67%的金融服務交易 —— 包括網上銀行、匯款和股票交易 —— 目前均來自移動設備。根據(jù)身份安全公司(Identity Security)ThreatMetrix的數(shù)據(jù)，這一數(shù)字年度同比增長了13%。這一方面說明了移動設備的受歡迎度與日俱增，另一方面卻引來了越來越多的網絡騙子。

　　提供風險決策技術的ThreatMetrix的《網絡犯罪報告》發(fā)現(xiàn)，與上半年相比，2018年下半年移動賬戶數(shù)量增長了107%，大部分的移動設備攻擊者以賬戶登錄信息為目標。

　　該報告分析了2018年下半年進行的170億次數(shù)字交易，發(fā)現(xiàn)其中61%來自移動設備。ThreatMetrix公司是LexisNexis Risk Solutions的一部分，也是實時數(shù)字交易的認證方，因此它具有得天獨厚的優(yōu)勢，能夠分析40,000個網站上每日超過1.1億筆交易。報告稱，支付交易被攻擊的占比較高，但此類交易的風險實際上同比下降了17%。

　　與此同時，在所有類型的計算機設備上，針對新注冊金融賬戶交易的網絡攻擊在最近六個月內增長了35%，其中對移動交易的攻擊增長了29%。

　　復雜的安全對手

　　“Cyber criminals see more opportunity in new bank accounts that can be used to launder money or take out multiple loans,” says the report, adding that the uptick in account takeovers on the mobile channel is the most significant development for financial firms to watch as fraudsters seek immediate access to customer balances and personal credentials.

　　“Fraudsters are master manipulators, with constantly shifting tactics,” Alisdair Faulkner, a ThreatMetrix co-founder who is now chief identity officer of LexisNexis Risk Solutions, said in the March 5 survey announcement. “They adapt their attack patterns and modus operandi to take advantage of shifting customer trends, evolving regulations and technological changes, always attempting to stay one pace ahead of businesses. We see this through the way in which attack patterns evolve and morph over time.

　　WiFi并不安全

　　Understanding the mobile threat landscape in 2019, from mobile security provider Wandera, says that 43% of companies have at least one mobile device amongst employees with no lock screen; 57% of all enterprises have experienced a mobile phishing incident; and 70% of Wi-Fi sessions on employee mobile devices occur over an unsecure, unencrypted connection.

　　Similarly, in the February 2019 Mobile Security Report published by Pradeo, 91% of mobile devices used in enterprises were found to already have been connected to an unsecure public hotspot. In Pradeo's analysis of 3 million mobile applications and 500,000 devices, 82% of Android devices and 54% of iOS devices were outdated in the corporate environment, and therefore exposed.

　　Particularly unsettling is Wandera's finding about the number of mobile devices employed by enterprises that are connected to cryptojacking sites and apps. They are subject to takeover by hackers to secretly mine cryptocurrency. The number of enterprise mobile devices infected in this manner grew by 287% month-on-month in 2018.

　　移動網絡風險具有地區(qū)差異

　　According to ThreatMetrix, cyber attack rates can vary by region.

　　In North America, financial services attack rates have grown 48% year-on-year, and 116% for mobile transactions specifically. By contrast, Asia has seen a drop in financial services attacks on logins and payment transactions in the last year, while new-account creation attacks have grown considerably. There was 78% growth in attacks year-on-year overall, and 105% on mobile new-account creation transactions.

　　ThreatMetrix also finds that the act of mobile tethering – using a cell phone, for example, as a modem to connect another device to the Internet – is often an indicator of fraud taking place in financial service transactions. Desktop transactions that are carried out with a mobile tether are 2.4 times more likely to be fraudulent than a transaction with a device connected via Wi-Fi or fixed-line broadband.

　　移動端優(yōu)勢

　　On a positive note, ThreatMetrix says that overall, mobile transactions are safer than those conducted via a desktop. The former make up 61% of the volume of transactions, but only 42% of the total attacks.

　　“As 2019 progresses, it is likely that trends seen in the latter half of 2018 will continue to evolve and add to the already complex cybercrime landscape,” the report says, adding that a trend to watch is the growing use of artificial intelligence by fraudsters, taking on the AI defenses of their targets.

　　One counter-measure, ThreatMatrix says, is to take a more layered approach to authentication. This may involve asking consumers to register data about the device they choose to use for financial transactions and then binding that information to their credentials and behavioral information.

　　“The onus is very much on businesses to deliver a strong customer authentication journey whilst also maintaining low-friction and unnecessary disruption of a user's login or payments journey,” ThreatMetrix concludes.

學金融找金程，對于FRM有疑問可撥打400-700-9596免費咨詢老師。

　FRM課程詳情及優(yōu)惠在線咨詢

相關推薦：FRM報名 FRM是什么考試 FRM成績 FRM考點

2019年FRM備考群 835405115 FRM資訊&資料隨時分享，與眾多FRM持證人交流考試經驗。

返回首頁