Crypto Payments

Payment and Crypto Identified as Top Targets for Identity Fraud in Q4 2023

In Q4 2023, the payment and cryptocurrency sectors were the most targeted industries by identity fraud attempts, accounting for 47% and 32% of these attacks, respectively, a new report by Israeli identity verification company AU10TIX says. The rise of attacks targeting the crypto sector comes amid renewed interest in the emerging sector and increased trading activity.

The “Q4 Global Identity Fraud Report”, released on recently, explores identity fraud trends observed during the last quarter of 2023, drawing from millions of transactions processed across 249 countries from October to December 2023 to understand the rapidly evolving landscape.

According to the report, payment and crypto were the most targeted sectors by identity fraud attacks, with payments continuing to take the top spot in Q4 2023 by representing nearly half of all global fraud attempts during that quarter.

Payment is followed by crypto, a sector that rose to prominence during Q4 2023 and saw its share increase by 9% points from Q3 2023’s 23%.

Growing focus on the crypto sector comes on the back of increased prices during the last quarter of the year. Price increases in the crypto market lured in scammers and criminals who sought to take advantage of increased trading traffic.

The price of bitcoin increased by a staggering 55.56% in Q4 2023, soaring from US$27,000 in October 01, 2023 to US$42,000 in December 31, 2023, data from Coinmarketcap show. The rally marked the end of a prolonged so-called “crypto winter” which saw the value of the cryptocurrency fall by a substantial 75% between November 2021 and November 2022 to reach a two-year low of US$16,000.

Divergent trends across regions

The AU10TIX report highlights divergent crypto fraud trends across regions. In Europe, the data show that fraudulent activity remained somewhat consistent with the previous quarter, suggesting that the implementation of the Markets in Crypto-Assets Regulation (MiCA) regulation has curbed criminal activities through more stringent know-your customer and anti-money laundering screening as well as higher penalties for non-compliant trading platforms.

North America and Asia-Pacific on the other hand experienced heightened crypto activity in Q4 2023, fueled by surging bitcoin prices, the allure of potential profits, and a lack of regulatory constraints.

Crypto sector share of overall identity fraud by region H2 2023, Source: Q4 Global Identity Fraud Report, AU10TIX, Mar 2024

Consequently, identity fraud attempts in the payment sector in North America dropped by 30% quarter-on-quarter in Q4 2023 as some fraudsters turned their focus to crypto to take advantage of the frenzy created by bitcoin trading and work beneath the radar of activity.

Payments sector share of overall identity fraud by region H2 2023, Source: Q4 Global Identity Fraud Report, AU10TIX, Mar 2024

Crypto crimes remain rampant

The crypto industry is a sector that’s long been a top target for fraudsters and cybercriminals. In 2023, losses from crypto investment scams in the US totaled US$3.94 billion, an increase of 53% compared to US$2.57 billion in 2022, a new report by the Federal Bureau of Investigation (FBI) shows. These scams were designed to entice those targeted with the promise of lucrative returns on their investments, and made up much of investment fraud losses in 2023 (86%).

Investment fraud in the US, Source: Internet Crime Report 2023, US Federal Bureau of Investigation, Mar 2024

2023 was also a prolific year for crypto ransomware, which surpassed the US$1 billion mark for the time last year, data from blockchain intelligence startup Chainalysis show. Ransomware payments using cryptocurrencies reached US$1.1 billion in 2023, up 94% from US$567 million in 2022.

Total value received by ransomware attackers, 2019-2023, Source: Chainalysis, Feb 2024

The ransomware landscape is not only prolific but also continually expanding and becoming more sophisticated. Data from Chainalysis reveal that criminals are increasingly adopting a “big game hunting” strategy, carrying out fewer attacks but targeting larger and deeper-pocketed victims. Since 2021, ransom payments of US$1 million and over have continued to represent a bigger and bigger share of all ransom payments, rising from a share of about 55% in October 2021 to 75% in December 2023.

US$1 million+ ransoms as a share of all ransomware payment volume, 2021-2023, Source: Chainalysis, Feb 2024

The rise of “mega-attacks”

In addition to the shift in focus to the crypto industry, the AU10TIX report also highlights the rise of so-called “mega-attacks” in Q4 2023. Mega-attacks are large-scale organized identity fraud attempts that are coordinated and which aim to inflict substantial damage or achieve strategic objectives.

In Q4 2023, mega-attacks emerged in two distinct patterns of vastly different proportions: the “sudden burst” and the “slow burn”.

The sudden burst is represented by a mega-attack involving more than 22,000 attacks, half of which took place over a short duration of 2-3 weeks.

The slow burn, on the other hand, refers to an average mega-attack, which involves around 2,000 artificial intelligence-generated identification documents being used 5-6 times per day over a long duration, usually 12 months. AU10TIX detected more than ten slow burn attacks in 2023.