Think you know when the most online fraud takes place? It’s probably Cyber Monday or Black Friday, right? What about the fraudiest country in the world? Somewhere in Eastern Europe? Businesses may think they understand fraud, but the reality is far more complex. This lack of insight leads to guessing, incorrect conclusions, and bad decisions.
Sift’s machine learning and massive global data network generate real-time insights into the nuanced patterns of fraud. These patterns are based on geography, industry, time of day, time of year, and over 16,000 other signals. Sift pulls back the curtain on fraud, drawing on petabytes of data to reveal the signals you’re missing.
We took a magnifying glass to 165 billion recent transactions and events among our data set and uncovered 10 surprising insights about how fraud happens. These findings illustrate the kinds of patterns that might be invisible to your business, without the right technology to uncover them.
As these fraud myths show, the insights you need to beat fraud might be the insights you’re missing…
1. Myth: Fraudsters make small purchases to fly below the radar.
Many businesses don’t allow users to make large purchases without first going through extra security verification. To avoid detection, fraudsters keep their purchases small.
Reality: Fraudsters make massive purchases.
On average, a good order comes to around $910. The average fraudulent order, by contrast, amounts to about $3300.
2. Myth: Eastern Europe and Nigeria are the fraudiest places in the world.
We’ve all heard of the Nigerian Prince Scam: a scammer gets in touch with their victim over email, usually promising them a reward in exchange for money. And in light of Russian election hacking, Eastern European internet fraud has gotten renewed attention. These locations must be hotbeds of fraud.
Reality: The fraudiest country is…Mauritania!
Mauritania has a higher rate of fraudsters than anywhere else. Libya takes second place. Although Nigeria is in the top 10, it’s all the way down at number seven. Most Eastern European countries (including Russia) aren’t even in the top 10.
3. Myth: Republicans/Democrats are crooks!
No comment here, but a person’s point of view on who’s a crook is often influenced by their political leanings.
Reality: There’s no correlation between a state’s political affiliation and its population of fraudsters.
New York, Delaware, and New Jersey – all blue states – have some of the highest rate of fraudsters, but so do Georgia, Texas, and Florida … all red states (based on U.S. Presidential election results from 2016).
4. Myth: After committing account takeover (ATO), fraudsters lie in wait for a while before using the stolen account.
An ATO can sometimes arouse a user’s suspicion or raise a business’ red flags. So fraudsters don’t do anything with a user’s stolen account credentials until they believe the coast is clear.
Reality: Once fraudsters have stolen account credentials, they don’t wait around.
For businesses that experience the highest rates of ATO, a compromised user’s account activity increases an average of 22x within a week of the takeover. Fraudsters use stolen credentials as much and as quickly as they can before the user or business redeems control of the account.
5. Myth: Activity from ATO is just a blip on a user’s overall transaction history.
After they’ve stolen account credentials, fraudsters usually don’t get away with very much. The damage is small and ultimately insignificant: just a few small fraudulent purchases.
Reality: After an ATO, a fraudster’s activity represents up to 60% of the user’s annual spending.
This holds true even if a fraudster only has control of a user’s account for a week.
6. Myth: Fraudsters use stolen account credentials once or a few times after an ATO.
Then they throw them out so they won’t raise any red flags by continuing to use the account.
Reality: If a fraudster can get away with it, they’ll keep using stolen accounts until they’re caught.
Even 300 days after an ATO, affected businesses see a spike in median transaction value on stolen accounts.
7. Myth: Fraud happens while you’re asleep.
Scammers want to keep a low profile, and they know users are more likely to notice suspicious activity during the day. To stay undetected, people commit fraud at night.
Reality: Fraud happens all the time!
Fraudulent activity mirrors good transactions. That means fraudsters are online at the same time as normal users. Savvier scammers take advantage of the “noise” caused by increased site traffic to slip by unnoticed.
8. Myth: People commit fraud as a side hustle.
Fraudsters have day jobs, so they only have a chance to commit scams when they aren’t at work.
Reality: Fraud is a day job.
Most fraud happens during standard working hours.
9. Myth: The fraudiest day of the year is during the holiday season.
It must be, right?
Reality: The fraudiest day of the year is…May 9!
May 9 had the highest rate of fraud over the past year. With holiday 2018 upon us, this exercise has proven that fraud is dynamic and patterns vary by vertical and individual business. For example, the fraudiest day for the travel industry is June 5. For online retail, it’s July 14. By harnessing our global network and ensemble of ML models, you can find your fraudiest day of the year.
10. Myth: During the holidays, most fraud happens around Black Friday or Cyber Monday.
Last year, Black Friday deals brought in a record $7.9 billion. Cyber Monday raked in an additional $6.6 billion. With that kind of money flying around, fraudsters take advantage of the chaos to commit their crimes. Dishonest users might also try to get ahead on their holiday shopping by committing promo abuse and using multiple emails to score deals.
Reality: The fraudiest day of the holidays is…not Black Friday or Cyber Monday.
Last year, December 6 saw a higher rate of fraudulent transactions than any other day during the holidays. Surprisingly, that date is different for travel and online retail businesses. For travel, the fraudiest day was November 25 – two days before Thanksgiving. For online retail, it was December 3.
Getting the full picture of how fraud happens
These findings are surprising, and that matters for the way you do business. When adjudicating between good and bad orders, fraud analysts are coming to the table with assumptions: that fraudsters mostly work at night, that ATOs are relatively low profile events, that fraud is going to be higher on Black Friday than any other day, and so on.
These assumptions shape a business’s fraud-fighting operation from top to bottom. They help determine how analysts set up rules, how many people the fraud team hires and staffs on a given day, and so on. If these assumptions are wrong, then that’s going to do major damage to your bottom line.
As fraudsters get more sophisticated and harder to fight, businesses need an adaptive toolbox. Sift draws on your company’s unique data to adapt in real time. Armed with this data, your digital business can thrive, scale, and face future challenges head-on.
To learn more, download The Definitive Guide to Reporting on Fraud!