Loading...

E-commerce fraud continues to be an area of concern — just look to the West and the South

Published: September 6, 2017 by Guest Contributor

e-commerce fraud

Since the advent of the internet, our lives have changed drastically for the better. We can perform many of life’s daily activities from the comfort of our own home. According to Aite, in 2016 alone 36 million Americans made some form of mobile payment — paying a bill, purchasing something online, paying for fast food or making a mobile wallet purchase at a retailer. Simply put, the internet has made our lives easier. But with the good also comes the bad. While most consumers have moved to the digital world, so have fraudsters. With minimal risk and high reward at stake, e-commerce fraud attacks have increased dramatically over the last few years, with no signs of slowing down.

We recently analyzed millions of transactions from the first half of 2017 to identify fraud attack rates based on billing and shipping addresses and broke down the findings into various geographic trends. Fraud attack rates represent the attempted fraudulent e-commerce transactions against the population of overall e-commerce orders.

Consumers living out West and in the South have experienced more than their fair share of fraud. During the first half of 2017, the West and the South were the top two regions for both billing and shipping attacks. While both regions were at the top during the same time last year, the attacks themselves have increased substantially. Given the proximity to seaports and major international airports, this is somewhat unsurprising — particularly for shipping fraud — as many fraudsters will leverage reshippers to transport goods soon after delivery.

Shipping: Riskiest Regions
Region Attack rate
West 38.1
South 32.1
Northeast 27.0
North Central 20.7
Billing: Riskiest Regions
Region Attack rate
West 37.2
South 32.9
Northeast 27.3
North Central 24.0

At the state level, the top three shipping fraud states remained the same as 2016 — Delaware, Oregon and Florida — but the order changed. Oregon was the most targeted, with a fraud rate of 135.2 basis points, more than triple its rate at in the end of 2016.

Though no longer in the top spot, Delaware saw alarming spikes as well, with shipping attack rates nearly triple last year’s rate at 128.6 basis points and billing attacks at 79.6 basis points.

Shipping: Riskiest States
State Attack rate
Oregon 135.2
Delaware 128.2
Florida 57.4
New York 45.0
Nevada 36.9
California 36.9
Georgia 33.5
Washington, D.C 30.8
Texas 29.6
Illinois 29.4
Billing: Riskiest States
Region Attack rate
Oregon 87.5
Delaware 79.6
Washington, D.C. 63.0
Florida 47.4
Nevada 38.8
California 36.9
Arkansas 36.6
New York 35.5
Vermont 34.2
Georgia 33.4

Diving a bit deeper, ZIPTM codes in Miami, Fla., make up a significant portion of the top 10 ZIP CodeTM lists for shipping and billing attacks — in fact, many of the same ZIP codes appear on both lists. The other ZIP Code that appears on both lists is South El Monte, Calif., which has a high percentage of industrial properties — common targets for fraudsters to ship packages, then reship overseas. You can download the top 100 riskiest Zip Codes in the U.S. for H1 2017.

Shipping: Top 10 riskiest ZIP™ Codes
ZIP Code Attack rate
33122 [Miami, Fla.] 2409.4
91733 [South El Monte, Calif.] 1655.5
33198 [Miami, Fla.] 1295.2
33166 [Miami, Fla.] 1266.0
33195 [Miami, Fla.] 1037.3
33192 [Miami, Fla.] 893.9
97251 [Portland, Ore.] 890.6
07064 [Port Reading, NJ] 808.9
89423 [Minden, Nev.] 685.5
77072 [Houston, Tex.] 629.3
Billing: Top 10 riskiest ZIP™ Codes
ZIP Code Attack rate
77060 [Houston, Tex.] 1337.6
33198 [Miami, Fla.] 1215.6
33122 [Miami, Fla.] 1106.2
33166 [Miami, Fla.] 1037.4
91733 [South El Monte, Calif.] 780.1
33195 [Miami, Fla.] 713.7
97252 [Portland, Ore.] 670.8
33191 [Miami, Fla.] 598.8
33708 [St. Petersburg, Fla.] 563.6
33792 [Miami, Fla.] 493.0

As e-commerce fraud continues to grow, businesses need to be proactive to keep themselves and their customers safe. That means incorporating multiple, layered fraud prevention strategies that work together seamlessly — for example, understanding details about users and their devices, knowing how users interact with the business and evaluating previous transaction history. This level of insight can help businesses distinguish real customers from nefarious ones without impacting the customer experience.

While businesses are ultimately responsible for the safety of customers and their data, the onus doesn’t rest solely with them. Consumers should also be vigilant when it comes to protecting their digital identities and payment information. That means creating strong, unique passwords; actively monitoring online accounts; and using two-factor authentication to secure account access.

At the end of the day, e-commerce fraud is a challenge that businesses and consumers will experience for the foreseeable future. But rising attack rates don’t have to spell doom and gloom for the industry. E-commerce growth is still extremely strong, as consumers interact through multiple channels (in-store, mobile and web) and expect a personalized experience. Establishing trust and verifying digital identities are key to meeting these latest expectations, which provide new opportunities for businesses and consumers to interact seamlessly and transact securely. With multiple safeguards in place, businesses have a variety of options to protect their customers and their brand reputation.

Experian is a nonexclusive full-service provider licensee of the United States Postal Service®. The following trademarks are owned by the United States Postal Service®: ZIP and ZIP Code. The price for Experian’s services is not established, controlled or approved by the United States Postal Service.

Related Posts

Lorem ipsum dolor sit amet, consectetur adipiscing elit. Phasellus at nisl nunc. Sed et nunc a erat vestibulum faucibus. Sed fermentum placerat mi aliquet vulputate. In hac habitasse platea dictumst. Maecenas ante dolor, venenatis vitae neque pulvinar, gravida gravida quam. Phasellus tempor rhoncus ante, ac viverra justo scelerisque at. Sed sollicitudin elit vitae est lobortis luctus. Mauris vel ex at metus cursus vestibulum lobortis cursus quam. Donec egestas cursus ex quis molestie. Mauris vel porttitor sapien. Curabitur tempor velit nulla, in tempor enim lacinia vitae. Sed cursus nunc nec auctor aliquam. Morbi fermentum, nisl nec pulvinar dapibus, lectus justo commodo lectus, eu interdum dolor metus et risus. Vivamus bibendum dolor tellus, ut efficitur nibh porttitor nec. Pellentesque habitant morbi tristique senectus et netus et malesuada fames ac turpis egestas. Maecenas facilisis pellentesque urna, et porta risus ornare id. Morbi augue sem, finibus quis turpis vitae, lobortis malesuada erat. Nullam vehicula rutrum urna et rutrum. Mauris convallis ac quam eget ornare. Nunc pellentesque risus dapibus nibh auctor tempor. Nulla neque tortor, feugiat in aliquet eget, tempus eget justo. Praesent vehicula aliquet tellus, ac bibendum tortor ullamcorper sit amet. Pellentesque tempus lacus eget aliquet euismod. Nam quis sapien metus. Nam eu interdum orci. Sed consequat, lectus quis interdum placerat, purus leo venenatis mi, ut ullamcorper dui lorem sit amet nunc. Donec semper suscipit quam eu blandit. Sed quis maximus metus. Nullam efficitur efficitur viverra. Curabitur egestas eu arcu in cursus. H1 asdf asdf H2 H3 H4 Lorem ipsum dolor sit amet, consectetur adipiscing elit. Vestibulum dapibus ullamcorper ex, sed congue massa. Duis at fringilla nisi. Aenean eu nibh vitae quam auctor ultrices. Donec consequat mattis viverra. Morbi sed egestas ante. Vivamus ornare nulla sapien. Integer mollis semper egestas. Cras vehicula erat eu ligula commodo vestibulum. Fusce at pulvinar urna, ut iaculis eros. Pellentesque volutpat leo non dui aliquet, sagittis auctor tellus accumsan. Curabitur nibh mauris, placerat sed pulvinar in, ullamcorper non nunc. Praesent id imperdiet lorem. H5 Curabitur id purus est. Fusce porttitor tortor ut ante volutpat egestas. Quisque imperdiet lobortis justo, ac vulputate eros imperdiet ut. Phasellus erat urna, pulvinar id turpis sit amet, aliquet dictum metus. Fusce et dapibus ipsum, at lacinia purus. Vestibulum euismod lectus quis ex porta, eget elementum elit fermentum. Sed semper convallis urna, at ultrices nibh euismod eu. Cras ultrices sem quis arcu fermentum viverra. Nullam hendrerit venenatis orci, id dictum leo elementum et. Sed mattis facilisis lectus ac laoreet. Nam a turpis mattis, egestas augue eu, faucibus ex. Integer pulvinar ut risus id auctor. Sed in mauris convallis, interdum mi non, sodales lorem. Praesent dignissim libero ligula, eu mattis nibh convallis a. Nunc pulvinar venenatis leo, ac rhoncus eros euismod sed. Quisque vulputate faucibus elit, vitae varius arcu congue et. Ut maximus felis quis diam accumsan suscipit. Etiam tellus erat, ultrices vitae molestie ut, bibendum id ipsum. Aenean eu dolor posuere, tincidunt libero vel, mattis mauris. Aliquam erat volutpat. Sed sit amet placerat nulla. Mauris diam leo, iaculis eget turpis a, condimentum laoreet ligula. Nunc in odio imperdiet, tincidunt velit in, lacinia urna. Aenean ultricies urna tempor, condimentum sem eget, aliquet sapien. Ut convallis cursus dictum. In hac habitasse platea dictumst. Ut eleifend eget erat vitae tempor. Nam tempus pulvinar dui, ac auctor augue pharetra nec. Sed magna augue, interdum a gravida ac, lacinia quis erat. Pellentesque fermentum in enim at tempor. Proin suscipit, odio ut lobortis semper, est dolor maximus elit, ac fringilla lorem ex eu mauris. Phasellus vitae elit et dui fermentum ornare. Vestibulum non odio nec nulla accumsan feugiat nec eu nibh. Cras tincidunt sem sed lacinia mollis. Vivamus augue justo, placerat vel euismod vitae, feugiat at sapien. Maecenas sed blandit dolor. Maecenas vel mauris arcu. Morbi id ligula congue, feugiat nisl nec, vulputate purus. Nunc nec aliquet tortor. Maecenas interdum lectus a hendrerit tristique. Ut sit amet feugiat velit. Test Yes asedtsdfd asdf asdf adsf Related Posts

Published: March 1, 2025 by Jon Mostajo, test user

Romance scams target individuals of all ages and backgrounds. Financial institutions need to protect their customers from these schemes.

Published: February 5, 2025 by Alex Lvoff

As data breaches become an ever-growing threat to businesses, the role of employees in maintaining cybersecurity has never been more critical. Did you know that 82% of data breaches involve the human element1 , such as phishing, stolen credentials, or social engineering tactics? These statistics reveal a direct connection between employee identity theft and business vulnerabilities. In this blog, we’ll explore why protecting your employees’ identities is essential to reducing data breach risk, how employee-focused identity protection programs, and specifically employee identity protection, improve both cybersecurity and employee engagement, and how businesses can implement comprehensive solutions to safeguard sensitive data and enhance overall workforce well-being. The Rising Challenge: Data Breaches and Employee Identity Theft The past few years have seen an exponential rise in data breaches. According to the Identity Theft Resource Center, there were 1,571 data compromises in the first half of 2024, impacting more than 1.1 billion individuals – a 490% increase year over year2. A staggering proportion of these breaches originated from compromised employee credentials or phishing attacks. Explore Experian's Employee Benefits Solutions The Link Between Employee Identity Theft and Cybersecurity Risks Phishing and Social EngineeringPhishing attacks remain one of the top strategies used by cybercriminals. These attacks often target employees by exploiting personal information stolen through identity theft. For example, a cybercriminal who gains access to an employee's compromised email or social accounts can use this information to craft realistic phishing messages, tricking them into divulging sensitive company credentials. Compromised Credentials as Entry PointsCompromised employee credentials were responsible for 16% of breaches and were the costliest attack vector, averaging $4.5 million per breach3. When an employee’s identity is stolen, it can give hackers a direct line to your company’s network, jeopardizing sensitive data and infrastructure. The Cost of DowntimeBeyond the financial impact, data breaches disrupt operations, erode customer trust, and harm your brand. For businesses, the average downtime from a breach can last several weeks – time that could otherwise be spent growing revenue and serving clients. Why Businesses Need to Prioritize Employee Identity Protection Protecting employee identities isn’t just a personal benefit – it’s a strategic business decision. Here are three reasons why identity protection for employees is essential to your cybersecurity strategy: 1. Mitigate Human Risk in Cybersecurity Employee mistakes, often resulting from phishing scams or misuse of credentials, are a leading cause of breaches. By equipping employees with identity protection services, businesses can significantly reduce the likelihood of stolen information being exploited by fraudsters and cybercriminals. 2. Boost Employee Engagement and Financial Wellness Providing identity protection as part of an employee benefits package signals that you value your workforce’s security and well-being. Beyond cybersecurity, offering such protections can enhance employee loyalty, reduce stress, and improve productivity. Employers who pair identity protection with financial wellness tools can empower employees to monitor their credit, secure their finances, and protect against fraud, all of which contribute to a more engaged workforce. 3. Enhance Your Brand Reputation A company’s cybersecurity practices are increasingly scrutinized by customers, stakeholders, and regulators. When you demonstrate that you prioritize not just protecting your business, but also safeguarding your employees’ identities, you position your brand as a leader in security and trustworthiness. Practical Strategies to Protect Employee Identities and Reduce Data Breach Risk How can businesses take actionable steps to mitigate risks and protect their employees? Here are some best practices: Offer Comprehensive Identity Protection Solutions A robust identity protection program should include: Real-time monitoring for identity theft Alerts for suspicious activity on personal accounts Data and device protection to protect personal information and devices from identity theft, hacking and other online threats Fraud resolution services for affected employees Credit monitoring and financial wellness tools Leading providers like Experian offer customizable employee benefits packages that provide proactive identity protection, empowering employees to detect and resolve potential risks before they escalate. Invest in Employee Education and Training Cybersecurity is only as strong as your least-informed employee. Provide regular training sessions and provide resources to help employees recognize phishing scams, understand the importance of password hygiene, and learn how to avoid oversharing personal data online. Implement Multi-Factor Authentication (MFA) MFA adds an extra layer of security, requiring employees to verify their identity using multiple credentials before accessing sensitive systems. This can drastically reduce the risk of compromised credentials being misused. Partner with a Trusted Identity Protection Provider Experian’s suite of employee benefits solutions combines identity protection with financial wellness tools, helping your employees stay secure while also boosting their financial confidence. Only Experian can offer these integrated solutions with unparalleled expertise in both identity protection and credit monitoring. Conclusion: Identity Protection is the Cornerstone of Cybersecurity The rising tide of data breaches means that businesses can no longer afford to overlook the role of employee identity in cybersecurity. By prioritizing identity protection for employees, organizations can reduce the risk of costly breaches and also create a safer, more engaged, and financially secure workforce. Ready to protect your employees and your business? Take the next step toward safeguarding your company’s future. Learn more about Experian’s employee benefits solutions to see how identity protection and financial wellness tools can transform your workplace security and employee engagement. Learn more 1 2024 Experian Data Breach Response Guide 2 Identity Theft Resource Center. H1 2024 Data Breach Analysis 3 2023 IBM Cost of a Data Breach Report

Published: January 28, 2025 by Stefani Wendel

Subscribe to our blog

Enter your name and email for the latest updates.

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Subscribe to our Experian Insights blog

Don't miss out on the latest industry trends and insights!
Subscribe