Arkose Labs offers a platform that evaluates instances of fraudulent account registrations, logins and payments for a variety of industry segments, including entertainment. The platform measured attacks against media accounts to be more than 20% during the first six months of 2020.
During the first half of 2020, the Arkose platform registered double the level of attacks compared with the end of 2019. During the first six months of 2020, the proportions of attacks against media accounts through automation was about 69%, with the remainder being from humans, but this mix changed significantly beginning in April, when the level of human-initiated attacks increased by about 15% compared with Q1, retreated in May, and spiked again in June.
Human-initiated attacks have come via sweatshops employing large numbers of low-paid workers, with the highest number originating in the Phillippines, Russia and Ukraine. Account takeover attacks were most prevalent in Q2, followed by account takeovers and payments using stolen credentials.
The report also identified children as the most vulnerable end user demographic, and that attack patterns change at different times of day.
Access the Arkose Labs report, Fraud & Abuse Report Q3 2020 Data-Driven Analysis of 2020 Fraud Trends
Why it matters
Broadly speaking, anti-piracy solutions can be assigned into several categories, which include fraud detection (such as the detection of fraudulent account logins), content modification and its detection through monitoring, and the evaluation of piracy traffic over networks. All of these methods rely upon automation, since they must be able to detect fraud among millions of instances of authentication and service delivery.
Organizations which rely on automated fraud detection run the risk of errors in differentiating between trusted and fraudulent behavior, because changes in behavioral patterns resulting from the coronavirus lockdown have not yet been modeled accurately.
Therefore, automated fraud detection tools can deliver false positives, and organizations should keep this in mind when deciding how to mitigate fraudulent use identified through automation.