New report paints a composite picture of the 'Fraudiest Person in America'

Sara Peters, Senior Editor

October 20, 2015

2 Min Read

Buyers who are 85 to 90 years old -- or claiming to be -- are 2.5 times more likely to be fraudsters, according to new research by fraud detection provider Sift Science.

Although Sift Science analyzes transactions across the globe, they limited this study to a sample of with shipping or billing address in the U.S. They cross-referenced their transaction data with third-party data from FullContact to identify gender and age.

By examining the shipping addresses, researchers can ascertain where fraudsters (or reshippers they use) operate from, and billing addresses indicate where the most credit card data is stolen from. Generally speaking, researchers found that accounts were mostly stolen from the West coast and mostly used to ship items to the East coast, particularly the SouthEast. The fraud rate -- both shipping and billing -- was low throughout the MidWest.

More specifically, the state with the highest fraud rate based on billing addresses was Alaska, and the state with the highest fraud rate based on shipping addresses was Delaware, followed by Florida and Georgia.

The researchers found that the rate of e-commerce fraud was high in the same regions where robbery and unemployment rates were also high; they did not find a correlation between online fraud and any other kinds of crime. They also did not find any distinct difference between urban or rural areas, nor regions that traditionally voted Republican or Democrat.

It isn't buyers of splashy vacations or luxury items to look out for. Purchases of $20 or less are 2.16 more likely to be fraudulent than others -- and the smaller the amount, the more likely it's fraud. The reason is, fraudsters make micropurchases to test out stolen credit card data to see if it's still valid.

Most fraud happens during weekdays and 3 a.m. is the most fraudulent time of day -- regardless of time zone -- which leads researchers to believe that fraudsters work regular, late-night shifts.

Although some criminals are making efforts to dodge fraud detections by letting accounts sit idle for as long as 60 days before conducting criminal activity, accounts that are less than three days old are still three times more likely to be fraudulent. Plus, when multiple accounts (for the same site/service) are running from one device, it is more likely those accounts are fraudulent. If two to four accounts are on a device, it's eight times likelier they are fraudulent; if four to eight accounts, it's 14 times likelier. 

"When viewing this data, keep in mind The Fraudiest Person in America represents a composite of separate strong fraud signals, not a single individual who embodies all of these qualities," the report states. "(So, don’t assume that an 88-year-old Alaskan man buying socks for his grandson in Delaware is a fraudster…)"

About the Author(s)

Sara Peters

Senior Editor

Sara Peters is Senior Editor at Dark Reading and formerly the editor-in-chief of Enterprise Efficiency. Prior that she was senior editor for the Computer Security Institute, writing and speaking about virtualization, identity management, cybersecurity law, and a myriad of other topics. She authored the 2009 CSI Computer Crime and Security Survey and founded the CSI Working Group on Web Security Research Law -- a collaborative project that investigated the dichotomy between laws regulating software vulnerability disclosure and those regulating Web vulnerability disclosure.

Keep up with the latest cybersecurity threats, newly discovered vulnerabilities, data breach information, and emerging trends. Delivered daily or weekly right to your email inbox.

You May Also Like

More Insights