,451 RESPONSES ACROSS 33 COUNTRIES
 
EMC with Mirantis Openstack
EMC with Mirantis OpenstackEMC with Mirantis Openstack
EMC with Mirantis Openstack
 
Modern infrastructure for business data lake
Modern infrastructure for business data lakeModern infrastructure for business data lake
Modern infrastructure for business data lake
 
Force Cyber Criminals to Shop Elsewhere
Force Cyber Criminals to Shop ElsewhereForce Cyber Criminals to Shop Elsewhere
Force Cyber Criminals to Shop Elsewhere
 
Pivotal : Moments in Container History
Pivotal : Moments in Container History Pivotal : Moments in Container History
Pivotal : Moments in Container History
 
Data Lake Protection - A Technical Review
Data Lake Protection - A Technical ReviewData Lake Protection - A Technical Review
Data Lake Protection - A Technical Review
 
Mobile E-commerce: Friend or Foe
Mobile E-commerce: Friend or FoeMobile E-commerce: Friend or Foe
Mobile E-commerce: Friend or Foe
 
Virtualization Myths Infographic
Virtualization Myths Infographic Virtualization Myths Infographic
Virtualization Myths Infographic
 
Intelligence-Driven GRC for Security
Intelligence-Driven GRC for SecurityIntelligence-Driven GRC for Security
Intelligence-Driven GRC for Security
 
The Trust Paradox: Access Management and Trust in an Insecure Age
The Trust Paradox: Access Management and Trust in an Insecure AgeThe Trust Paradox: Access Management and Trust in an Insecure Age
The Trust Paradox: Access Management and Trust in an Insecure Age
 
EMC Technology Day - SRM University 2015
EMC Technology Day - SRM University 2015EMC Technology Day - SRM University 2015
EMC Technology Day - SRM University 2015
 
EMC Academic Summit 2015
EMC Academic Summit 2015EMC Academic Summit 2015
EMC Academic Summit 2015
 
Data Science and Big Data Analytics Book from EMC Education Services
Data Science and Big Data Analytics Book from EMC Education ServicesData Science and Big Data Analytics Book from EMC Education Services
Data Science and Big Data Analytics Book from EMC Education Services
 
Using EMC Symmetrix Storage in VMware vSphere Environments
Using EMC Symmetrix Storage in VMware vSphere EnvironmentsUsing EMC Symmetrix Storage in VMware vSphere Environments
Using EMC Symmetrix Storage in VMware vSphere Environments
 
Using EMC VNX storage with VMware vSphereTechBook
Using EMC VNX storage with VMware vSphereTechBookUsing EMC VNX storage with VMware vSphereTechBook
Using EMC VNX storage with VMware vSphereTechBook
 

Dernier

CNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of ServiceCNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of Servicegiselly40
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationRadu Cotescu
 
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking MenDelhi Call girls
 
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptxHampshireHUG
 
Presentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreterPresentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreternaman860154
 
Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024The Digital Insurer
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerThousandEyes
 
Maximizing Board Effectiveness 2024 Webinar.pptx
Maximizing Board Effectiveness 2024 Webinar.pptxMaximizing Board Effectiveness 2024 Webinar.pptx
Maximizing Board Effectiveness 2024 Webinar.pptxOnBoard
 
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...gurkirankumar98700
 
Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)Allon Mureinik
 
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonAnna Loughnan Colquhoun
 
Google AI Hackathon: LLM based Evaluator for RAG
Google AI Hackathon: LLM based Evaluator for RAGGoogle AI Hackathon: LLM based Evaluator for RAG
Google AI Hackathon: LLM based Evaluator for RAGSujit Pal
 
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024Rafal Los
 
SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024Scott Keck-Warren
 
My Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 PresentationMy Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 PresentationRidwan Fadjar
 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)Gabriella Davis
 
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking MenDelhi Call girls
 
A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024Results
 
Unblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesUnblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesSinan KOZAK
 
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024BookNet Canada
 

Dernier (20)

CNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of ServiceCNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of Service
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organization
 
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
 
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
 
Presentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreterPresentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreter
 
Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 
Maximizing Board Effectiveness 2024 Webinar.pptx
Maximizing Board Effectiveness 2024 Webinar.pptxMaximizing Board Effectiveness 2024 Webinar.pptx
Maximizing Board Effectiveness 2024 Webinar.pptx
 
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...
 
Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)
 
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt Robison
 
Google AI Hackathon: LLM based Evaluator for RAG
Google AI Hackathon: LLM based Evaluator for RAGGoogle AI Hackathon: LLM based Evaluator for RAG
Google AI Hackathon: LLM based Evaluator for RAG
 
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024
 
SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024
 
My Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 PresentationMy Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 Presentation
 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)
 
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
 
A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024
 
Unblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesUnblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen Frames
 
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
 

RSA Monthly Online Fraud Report -- November 2013

  • 1. CYBERCRIME BELLS ARE RINGING, ARE YOU LISTENING? The Top Nine Threats to Retailers this Holiday Season November 2013 October marked a record breaking month for the number of phishing attacks identified by RSA in a single month – an astounding 62,105 attacks. This is not surprising as past phishing trends have demonstrated a surge in attacks right before the holiday shopping season. And with more consumers conducting e-commerce online and through their mobile devices than ever before, it is safe to say cybercriminals will be following the money. This month’s highlight focuses on the top threats to retailers and e-commerce merchants during peak holiday shopping times. For merchants, cybercrime and Web threats go way beyond phishing. According to a new report by the Ponemon Institute and sponsored by RSA, the biggest concern for merchants during these peak shopping times is to ensure that their website remains live and functional because just one hour of website downtime can cost $500,000, or $8,000 per minute, in lost revenue. The top nine threats identified by merchants in the Ponemon study, as well as how likely these threats are to occur and how difficult they feel these threats are to detect, are outlined below. 1. Botnets and Distributed Denial of Service (DDoS) attacks. Besides the direct cost of loss sales from downtime, a DDoS attack could result in lost consumer confidence and brand value which could have long-term impact. 83% of merchants expect to see DDoS attacks during the holiday shopping season. 2. App store fraud. From the delivery of rogue mobile apps masquerading as a legitimate merchant to cashing in on rebates and credit card reward promotions, the mobile channel is particularly vulnerable for merchants. 72% of merchants indicate app store fraud is difficult to detect. FRAUD REPORT R S A M O N T H LY F R A U D R E P O R T page 1
  • 2. 3. alware on mobile devices/credential theft. Merchants are investing more to support M e-commerce sales in the mobile channel. Mobile devices will account for a larger-thanexpected share of total U.S. retail ecommerce sales, with a forecast for the mobile’s share of shopping to surpass 16% of all e-commerce shopping. Malware capable of capturing account credentials by infiltrating consumers’ mobile devices could potentially rise. 4. Click fraud. Click fraud is a big on the cybercriminal list, taking advantage of “per click” advertising through botnets and automated scripts. Click fraud is typically an issue during the holiday shopping season as merchants invest heavily in advertising to lure consumers to shop online. 74% of merchants indicate this activity is difficult to detect. 5. Testing stolen credit cards. With the high volume of e-commerce transactions taking place during the holiday season, this is usually a good time for cybercriminals to test stolen credit cards they have purchased in bulk from the underground. 6. E-coupon fraud. This type of fraud is often the result of business logic abuse which takes advantage of a vulnerability on a website such as the shopping cart software. In this case, a cybercriminal does an end-run around an online retailer’s pricing policy. They select a heavily discounted item, place it in the “shopping cart” and then delay the checkout. They come back to the cart later after obtaining an e-coupon, and apply the discount to the final purchase price – thus obtaining the item well below the retailer’s cost. 70% of merchants indicate business logic abuse is difficult to detect. 7. ccount hijacking. Account hijacking usually begins with a phishing attack to obtain A customers’ credentials. 61% of merchants expect to see account hijacking activity during peak shopping times. 8. lectronic wallet fraud. Merchants continue to expand customer payment options E including e-wallets and other forms of emerging payments at checkout. As many of these electronic payment options are still new, they offer more vulnerabilities for cybercriminals to take advantage of. 9. ew account fraud/mass registrations. New account fraud typically occurs when there N is a popular promotion or sweepstakes being offered. Cybercriminals will leverage botnets to overload a website with fraudulent new account registrations in order to increase their chances of winning the prize. 71% of merchants indicate new account fraud is difficult to detect. Merchants that view cybercrime and other fraudulent activity as simply part of the cost of doing business online need to consider the numbers. As noted earlier, one website being down for just one hour can cost a retailer as much as $500,000 in terms of lost traffic and revenue which equates to $8,000 for every minute a purchase is prevented or the integrity of a website is compromised. Most companies typically have about 44 customerfacing websites. If all sites were down for just one hour on one day, a company could lose about $22 million. Just as consumers need to beware as they gear up for the hustle and bustle of holiday shopping, retailers and other organizations who could potentially be affected by cybercrime need to be mindful of the myriad of threats that could be targeting their websites and their customers. R S A M O N T H LY F R A U D R E P O R T page 2
  • 3. RSA CYBERCRIME STATISTICS NOVEMBER 2013 Source: RSA Anti-Fraud Command Center Phishing Attacks per Month RSA identified 62,105 phishing attacks launched worldwide in October – the highest number of attacks ever recorded by RSA in a single month. This marks a 35% increase in attack volume from September. 62,105 Attacks US Bank Types Attacked U.S. nationwide banks remained the most targeted with 57% of phishing attacks targeted at that sector in October. Credit Unions Regional National Top Countries by Attack Volume 81% The U.S. remained the most targeted country in October with an overwhelming 81% of the total phishing volume, followed by the UK, India and Germany. 5% 2% R S A M O N T H LY F R A U D R E P O R T UK 3% U.S. India Germany page 3
  • 4. Top Countries by Attacked Brands In October, 32% of phishing attacks were targeted at brands in the U.S., followed by the UK, India, France and Brazil. U.S. 32% UK 9% 45% Top Hosting Countries The U.S. continues to host the most phishing attacks, hosting 45% of global phishing attacks in October. 5% 4% 4% GLOBAL PHISHING LOSSES OCTOBER 2013 CONTACT US To learn more about how RSA products, services, and solutions help solve your business and IT challenges contact your local representative or authorized reseller – or visit us at www.emc.com/rsa www.emc.com/rsa ©2013 EMC Corporation. EMC, RSA, the RSA logo, and FraudAction are trademarks or registered trademarks of EMC Corporation in the U.S. and/or other countries. All other trademarks mentioned are the property of their respective holders. NOV RPT 1113