Peak Season 2020: Account Takeover is Here to Stay and Other Takeaways

January 6, 2021

As we begin a new year, we thought it was a good time to reflect on some of 2020's peak season fraud trends. What will these trends teach us about what's to come?

Holiday season means one thing for online merchants: peak traffic. And with it comes an increase in not only sales but also, unsurprisingly, spikes in fraudulent activity. While on the surface, there’s nothing new or unexpected about this, 2020’s holiday season was marked with unprecedented, adopt-or-die kind of fraudulent activity driven largely by the COVID-19 exodus online. And with more shoppers than ever turning online for their end of year shopping, merchant’s defenses were (and continue to be) put to the test. 

In this blog post we explore what peak season 2020 looked like; how it impacted online retailers and how SecuredTouch’s solution is helping retailers navigate these challenges.

*Disclaimer: for the sake of this article, data is based on November traffic and that of the three major shopping days of that month: Singles Day, Black Friday and Cyber Monday. 

Ready or Not Here We Come

Peak season is both an opportunity and a challenge for online retailers; one they are well versed in. 

I hate to state the obvious but, retailers see peak season as an opportunity that cannot be missed to boost sales and do everything they can to take advantage of it. This places additional pressure on the fraud team who is likely to be required to reduce alert thresholds in order to ensure the most of amount of transactions are processed while only the highest risk transactions are blocked or challenged.

We make it a priority to support our clients in the run up to peak season, so our team prepares by:

  • Collecting traffic projections from all customers (based on past years experience)
  • Assisting customers with preparation and load tests
  • Allocating additional resources to ensure best performance during peak times
  • Aligning our release cycle and production freeze with customers’ schedule

Deep Dive: Peak Season Traffic

So, without further adieu, let’s look at the overall results:

  • Traffic Volume
    • ~50% increase in traffic on average throughout the peak period
    • Highest increase recorded was 200% on Black Friday (i.e. 3x the standard volume) for a client
  • Fraud Activity
    • ~15% increase in fraud activity on average throughout the peak period 
    • Highest increase recorded was 900% on Singles Day (i.e. 10x compared to the standard rates), specifically as a result of malicious bot activity 

We took a closer look at the data and found that:

  • Bots remain a leading attack vector with malicious bot activity increased at the highest rate across the board
  • Account Takeover remains a top choice of attack method for fraudsters 
    • The above stated 900% jump in malicious bot activity was used to perform credential stuffing (the initial stage in an ATO attack) 
    • A 70% jump in monetization activities over Black Friday-Cyber Monday weekend were executed using manual techniques.
Fraudster Activities_ATO_Table
See More: The Fraud Flow of Account Takeover [Infographic]

It is useful to shine a light on why fraudsters choose to scale their ATO attempts around this period of time. IMHO, it is due to the abnormal nature of the traffic in this time period. It is easier for fraudsters to fly underneath the radar and evade capture. Additionally, in many cases, the nature of ATO is opportunistic e.g. they will need an account that recently made a purchase in order to request a refund. Around the holiday season, there are going to be an exponential amount more accounts that have this activity as existing customers are buying more which leads to improved ATO conversion for the fraudsters.

Lessons and Takeaways

The holiday season is an essential part of most online retailers’ yearly revenue, and this has never been more true than it is in 2020. Some estimates suggest that the surge in eCommerce around this time of year will be enough to pack two years of growth into one season. And with most merchants preoccupied with reducing friction so as not to damage conversion rates, fraudsters are presented with a unique set of vulnerabilities to take advantage of. 

While peak season isn't an accurate reflection of everyday activity, it is a real test of a retailer's online defenses. This period is a snapshot of what fraudsters are up to and is an indicator of vulnerabilities. 

This is also a reminder of the dynamic nature of online fraud and the need for dynamic detection mechanisms. The tools used by fraud teams must be able to cope regardless of changes in the natures of users, including the volumes of new and existing customers, as their purchase habits and volumes change rapidly. These tools must be able to adapt in real-time to support the nature of eCommerce during any instances of peak traffic.

Recent Posts

Peak Season 2020: Account Takeover is Here to Stay and Other Takeaways
It's Time We Confront These Common Myths About Behavioral Biometrics
[Infographic] Breaking Down the Fraud Flow of Account Takeover
Emulator Fraud-as-a-Service: The Threat Landscape Continues to Evolve
Why reCAPTCHA v3 for Enterprise Matters

Follow Us