In human-driven attacks, fraudsters employ click farms to orchestrate attacks that need more nuanced human interaction. Usually, these attackers step in when bots are unable to bypass fraud defense mechanisms that are designed for need a higher level of human interaction
During the first half of 2021, there was a 77% increase in human-driven attack volume over the second half (H2) of 2020. When compared with the bot attacks, there was a six-fold increase in human-driven attacks. This is indicative of a growing trend where fraudsters are increasingly leaning towards hybrid and human-assisted attacks at scale.
Large volumes of attacks leveraging human fraud farms emanated from Asian countries including China and Vietnam, which contributed 60% of all human-assisted attacks. Asia continues to be an important region for fraudsters as it enables them to find cheap human labor to supplement automated attacks as well as more nuanced human activity such as sending phishing messages on dating platforms. In Europe, fraudsters relied more on automation-driven attacks such as credential stuffing, looking to maximize the RoI.