Loading...

E-Commerce Fraud Attack Rates Hit New Highs in 2017

Published: April 10, 2018 by Traci Krepper

e-commerce attacksWith 16.7 million reported victims of identity fraud in 2017 (that’s 6.64 percent of the U.S. population), it was another record year for the number of fraud victims. And as online and mobile transaction growth continued to significantly outpace brick-and-mortar growth, criminal attacks also grew rapidly. This past year, we saw an increase of more than 30 percent in e-commerce fraud attacks compared with 2016.

As we’ve done over the past three years, Experian® analyzed millions of online transactions to identify fraud attack rates for both shipping and billing locations across the United States. We looked at several data points, including geography and IP address, to help businesses better understand how and where fraud is being perpetrated so they can better protect against it.

The 2017 e-commerce fraud attack rate analysis shows:

  • Delaware and Oregon continue to be the riskiest states for both billing and shipping fraud.
  • Delaware; Oregon; Washington, D.C.; Florida; and Georgia are the top five riskiest states for billing fraud.
  • Delaware, Oregon, Florida, New York and California are the top five riskiest states for shipping fraud, accounting for 50 percent of total fraud attacks.
  • South El Monte, Calif., is the riskiest city overall, with an increase in shipping fraud of approximately 230 percent.
  • Shipping fraud most often occurs near major airports and seaports due to reshippers and freight forwarders that receive domestic goods and often send them overseas.
  • When a transaction originates from an international IP address, shipping fraud is 6.7 times likelier than the average, while billing fraud becomes 7.1 times likelier.

Where is e-commerce fraud happening?

Typically, the highest-risk areas for fraud are in ZIP™ codes and cities near large ports of entry or airports. These are ideal locations to reship fraudulent merchandise, enabling criminals to move stolen goods more effectively.

Top 10 riskiest billing ZIP™ codes   Top 10 riskiest shipping ZIP™ codes
97252 Portland, OR 97079 Beaverton, OR
33198 Miami, FL 33122 Miami, FL
33166 Miami, FL 91733 South El Monte, CA
33122 Miami, FL 97251 Portland, OR
77060 Houston, TX 97250 Portland, OR
33195 Miami, FL 33166 Miami, FL
97250 Portland, OR 97252 Portland, OR
97251 Portland, OR 33198 Miami, FL
33191 Miami, FL 33195 Miami, FL
97253 Portland, OR 33192 Miami, FL
Source: Experian.com Source: Experian.com

What’s more, many of the riskiest ZIP™ codes and cities experience a high volume of transactions originating from international IP addresses. In fact, the top 10 riskiest ZIP codes overall tend to experience fraudulent activity from numerous countries overseas, including China, Venezuela, Taiwan and Hong Kong, and Argentina. These fraudsters tend to implement complex fraud schemes that can cost businesses millions of dollars in fraud losses. Additionally, the analysis shows that traffic coming from a proxy server — which could originate from domestic and international IP addresses — is 74 times riskier than the average transaction.

The problem

The increase in e-commerce fraud attacks shouldn’t come as a huge surprise. The uptick in data breaches, merchants’ continued adoption of EMV-enabled terminals to protect against counterfeit card fraud and the abundance of consumer data on the dark web means that information is even more accessible to criminals. This enables them to open fraudulent accounts, take over legitimate accounts and submit fraudulent transactions. Another reason for the increase is automation. In the past, criminals needed a strong understanding of fraud methods and technology, but they can now bring down an entire organization by simply downloading a file and automating the submission of thousands of applications or transactions simultaneously.

Since fraudsters need to make these transactions appear as normal as possible, they often leverage the cardholder’s actual billing details with slight differences, such as e-mail address or shipping location. Unfortunately, the mass availability of compromised data and the abundance of fraudsters makes it increasingly challenging to identify and separate legitimate customers from attackers across the country. Because of the widespread prevalence of fraud and data compromises, we don’t see billing fraud concentrated in just one region of the country. In fact, the top five states for billing fraud make up only about 18 percent of overall fraud attacks.

Top 5 riskiest billing fraud states   Top 5 riskiest shipping fraud states
State Fraud attack rate State Fraud attack rate
Delaware 93.4 Delaware 195.9
Oregon 86.1 Oregon 170.1
Washington, D.C. 46.5 Florida 45.1
Florida 39.2 New York 37.3
Georgia 31.5 California 32.6
Source: Experian.com Source: Experian.com

Prevention and protection need to be the priority

As businesses get a better understanding of how and where fraud is perpetrated, they can implement proactive strategies to detect and prevent attacks, as well as protect payment information. While no one single strategy can address the entire scope of fraud, there are advanced data sets and technology — such as device intelligence, behavioral and physical biometrics, document verification and entity resolution — that can help businesses make better fraud decisions.

Fortunately, consumers can also play a major role in safeguarding their information. In addition to regularly checking their credit reports and bank/credit card statements for fraudulent activity, consumers can limit the data they share on social networking sites, where attackers often begin when perpetrating identity fraud.

While we continue to help both organizations and consumers limit their exposure to e-commerce fraud, we anticipate that criminals will attempt more sophisticated fraud schemes. But businesses can stay ahead of the curve. This comes down to having a keen understanding of how fraud is being perpetrated, as well as leveraging data, technology and multiple layered strategies to better recognize legitimate customers and make more precise fraud decisions.

View our e-commerce fraud heat map and download the top 100 riskiest ZIP codes in the United States.

Experian is a nonexclusive full-service provider licensee of the United States Postal Service®. The following trademark is owned by the United States Postal Service®: ZIP. The price for Experian’s services is not established, controlled or approved by the United States Postal Service.

Related Posts

Listen in as experts discuss the latest research and insights and how businesses can shape their fraud prevention plan in the short term.

Published: June 29, 2020 by Alison Kray

Cybercriminals are stealing data from fintech platforms to create synthetic identities and commit fraud. Here's how it's impacting them.

Published: October 30, 2019 by Brittany Peterson

We recently analyzed millions of online transactions from the first half of 2017 to identify fraud attack rates. Here are the top 3 riskiest states for e-commerce billing and shipping fraud for H1 2017

Published: September 18, 2017 by Guest Contributor

Subscription title for insights blog

Description for the insights blog here

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Categories title

Lorem Ipsum is simply dummy text of the printing and typesetting industry. Lorem Ipsum has been the industry's standard dummy text ever since the 1500s, when an unknown printer took a galley of type and scrambled it to make a type specimen book.

Subscription title 2

Description here
Subscribe Now

Text legacy

Contrary to popular belief, Lorem Ipsum is not simply random text. It has roots in a piece of classical Latin literature from 45 BC, making it over 2000 years old. Richard McClintock, a Latin professor at Hampden-Sydney College in Virginia, looked up one of the more obscure Latin words, consectetur, from a Lorem Ipsum passage, and going through the cites of the word in classical literature, discovered the undoubtable source.

recent post

Learn More Image

Follow Us!