How Fraudulent Users Slip Under the Radar

If there’s one thing we’ve discovered at Sift Science, it’s that online fraudsters can be awfully good at disguising themselves as legitimate users. That’s why all types of businesses rely on our machine learning technology – which unearths hidden fraudsters based on data collected from thousands of websites who use our service – to keep bad users at bay.

As part of our recent United States of Fraud report, we wanted to highlight some of the interesting and surprising patterns we found in our data about who’s committing fraud in the U.S. We focused on a year’s worth of data (August 2014 – August 2015), taking a sample of 1.3 million transactions with shipping or billing address in the U.S. We computed the fraud rate as the number of fraud users as a fraction of all users.

Once we found some strong signals of fraud, we combined them to paint a picture of someone we like to call…

The Fraudiest Person in America

The Fraudiest Person in America is…

• Male. Men are slightly more likely than women to be fraudsters
• (Perhaps pretending to be) elderly. The 85-90 age range has the highest fraud rate. Users identifying themselves as this age are 2.5x more likely to be fraudsters than the average user
• Buying something cheap. Orders worth $0-$20 have the highest fraud rate. Purchasing something worth $20 or less makes someone 2.16x more likely to be a fraudster.
• Shipping something to Delaware. In our geographic analysis, the second smallest state in the U.S. had the highest fraud rate based on shipping address.
• Billing something to a credit card in Alaska. We found that the largest state in the union – and the state listed first in checkout form dropdown lists – had the highest fraud rate based on billing address.

Surprised by anything? Yeah, we were too. That’s what we mean about fraudsters being good at disguises. Just remember that The Fraudiest Person in America represents a composite of separate strong fraud signals, not a single individual who embodies all of these qualities. (So, don’t assume that an 88-year-old Alaskan man buying socks for his grandson in Delaware is a fraudster…)

Habits of the Fraudiest Person

Last year, we published a blog post called The Seven Habits of Highly Fraudulent Users, which outlined a few different patterns we uncovered. Now, we wondered: had any of these patterns changed? Here are some of the common behaviors we found in our updated analysis:

Fraudsters try out different credit cards

• Purchases worth less than $20 are 2.16x more likely to be fraudulent.
• For purchases less than $20, the smaller the purchase amount, the more likely it’s fraud.
• What this suggests: criminals are testing whether stolen credit card information is still valid, by trying out low-value orders.

Fraudsters don multiple identities

• A user with 2-4 accounts linked to the same device is 8x more likely to be fraudulent.
• 4-8 accounts on a single device? 14x more likely to be fraudulent.
• What this suggests: it’s much easier to create multiple accounts to commit fraud than it is to access several different devices, so fraudsters try their luck several times from the same laptop or phone.

Fraudsters work regular days (and hours)

• Fraudsters work at night. 3 a.m. is the fraudiest time of day, regardless of time zone.
• Fraudsters are more likely to transact online on the weekdays than a legitimate user.
• What this suggests: The average 9-5 worker usually does their online shopping on the weekends. For fraudsters, “online shopping” with stolen credentials is their job.

Fraudsters try to outsmart barriers

• One of the most common ways to identify fraud is by looking at how long a user has had an account. Fraudsters tend to open accounts, commit their crime, and then move on.
• Indeed, we found that accounts less than 3 days old are 3x more likely to be fraudulent.
• However, we also identified “sleeper” fraudsters who committed their crimes after about 60 days.
• Accounts that are 2 months old are 2x more likely to be fraudulent than accounts that are at least 6 months old.
• What this suggests: Fraudsters are always looking for ways around fraud-detection barriers.

Do any of these fraud patterns ring true for your website? Every business is different, so yours may attract different kinds of fraud attempts. Machine learning can detect all sorts of bad behavior online – from credit card fraud and coupon fraud to fake accounts and spammy content. It’s amazing what you can find once you start digging into the data.