Fraud Analysis Points to Outlook, Elite Credit Card Vulnerabilities

The fraud rate is highest between 2 and 6 a.m. ET, security vendor Forter finds. The analysis also shows Outlook's fraud rate is higher than other email sites.

fraud analysis

E-commerce fraud-prevention vendor Forter has examined data for more than 1 million transactions in 2014 and identified a number of fraud trends. Among the key findings in Forter's analysis is the fact that fraud rates peak between 2 and 6 a.m. ET.

"We know that many fraudsters operate from outside of the U.S., which is one explanation for this," Noam Inbar, vice president of business development at Forter, told eWEEK. "The other is that there are fraudsters that operate from within the U.S. but have a day job in addition to being fraudsters, so it makes sense for them to operate at night."

Fraud rates also varied based on the type of credit card, with elite cards (such as Centurion, Infinite and Black) having a 1.7 percent fraud rate. In contrast, Gold and Platinum cards had a 1 percent fraud rate while basic credit cards have a fraud rate of 0.8 percent. In Forter's analysis, the high-profile elite cards are more attractive to fraudsters as they typically have higher credit limits.

Surprisingly, Forter found that for the peak shopping days of Black Friday and Cyber Monday in November, the fraud rate was only 49 percent of the industry average. When it comes to Christmas Eve and Christmas Day, the story changes and the fraud rate spikes to 200 percent of the average fraud rate. In Forter's analysis, the Black Friday and Cyber Monday fraud rates are lower because fraudsters are indifferent to promotions. Forter attributes the spike in fraud rates on Christmas to the fact that many legitimate shoppers have already completed their holiday shopping by then.

Fraud rates also vary across different email domains, with Forter identifying Microsoft's as having the most fraud. According to Forter, the rate of fraud from Outlook is 15 times the industry average. With the Outlook emails, there is no indication of a breach, Inbar said.

"Fraudsters typically maintain multiple email addresses and open new accounts according to need," Inbar said.

While Outlook had the highest fraud rate for an email domain, Forter found that Gmail and Yahoo email addresses had a fraud rate that is near the industry average. Meanwhile, AOL email addresses had a fraud rate that is 40 percent below the industry average.

Inbar, declining to provide the exact fraud rates, cited the need to protect the security and privacy of Forter's customers.

As to why Outlook's fraud rate is higher than others, Inbar said Forter isn't suggesting that there's a problem with the security of the Outlook domain but is pointing out that the Outlook account creation process is more seamless.

"In the online world, we always encounter the issue of having to keep a balance between user experience and security," Inbar said. "Putting more barriers on the account-creation process might make it harder for the fraudsters but also for the legitimate shoppers, and we know that most fraudsters are determined enough to eventually find a solution either way."

Sean Michael Kerner is a senior editor at eWEEK and Follow him on Twitter @TechJournalist.

Sean Michael Kerner

Sean Michael Kerner

Sean Michael Kerner is an Internet consultant, strategist, and contributor to several leading IT business web sites.