These “sleeper cell” accounts are often used for testing or carrying out the attack in stages, and can lie in wait for months, or even years, before being used in an attack. 37% of malicious accounts have still yet to attack even after three months.
Fraudsters are using cloud hosting providers to create armies of fake accounts from unique machines and IP addresses. 18% of accounts originating from cloud service IP ranges are fraudulent. In addition, malicious accounts are seven times more likely to use cloud services than normal users.
Additional key findings include:
- Fraudsters prefer desktop over mobile platforms: Desktop is the preferred platform for fraudsters as 82% of fake accounts originated from desktop machines, compared to only 18% from mobile platforms.
- Fraudsters use Android devices: A user from Android platform is eight times more likely to be fraudulent than a user from iOS device.
- Fraudsters look legit in your inbox: The data shows 53% of fraudulent accounts are registered with email addresses from popular email services from Google, Microsoft or Yahoo to blend in with good users.
- Fraudsters go big when they go social: The fraudulent account armies targeting social platforms are 17 times larger than those targeting financial services - averaging 160 accounts per campaign.
The report spans the last six months, analyses more than one billion users across 172+ countries in the world, and identifies the favourite tools and attack techniques fraudsters use to create accounts and evade detection.
The Paypers. All rights reserved. No part of this site can be reproduced
without explicit permission of The Paypers(V2.3).