Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.


03:55 PM
Connect Directly

Likeliest Fraudsters Are, Or Claim To Be, 85-90 Years Old

New report paints a composite picture of the 'Fraudiest Person in America'

Buyers who are 85 to 90 years old -- or claiming to be -- are 2.5 times more likely to be fraudsters, according to new research by fraud detection provider Sift Science.

Although Sift Science analyzes transactions across the globe, they limited this study to a sample of with shipping or billing address in the U.S. They cross-referenced their transaction data with third-party data from FullContact to identify gender and age.

By examining the shipping addresses, researchers can ascertain where fraudsters (or reshippers they use) operate from, and billing addresses indicate where the most credit card data is stolen from. Generally speaking, researchers found that accounts were mostly stolen from the West coast and mostly used to ship items to the East coast, particularly the SouthEast. The fraud rate -- both shipping and billing -- was low throughout the MidWest.

More specifically, the state with the highest fraud rate based on billing addresses was Alaska, and the state with the highest fraud rate based on shipping addresses was Delaware, followed by Florida and Georgia.

The researchers found that the rate of e-commerce fraud was high in the same regions where robbery and unemployment rates were also high; they did not find a correlation between online fraud and any other kinds of crime. They also did not find any distinct difference between urban or rural areas, nor regions that traditionally voted Republican or Democrat.

It isn't buyers of splashy vacations or luxury items to look out for. Purchases of $20 or less are 2.16 more likely to be fraudulent than others -- and the smaller the amount, the more likely it's fraud. The reason is, fraudsters make micropurchases to test out stolen credit card data to see if it's still valid.

Most fraud happens during weekdays and 3 a.m. is the most fraudulent time of day -- regardless of time zone -- which leads researchers to believe that fraudsters work regular, late-night shifts.

Although some criminals are making efforts to dodge fraud detections by letting accounts sit idle for as long as 60 days before conducting criminal activity, accounts that are less than three days old are still three times more likely to be fraudulent. Plus, when multiple accounts (for the same site/service) are running from one device, it is more likely those accounts are fraudulent. If two to four accounts are on a device, it's eight times likelier they are fraudulent; if four to eight accounts, it's 14 times likelier. 

"When viewing this data, keep in mind The Fraudiest Person in America represents a composite of separate strong fraud signals, not a single individual who embodies all of these qualities," the report states. "(So, don’t assume that an 88-year-old Alaskan man buying socks for his grandson in Delaware is a fraudster…)"

Sara Peters is Senior Editor at Dark Reading and formerly the editor-in-chief of Enterprise Efficiency. Prior that she was senior editor for the Computer Security Institute, writing and speaking about virtualization, identity management, cybersecurity law, and a myriad ... View Full Bio

Recommended Reading:

Comment  | 
Print  | 
More Insights
Newest First  |  Oldest First  |  Threaded View
User Rank: Ninja
10/22/2015 | 2:58:25 PM
Vigilance is key
If I was a malicious intender, I would take the approach of siphoning in small increments as well. I know many people that rarely check their financial accounts online and a small transaction would slip through possibly even if they did. The key here is vigilance, set up alerts for whenever money is taken out of an account, view your financial statements on a regular basis. Not only will it keep you safe, but help you save as well.
COVID-19: Latest Security News & Commentary
Dark Reading Staff 6/5/2020
How AI and Automation Can Help Bridge the Cybersecurity Talent Gap
Peter Barker, Chief Product Officer at ForgeRock,  6/1/2020
Cybersecurity Spending Hits 'Temporary Pause' Amid Pandemic
Kelly Jackson Higgins, Executive Editor at Dark Reading,  6/2/2020
Register for Dark Reading Newsletters
White Papers
Cartoon Contest
Write a Caption, Win a Starbucks Card! Click Here
Latest Comment: What? IT said I needed virus protection!
Current Issue
How Cybersecurity Incident Response Programs Work (and Why Some Don't)
This Tech Digest takes a look at the vital role cybersecurity incident response (IR) plays in managing cyber-risk within organizations. Download the Tech Digest today to find out how well-planned IR programs can detect intrusions, contain breaches, and help an organization restore normal operations.
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
PUBLISHED: 2020-06-06
In support.c in pam_tacplus 1.3.8 through 1.5.1, the TACACS+ shared secret gets logged via syslog if the DEBUG loglevel and journald are used.
PUBLISHED: 2020-06-06
In WSO2 API Manager 3.0.0 and earlier, WSO2 API Microgateway 2.2.0, and WSO2 IS as Key Manager 5.9.0 and earlier, Management Console allows XXE during addition or update of a Lifecycle.
PUBLISHED: 2020-06-06
SQLite 3.32.2 has a use-after-free in resetAccumulator in select.c because the parse tree rewrite for window functions is too late.
PUBLISHED: 2020-06-05
The Elementor Page Builder plugin before 2.9.9 for WordPress suffers from a stored XSS vulnerability. An author user can create posts that result in a stored XSS by using a crafted payload in custom links.
PUBLISHED: 2020-06-05
The Elementor Page Builder plugin before 2.9.9 for WordPress suffers from multiple stored XSS vulnerabilities. An author user can create posts that result in stored XSS vulnerabilities, by using a crafted link in the custom URL or by applying custom attributes.