HUMAN’s The Quadrillion Report: 2024 Cyber Threat Benchmarks—which launched today—explores internet activity for how, where, and when threat actors work to undermine the consumer journey. In the threats discussed in the report, all HUMAN customers were protected. Read on for the top takeaways, or download the full report. 

In 2023, the Human Defense Platform observed more than one quadrillion interactions. These interactions reveal new, emerging, and continuing threat patterns and tactics that impact all stages of the customer journey on the Internet.

HUMAN’s The Quadrillion Report: 2024 Cyber Threat Benchmarks report examines these more than 1,000,000,000,000,000 interactions from last year to uncover trends across four common threat vectors: account takeover attacks, fake account fraud, transaction abuse (carding attacks), and scraping. 

What’s new about this year’s report:

• For the first time, we report on account fraud, like post-login account compromise and fake account creation

• We explore trends specific to customers in five industries: streaming and media, travel and hospitality, retail and e-commerce, financial services, and technology, SaaS, and services

• We probe three hot topics in cybersecurity—artificial intelligence (AI), reward (loyalty and incentive) program abuse, and Internet of Things (IoT)
• We detail attacks uncovered or observed by the Satori Threat Intelligence and Research team, including Capra, ScrubCrypt, and Magecart

We’ll briefly dive into some of these areas below. 

Account fraud

In 2023, HUMAN identified over 200,000 fake account creation attempts and 40,000 compromised accounts post-login per company. What exactly is an example of post-login account fraud? Here’s a real-world example uncovered by HUMAN’s Satori Threat Intelligence Team.

In November 2023, Satori published new research into a tool called ScrubCrypt, which helps threat actors carry out account fraud attacks by obscuring the malware used to crack cookies and credentials. Threat actors used ScrubCrypt with RedLine Stealer, malware that infects a user’s device, retrieves cookies and saved credential information, and reports it back to the threat actor. ScrubCrypt aimed to help get RedLine Stealer past a user’s antivirus protection in this attack, but HUMAN protected its customer from that happening.

Industry attack vector snapshots

The Human Defense Platform protects organizations of all kinds. For this report, our researchers examined attack patterns from an industry perspective to understand whether threat actors were changing their tactics. Here’s some of what we found:

• Account takeover attacks rose 20% in travel and hospitality.

• Hype sales—the public drop of a high-profile or in-demand item—drove up the number of bots targeting one retail and e-commerce site more than 700% in one day.

• Nearly 99% of traffic to login and payment pages on financial services websites was attempting to break into user accounts or steal information from a payment page.

• Streaming and media businesses had the highest scraping attack rate in 2023, with 46% of page views attempting to scrape information.

• Web scraping attacks rose year over year, from 30% to 36%, for the technology, SaaS, and services industry.

Stay tuned over the coming weeks for deeper dives into attack patterns in these industries.

Cybersecurity trends

Trends like AI, reward program abuse, and IoT will influence threats and threat management in the future. Some of what our researchers noted in these areas include:

• AI: The Human Defense Platform lets customers allow or block known LLM user agents depending on whether they perceive LLMs crawling their websites to pose a net benefit or detriment. Interestingly, 80% of companies that made a decision chose to block LLMs outright, while 20% opted to allow them.

• Reward program abuse: You don’t need a real bank account or an ID to own rewards points, and depending on the program, it can be easy to transfer points from one account to another. This means threat actors can steal loyalty points in the event of an account takeover, create massive numbers of accounts to rack up new user bonuses, or target the marketing campaigns promoting these programs. Stay tuned for new research about loyalty and incentive program abuse later in 2024.

• IoT: In recent years, the number of internet-enabled devices has exploded. Protecting IoT devices from threats can’t rely on IPs, and user agents can be spoofed. HUMAN researchers are intrigued by how threat actors who target IoT look at operating systems and get malware onto those devices in the first place.

Thwarting Cyber Threats the HUMAN Way

Users are at risk during every stage of the customer journey, from viewing and interacting with digital advertising to creating an account, logging in, and completing a transaction. That’s why more than 500 brands and organizations trust HUMAN to prevent, detect, and respond to cyber attacks for them and their customers.

Our unrivaled visibility generates unique telemetry data at every touchpoint along the customer journey to protect your most critical surfaces against advertising fraud, sophisticated bot attacks, account fraud and abuse, and client-side threats. We do this via our:

• Scale: We verify more than 20 trillion digital interactions weekly across 3 billion unique devices, providing unrivaled threat telemetry. 
• Speed: Our Decision Engine examines 2,500+ signals per interaction, connecting disparate data to detect anomalies in mere milliseconds.
• Decision Precision: Our 400+ algorithms and adaptive machine learning models analyze signals across the customer journey to enable high-fidelity decisioning.

Threat actors will continue evolving tactics as long as money changes hands on the Internet. The Human Defense Platform protects organizations and users so that the Internet remains safe to conduct business today and tomorrow.

Read The Quadrillion Report: 2024 Cyber Threat Benchmarks to see more trends, or contact us for a free bot risk assessment.