Russian hackers and trolls received all the media attention but China and Venezuela were the sources of the most overseas e-commerce fraud attacks in 2017, according to new Experian data. Millions of online transactions were analyzed to identify fraud attacks on online transactions across the U.S for the 2017 E-commerce Fraud report.
Online shopping fraud attacks rose 30% in 2017 vs. 2016, and transactions originating from a foreign Internet Protocol (IP) address were about 7 times riskier than average. An IP address is a unique set of numbers used to identify individual digital devices, allowing them to communicate with other devices on a network.
The growth of e-commerce fraud can be viewed as the last stop on the larger fraud timeline, which often starts with a data breach. The uptick in data breaches, already 278 incidents in 2018, and the increased presence of the dark web marketplace have made personal information more accessible to criminals; that, in turn, makes it easier for fraudsters to access legitimate online accounts.
Identity theft fraud affected a record 16.7 million U.S. consumers in 2017, according Javelin Research. Online shopping fraud is one of the many unfortunate outcomes that can result from becoming a victim of identity theft.
E-commerce Fraud Increased 30% in 2017
Drilling down further, online shopping fraud rose dramatically last year in these two categories:
- Shipping fraud occurs when a criminal uses their address for the delivery of stolen goods purchased online. Rates of shipping fraud increased 37% in 2017 vs. 2016. From a regional perspective, the Western U.S. saw a nearly 60% increase in attack rates for shipping fraud.
- Billing fraud occurs when the victim’s address is tied to the payment account used to purchase the stolen goods; those rates increased 34%. The North Central region saw a 50% increase in attack rates for billing fraud.
What’s a Fraud Attack Rate?
To better understand how shipping and billing fraud take place, Experian analyzed several data points, including geography, IP addresses, and device type and payment method. Fraud attack rates are the number of attempted fraudulent e-commerce transactions against the population of overall e-commerce orders. The figures associated with the rates are basis points; 1 basis point equals an attack rate of 0.01%.
Here is a breakdown of the different hot spots around the country—and around the world—for online shopping fraud.