For some cloud services more than 75% of accounts are utilized by hackers
Researchers found that 21.57% percent of accounts originating from cloud service IP ranges appear to be fraudulent. Malicious accounts are eight times more likely to originate via cloud services than normal users. In fact, some cloud services and data centers can have more than 75% fraudulent accounts.
The Q2 2018 DataVisor Fraud Index Report is a quarterly assessment of types and methods of online fraud in social platforms and financial services. The current report uses information gathered by DataVisor between April and June of 2018, analyzing 1.1 billion active user accounts; 1.5 million email domains; 231,000 device types; and 562 cloud hosting providers and data centers, among other indicators.
The United States and China host the highest number of fraud attacks. More than 21% of fake accounts targeting online and financial services originated from the US, and 17% originated from China. In attacks targeting North American online services, more than 45% of the attacks originated in the US.
Interestingly, crime rings leverage different cloud service providers depending on the attack. Fraudsters targeting social platforms largely use Amazon Web Services, while DigitalOcean appears to be preferred by fraudsters targeting mobile apps and financial services.
Coordinated attacks – a group of fraudulent accounts controlled by the same attacker – represent the majority of fraudulent activity in both social platforms and financial services, the report found.
More than 90% of fake account registration in social platforms involves coordinated attacks; in the financial sector more than 40% of application fraud comes from coordinated attacks.
While most fraudulent attacks occur less than a day after accounts are established, some “sleeper cell” accounts can lie in wait for months or years before being used. On average, fraudulent accounts incubate for 35 days before attacking.
“This quarter’s DataVisor Fraud Index Report demonstrates that the increased adoption of the cloud has unintended consequences for the financial well-being of online businesses,” said Yinglian Xie, CEO of DataVisor.