During March, the Rippleshot Team covered the top locations and trends of e-commerce fraud in a previous blog post, outlining where both the fraudsters and victims of fraud were located. Much of our focus was on warning financial institutions that EMV implementation was not the cure-all to fraud, as fraud, and its impact of customers, was not going anywhere. Some listened, while some countered that their “fraud losses were lower than ever because of EMV”. So although we don’t like to say we told you so…we told you so. Experian’s latest report, published right around the 1-year anniversary of the EMV liability shift, projects 2016 e-commerce fraud attack rates to be at least 15% higher than last year’s total. Learn the Top 10 Riskiest Zip Codes for shipping and billing fraud in our latest blog- “The Where and What of E-Commerce Fraud”.
Data Equals Power
In order to produce its bi-annual report on Fraud Attack Rates, Experian analyzes millions of e-commerce transactions from the first six months of the year. The attack rates are then calculated by comparing the number fraudulent transactions to a count of total transactions, generating risk basis points for each zip code as a ranking structure. Shipping fraud is an indication of where fraudulently purchased goods are sent, or the shipping address. Billing fraud refers to the address of the fraud victim, or “purchaser”, whose account information is hacked.
Shipping
Our blog post from March still has the most recently updated statistics from Experian relating to the top states for billing and shipping fraud, but here we will take a somewhat different approach by listing it by zipcode.
Here are the Top 10 Riskiest Shipping Zip Codes in the US for H1 2016:
|
Zipcode |
City |
State |
Attack Rate (in basis points) |
|
66025 |
Eudora |
KS |
1138.3 |
|
33195 |
Miami |
FL |
795.0 |
|
33192 |
Miami |
FL |
758.7 |
|
33166 |
Miami |
FL |
675.3 |
|
38858 |
Nettleton |
MS |
546.1 |
|
62694 |
Winchester |
IL |
545.8 |
|
91733 |
South El Monte |
CA |
507.4 |
|
49622 |
Central Lake |
MI |
496.3 |
|
07201 |
Elizabeth |
NJ |
422.0 |
|
77036 |
Houston |
TX |
409.7 |
As you can see, Eudora, KS, found the top of the charts (again) at 1138.3 basis points, symbolizing that over 11% of e-commerce transactions with shipping addresses in 66025 end up becoming fraudulent. Mike Gross, Fraud and Identity Director of Risk Strategy at Experian, attempted to describe the trend in Eudora, explaining that it was caused by a small ring of fraudsters that were leveraging reshipping and freight-forwarding fraud. Reshipping fraud is when cyber criminals use stolen cards for e-commerce transactions and ship them to U.S. addresses, where an individual receives the package and then “reships” it to another location, generally international. Freight-forwarding fraud occurs when an item is shipped to a freight forwarder so that it can be shipped out internationally.
Another continuing trend from our coverage in March was Miami, as it commanded three of the top ten riskiest shipping locations. This was no surprise at all, considering Miami’s status as an international shipping hub, and having previously made the top ten list with five separate zip codes in 2015.
Billing
Let’s move on to billing fraud. Before moving on to examine the list, consider this: 44% of e-commerce billing fraud came from Florida, Connecticut, and New York, based on the sum of attacks that were represented on the top 100 riskiest billing zip codes.
Here are the Top 10 Riskiest Billing Zip Codes in the US for H1 2016:
|
Zipcode |
City |
State |
Attack Rate (in basis points) |
|
77036 |
Houston |
TX |
1145.0 |
|
66025 |
Eudora |
KS |
955.3 |
|
33192 |
Miami |
FL |
725.3 |
|
33166 |
Miami |
FL |
691.3 |
|
99603 |
Homer |
AK |
559.1 |
|
33195 |
Miami |
FL |
531.1 |
|
62694 |
Winchester |
IL |
524.4 |
|
49622 |
Central Lake |
MI |
504.3 |
|
33136 |
Miami |
FL |
371.7 |
|
19952 |
Harrington |
DE |
320.6 |
Small Town, Big Fraud
As you can see, although some of the listed zip codes and cities can be seen as intuitive, many are small locations that, respectively, some of us may have never even heard of. We call this the case of small town, big fraud. Mike Gross mentioned earlier that many of these fraudsters are leveraging small towns as a source of reshipping and freight-forwarding fraud, meaning that they are actually using smaller towns to their advantage, knowing fully well that the transactions will go unnoticed, and they can fly under the radar. For example, Eudora, Kansas, has the highest overall riskiest ZIP code, yet no other Kansas ZIP code appears in the top 100 list.
Correlation VS Causation
On the other hand, major port cities, and international shipping hubs, also pop up on the top 100 lists, since the items involved in the e-commerce fraud are easily shipped or flown overseas to international criminals. For example, “New York, New Jersey, [and] Houston are big port cities or international airports” Gross explains. Therefore, although the shipping/ flying capacity of the city is certainly correlated with its propensity for shipping or billing fraud, it is not necessarily a cause, as there are other more complicated trends impacting the where and what of e-commerce fraud.
Back To The Drawing Board
From the latest key findings by Experian, it is clear that e-commerce fraud is here to stay, in fact it is still growing at an astounding rate. However, the trends influencing the locations of shipping and billing fraud are also becoming more apparent, with a certain emphasis by fraudsters on smaller towns, and then port cities/ international shipping hubs. A development that may have a stronger effect on mitigating e-commerce fraud is the much-anticipated debut of authentication technology 3D Secure 2.0 by EMVCo, as it promises to reduce online fraud, and will be designed to work in apps/ browsers, along with being mobile-friendly.
Did you know that Rippleshot Sonar employs a “Whales and Minnows” approach, meaning that it can detect smaller instances of fraud just as effectively as larger ones?
Find out how Sonar works by scheduling a demo today:
