VeriSign says online fraud growing fast

A report by the company that maintains the .com and .net domain registry indicates that attempted site hacks, online fraud and identity theft are increasing rapidly.

Matt Hines Staff Writer, CNET News.com
Matt Hines
covers business software, with a particular focus on enterprise applications.
Matt Hines
2 min read
A report released Monday by VeriSign, the company that maintains the Internet's .com and .net domain registry, indicates that attempted site hacks, online fraud and identity theft are growing rapidly, as e-commerce proliferates.

In delivering VeriSign's Internet security intelligence briefing, company executives observed that online commerce rose by some 59 percent during the 2003 holiday buying season, compared with the same period in 2002. VeriSign said it processed $6.4 billion in online sales between Nov. 1 and Dec. 31, compared with $4 billion during the same time frame the previous year.

Get Up to Speed on...
Enterprise security
Get the latest headlines and
company-specific news in our
expanded GUTS section.

However, the company also tracked a 176 percent increase in the number of probes potential hackers launched during the holidays. The study tabulated the numbers of attacks registered by corporate firewalls and network intrusion systems in order to develop its security conclusions.

In addition, VeriSign said e-commerce merchants rejected as "too risky" some 7 percent of all orders placed online during the holidays, with most being turned down because of questionable credit card numbers or suspected identity theft. Yet the company said that since many of those rejections were generated by automated systems, e-commerce vendors could have missed out on some legitimate sales that were for some reason misconstrued as fraudulent.

"We found that when (intrusion detection systems) are unmanned, companies have far less success in stopping potential attacks," said Ken Silva, vice president of network and information security at VeriSign. "E-commerce companies are probably better off than ever before, in terms of protecting themselves, but it will take longer for most to take advantage of everything available to help cut down on fraud" and attempted hacks.

Silva advised that companies, e-commerce vendors in particular, should consider 24-hour monitoring of their security systems, whether by employees or outside providers, in order to cut down on potential weaknesses. He said manual site hacks and fraud attempts tend to increase after normal business hours, while automated attacks tend to occur at all times of the day and night.

VeriSign said the United States continued to lead all countries in total volume of online fraud and remained the largest source of e-commerce revenue in the world. Indonesia ranked highest among all nations in percentage of fraud per transaction, followed by Nigeria, Pakistan, Ghana and Israel.

In addition to increased online transactions, VeriSign reported that Internet domain registrations, historically an indicator of small business growth, also continued to increase last year. The company said registrations of domain names for active Web sites grew by 16 percent for .com domains and by 14 percent for .net domain names, compared with one year ago.