Cyber-criminals increasingly targeting peer to peer and payday lenders, says new report

News by Max Metzger

New forms of lending are increasingly under threat from cyber-attacks according to a new report from ThreatMetrix. As forms of financing and borrowing change, so the habits of identity stealing cyber-criminals seem to change with them.

A security technology company has highlighted how cyber-criminals are increasingly targeting online lenders. ThreatMetrix, a San Jose, California based security technology company, released its second quarter report for 2015 this week, noting that online lending is increasingly becoming a target for cyber-criminals.

While financial services attacks remained relatively level over the second quarter, online lending was particularly hard hit. With the growth in popularity of non-orthodox fast-turnover financial institutions, peer-to-peer loan companies and payday lenders, the risk and incidence of attack has become much larger. “As more and more institutions create financial products to target the unbanked and underbanked population,” the report says, “this segment is becoming the target of attacks.”

But why this sudden increase? Alisdair Faulkner, the chief products officer at ThreatMetrix, offered some insight to “Many are looking to make real-time decisions, and because they are targeting the so-called ‘underbanked', traditional credit file checks provide less value. In any case, because of the huge number of stolen identities in the wild, fraudsters are better able to answer static offline identity challenge questions better than valid consumers.”

According to the report, these attacks focus mainly on new account originations and payment disbursements. Lizzie Clitheroe, ThreatMetrix's EMEA marketing director expanded, saying, “The primary way they are being attacked currently is through fraudulent account creation. Fraudsters use stolen information for account registration and this compromises the verification process because account applications are processed against legitimate identities that have been stolen.” 

She added, “Other attacks are through unauthorised access to existing accounts, using credentials obtained through phishing attacks, malware or shared passwords.”

Richard Griffiths of the Consumer Finance Association, a group which represents many payday lenders, said that lenders “typically have dedicated personnel that screen applications for fraud and anti-money laundering issues, and they run multiple and sophisticated checks on loan applications”. 

Griffiths added that customers typically undergo credit, account and fraud checks before being allowed access to funds. Wonga and Quickquid did not respond for comment. 

Online commerce, the report claims, has been most severely hit with attacks increasing 20 percent between April and June of this year. It estimates that if all those attacks had gone through, losses could have reached £2 billion in those three months alone.

The report also observed that UK businesses are in more danger of being subjected to cyber-crime than anywhere else in the world. British business is attacked 50 percent more frequently than the US, with Nigeria, Germany, US and Mexico being among the main sources of those attacks.

Find this article useful?

Get more great articles like this in your inbox every lunchtime

Video and interviews