Table of Contents
- Cybercrime report reveals 421% growth in password reset scams in 2023
In the UK, there is now a password reset scam every seven minutes, with fraudsters targeting vulnerable users, including the elderly.
A new report from LexisNexis Risk Solutions reveals that 70,000 password reset attacks occur every week and some users are at greater risk than others.
There was a 421 percent year-over-year increase in attacks using password phishing scams, which trick consumers into sharing their personal and financial information.
Forgot your password? The number of scammers using reset links to scam the most vulnerable is increasing
Scammers take advantage of the fact that consumers often receive password reset emails and disguise them as legitimate senders.
They will then send an email demanding an account password reset with a link to a realistic-looking but fake copy of the website, after which they will steal your information.
If scammers are successful, they can change details such as passwords and phone numbers, thereby blocking the genuine user’s account access.
E-commerce, streaming media services and mobile services are some of the most common attacks, and the information obtained is then used for various frauds.
Instances of such “detail-shifting” attempts rose 232 percent worldwide last year.
The report also reveals that some users are at greater risk than others, especially the elderly and those who have difficulty using their phones.
A quarter of password reset attempts made through desktop web browsers are fraudulent, with attack rates 50 times higher than among those using mobile devices.
The increasing sophistication of technology and artificial intelligence in scams has resulted in a 1,680 percent year-on-year increase in the use of bots by criminals, which can automate attacks at high speed and volume.
Rob Woods, director of identity and fraud strategy at LexisNexis Risk Solutions, said: ‘Enabling additional security measures, such as two-factor authentication, as well as using the security measures built into mobile apps, are easy and highly effective ways for the public to protect themselves from password reset attacks.
‘The fivefold increase reflects the vast improvements banks have made in account security, forcing fraudsters to take advantage of human error.’
Despite the rise in password reset scams, there has been an overall decrease in human (-14 percent) and bot (-29 percent) attack volumes, compared to increases in other regions.
Globally, human-initiated scams increased by 19 percent, with an 8 percent increase in attacks on financial services and a 59 percent increase in e-commerce scams.
Unlike passport reset scams, only one in five scams now occur via a desktop browser, and the vast majority of frauds (79 percent) now occur on mobile devices.
Of these scams, 83 percent are carried out through a mobile app and the rest through a mobile browser.
The figures come after a recent report by the National Crime Agency found that fraud accounts for 40 per cent of all reported crimes amid a surge in scam activity.
Almost £1.2bn was lost to fraud last year and 3.5 million fraud offences were committed in the year to March 2023.
More than six per cent of people in England and Wales were victims of fraud during the period, more than double the three per cent who experienced vehicle theft and three times as many who were victims of criminal damage or bicycle theft.
SAVE MONEY, EARN MONEY
Boosting investment
Boosting investment
5.09% cash for Isa investors
Cash Isa at 4.92%
Cash Isa at 4.92%
Includes 0.88% bonus for one year
Free stock offer
Free stock offer
No account fees and free stock trading
4.84% cash Isa
4.84% cash Isa
Flexible ISA now accepting transfers
Transaction fee refund
Transaction fee refund
Get £200 back in trading commissions
Affiliate links: If you purchase a product This is Money may earn a commission. These offers are chosen by our editorial team as we believe they are worth highlighting. This does not affect our editorial independence.