Tracking manual attacks may deliver zero-day previews

That means that CISOs should make sure that systems are trying to differentiate between automated and manual attacks. And to then examine manual attacks very carefully, Harrigan said.

CISOs should “spend extra time” examining the manual attack attempts, he said, as doing so may give the security operations center a sneak preview of a zero-day, thereby giving them the ability to tweak defenses to try to thwart an imminent attack conducted potentially at scale by follow-on bots. 

“Every time [an attacker] knocks off a piece of armor, somebody figures out how to make a better piece of armor,” Harrigan said. “It’s always a cat and mouse game.”

The Lexis-Nexis report — available here — also identified the 2023 geographies must likely to have launched attacks as “parts of Southeast Asia [that] are established homes for dedicated remote scam centers. Cybercriminals favor border areas in Cambodia, Myanmar, and remote parts of Thailand.”

Addressing fraud and scams, rather than cybercrime in general, the report noted several trends over the past few years.

“In APAC, third-party account takeover has become even more dominant than in 2022, driven by a relentless scam pandemic across the region which for now is primarily fueling subsequent unauthorized fraud attempts, in contrast with the authorized transfer scams seen in EMEA,” LexisNexis researchers wrote. “Bonus abuse worsened in both EMEA and LATAM, linked to both gaming and gambling and ecommerce. North America saw significant YOY percentage growth of true identity theft in 2023, offsetting a decline in third-party chargeback fraud as a percentage of all classifications.”