How Fraudulent Users Slip Under the Radar @ Sift Science Blog.
As part of our recent United States of Fraud report, we wanted to highlight some of the interesting and surprising patterns we found in our data about who’s committing fraud in the U.S. We focused on a year’s worth of data (August 2014 – August 2015), taking a sample of 1.3 million transactions with shipping or billing address in the U.S. We computed the fraud rate as the number of fraud users as a fraction of all users.
Read more and read PDF.
A few notes on this: Delaware is the highest because it has freight forwarders, not because of actual residents. Generally speaking, it’s a good idea to screen all orders going to Delaware that the billing/shipping are different, the IP does not match and/or there is a mailbox/account # that is part of the address, via human or code. When a person who gets a mailbox forwarder (sometimes with a stolen credit card) the address format they’re instructed to use (for example) is something like:
FULL NAME: Name Surname
ADDRESS 1: 8 McCullough dr (this is a street address of a forwarder, it will change often)
ADDRESS 2: UXXXXX (where UXXXXX is the individual mailbox)
CITY: New Castle
STATE: DE (Delaware)
Delaware, Florida, Nevada, Oregon, New Hampshire, California are popular forward states. There’s a good report here “Drops for Stuff: An Analysis of Reshipping Mule Scams“.
And now on to what you’re waiting for (maybe!) – what’s the fraud rate for Adafruit? We get about 20,000+ orders a month, the successful fraud attempts, as in a stolen credit card that was used on the site and was able to make a purchase for October was 0.0032%, statistically zero. We’ve worked on our fraud detection for about 10 years, from our polling in the industry we are in, we’re on the very very low side.
Here’s a report that has rate of revenue lots to fraud (“Fraudulent payments account for 0.68 percent of retail revenue, up from 0.51 percent in 2013”).
Let’s say you’re a $10m/year company, if you stick with the average and your fraud rate is 0.68% of your revenue, that’s $68,000 / year. Awhile ago we had talked with a large mostly online electronics company that had about $100m in sales, their fraud rate was up to $300,000 PER MONTH, about 3.6% of their monthly revenue at times.
Common attempts for fraud on the Adafruit site: 3D printers and Raspberry Pis.
Lastly, here’s an eBay scam that uses the old work from home mule strategy at times, this one can be avoided by checking the shipping/billing.