The ThreatMetrix Cybercrime Report is regarded as a reliable barometer of global cybercrime patterns due to the scale of transactions analyzed globally. This industry deep-dive revealed that identity spoofing, fuelled by stolen identity data, is the most prevalent attack vector for the gaming and gambling industry. It also pinpointed a marked growth in location (IP) spoofing attacks.
In the second quarter, location spoofing became the fastest growing attack vector in the space, increasing 257% year-on-year. This is due to the availability of more sophisticated location spoofing tools, which fraudsters use to attempt to disguise their true location to launder money. From collusive play and self-excluders, to malicious account takeovers (ATOs), operators must always be able to differentiate trusted users from fraudsters.
Rising cybercrime levels is no small issue for a sector that enjoys a truly global customer base, said Ellie Burns, Fraud and Identity Manager at ThreatMetrix, a LexisNexis Risk Solutions Company. With more than two billion gamers worldwide, nearly 60 percent of the industry’s traffic is cross-border. Operators must contend with a rapidly evolving regulatory landscape and stringent new anti-money laundering laws, making the verification of the true location of a transacting gamer a vital component in authenticating identity.
The high volume of cross-border traffic is driven by several factors, including users trying to access services that might be restricted in their locations, which has driven the remarkable growth of IP spoofing attacks.
Mobile transactions also continue to rise, as people increasingly use smartphones to place bets and access accounts. 71% of all gaming and gambling transactions are now made via mobile devices, a 45% increase year-on-year. Fraudsters have identified mobile as a key opportunity to monetize stolen credentials, with mobile payments more heavily attacked than any other transaction.
To deal with these challenges, gaming and gambling operators must incorporate dynamic digital identity intelligence that pieces together key indicators such as device intelligence, true geo-location, online identity credentials and threat analysis, to better inform risk decisions. The key is to be able to effectively differentiate trusted users from fraudsters and understand changes in trusted user behaviour, without adding unnecessary friction, said Burns.
Findings are based on analysis of 91 million gaming and gambling transactions on the ThreatMetrix Digital Identity Network, the largest such repository of global shared intelligence, from April through June 2018.
ThreatMetrix, A LexisNexis Risk Solutions Company, empowers the global economy to grow profitably and securely without compromise. With deep insight into 1.4 billion anonymized digital identities, ThreatMetrix ID delivers the intelligence behind 110 million daily authentication and trust decisions to differentiate legitimate customers from fraudsters in real time.
About LexisNexis Risk Solutions
LexisNexis Risk Solutions harnesses the power of data and advanced analytics to provide insights that help businesses and governmental entities reduce risk and improve decisions to benefit people around the globe. We provide data and technology solutions for a wide range of industries including insurance, financial services, healthcare and government. Headquartered in metro Atlanta, Georgia, we have offices throughout the world and are part of RELX Group (LSE: REL/NYSE: RELX), a global provider of information and analytics for professional and business customers across industries. For more information, please visit www.risk.lexisnexis.com, and www.relx.com.
Lizzie Clitheroe, +1 408-200-5755
Jean Creech Avent, +1 770-862-7978