Clearsale Blog | Insights on Ecommerce and fraud

The State of Fraud: U.S. States With the Highest Fraud Risk

Written by Sarah Elizabeth | Feb 23, 2018
TL;DR

E-commerce fraud risk in the United States varies sharply by location, and the states most prone to fraud are not always the same ones most exposed to identity theft. Based on WalletHub research, the most fraud-prone states included Delaware, Florida, and Alabama, while California, Connecticut, and Rhode Island ranked highest for identity theft risk. ClearSale notes that population density, demographics, and proximity to seaports and airports all shape where fraud concentrates, so merchants who know where their customers live can better protect them and themselves.

While many e-commerce retailers worry that international expansion will increase their fraud risk exposure and cut into profits, they may not realize the threat in their own backyards. Not only is e-commerce fraud alive and well in the United States, it’s flourishing: 15.4 million consumers were victims of identity theft or fraud in 2016.

No retailer — from small mom-and-pop shops to e-commerce giants like Target — is immune to the fraudulent acts of cybercriminals. And despite a merchant’s best efforts, some consumers are more vulnerable to fraud and identity theft simply because of the county or state in which they live.

The 10 Most At-Risk States for Identity Theft

According to WalletHub’s research, Americans’ vulnerability to identity theft depends greatly on the state in which they live. In 2017, the 10 riskiest states for identity theft (based on complaints and actual losses) were:

  1. California
  2. Connecticut
  3. Rhode Island
  4. Illinois
  5. New York
  6. Massachusetts
  7. Georgia
  8. Michigan
  9. District of Columbia
  10. Indiana

Surprisingly, there’s little correlation between the number of identity theft complaints and associated loss amounts: While Vermont ranked No. 47 for complaints per capita, the state tied for first for the highest average loss amount from that theft. And Delaware ranked No. 4 for identity theft complaints but No. 50 for loss amount.

The 10 Most Fraud-Prone States

The states that were most at risk for identity theft weren’t necessarily those that were vulnerable to fraud. WalletHub found these states led the nation in fraud, based on fraud complaints, reported losses and arrests made for fraud:

  1. Delaware
  2. Florida
  3. Alabama
  4. North Carolina
  5. Nevada
  6. District of Columbia
  7. Texas
  8. Tennessee
  9. Mississippi
  10. Georgia

As with identity theft, there was no link between fraud complaints and fraud losses: The District of Columbia tied for first for the most fraud complaints per capita, yet out of all states, they reported the smallest average loss amount due to fraud. Conversely, Alaska tied for the highest average fraud loss but ranked No. 47 in fraud complaints.

What Puts Cities and States at Risk?

When considering the regional risk of identity theft and fraud, merchants should be mindful of these factors:

High-Density Populations

More credit cards in use mean an increased risk of fraud. So it’s no surprise that fraud rates tend to be higher in bigger cities and high-density states, like Washington, D.C.; California; and New York. In fact, California ranked in the top five for identity theft complaints and loss amount due to identity theft, while Texas ranked in the top five for fraud complaints per capita and an associated loss amount due to fraud.

Demographics

Fraudsters do business in the unlikeliest of places. Experian’s 2016 research discovered that the single riskiest ZIP code in the United States for shipping fraud (where stolen merchandise is sent) was Eudora, Kan. Why is a Midwestern town with a population of just over 6,000 such a hotbed for fraud? One theory suggests the high number of college students living in town are lax about securing personal information, making them perfect targets for fraudsters.

At the other end of the age spectrum, Experian’s research revealed that Florida was the most at-risk for fraud based on billing addresses; in fact, 19 of the top 100 fraud-prone ZIP codes were located just within the Miami-Ft. Lauderdale area. Age may be a big factor for this statistic: Fraudsters often target senior citizens, and Florida has the highest concentration of individuals older than 65.

Proximity to Seaports

Many of Experian’s 100 riskiest ZIP codes were near large seaports and international airports — ideal locations for fraudsters to easily move stolen merchandise out of the country. Florida, California and New York led this list, with the three states accounting for 52% of e-commerce shipping fraud and 44% of e-commerce billing fraud (where credit card credentials were stolen and data was used without authorization). Houston’s 77306 ZIP code held the top spot for e-commerce billing fraud in 2016 — also likely due to the city’s easy access to the coast and airports.

To be successful, merchants must know their customers. Not just what they like to buy, but also who they are and where they live. If merchants discover their customer base lives in high-risk states, they must take the steps necessary to protect customers and themselves from the damaging effects of identity theft and fraud.

Helping Customers Avoid Identity Theft and Fraud

There are several things merchants can do to help customers increase the security of e-commerce transactions:

Improve Email Security

Customers, when left to their own devices, don’t always set unique, secure passwords that can protect them from hackers. Help them take security seriously by requiring passwords that use a combination of numbers, upper- and lowercase letters, and special characters.

Receive Credit Card Notifications

Most credit card issuers let cardholders receive text messages or emails when transactions above a specific dollar amount are processed, an online order is placed or customer data is changed. Encourage customers to sign up for these notifications so they will know immediately if there’s any unauthorized credit card activity and can prevent a fraudster from doing additional financial damage.

Confirm Contact Information

Periodically ask customers to review and confirm personal data stored in their accounts, like email addresses, phone numbers and street addresses. Ask customers to consent to receiving notifications if any changes are made to this information.

Warn of Phishing Scams

Fraudsters often create and send purchase confirmations or emails to a customer that look like they’re from a legitimate company. It’s easy for unsuspecting customers to be tricked into clicking on a link that takes them to a fraudulent website (a tactic called “phishing”). Advise customers to be wary of any email that asks for passwords or account information; most companies won’t ask for information this way.

How a Fraud Protection Solution Protects Customers

Despite the size of the United States, fraud has a tendency to concentrate in certain geographic areas, like states with seaport access or large metropolitan cities. Merchants who are aware of these trends and patterns — and understand their customer demographics — are better-prepared to protect both themselves and their customers from adding to the growing fraud statistics.

But even armed with statistics and trends, merchants know that fighting fraudsters isn’t simple. So they’re increasingly turning to a proven ally in the fight against cybercrime: a robust fraud protection solution that defends customers against identity theft and retailers against expensive chargebacks and fraud attacks.

Contact a ClearSale analyst today to learn how implementing the right combination of technology and human analysis can help merchants grow their business, protect customers and stay one step ahead of fraudsters.

Frequently Asked Questions

Which U.S. states have the highest fraud risk for e-commerce?

According to WalletHub research cited by ClearSale, the 10 most fraud-prone states, ranked by fraud complaints, reported losses, and arrests, were Delaware, Florida, Alabama, North Carolina, Nevada, the District of Columbia, Texas, Tennessee, Mississippi, and Georgia. These rankings reflect fraud specifically, which differs from the states most at risk for identity theft.

Are the states most at risk for identity theft the same as those most prone to fraud?

No. The states most at risk for identity theft were not necessarily the same ones most vulnerable to fraud. For identity theft, the riskiest states in 2017 included California, Connecticut, Rhode Island, Illinois, and New York, while the most fraud-prone states were led by Delaware, Florida, and Alabama.

What factors make a city or state more vulnerable to fraud?

Three factors stand out: high-density populations, where more credit cards in use raise fraud risk; demographics, since fraudsters target groups like college students and senior citizens; and proximity to seaports and international airports, which make it easier to move stolen merchandise. Bigger, denser areas like Washington, D.C., California, and New York tend to see higher fraud rates.

Why is Florida considered especially at risk for e-commerce fraud?

Experian research found Florida was the most at-risk state for fraud based on billing addresses, with 19 of the top 100 fraud-prone ZIP codes located in the Miami-Ft. Lauderdale area alone. Age is a likely factor, since fraudsters often target senior citizens and Florida has the highest concentration of residents older than 65.

How does proximity to ports and airports affect fraud risk?

Many of the riskiest ZIP codes sit near large seaports and international airports, ideal spots for fraudsters to move stolen merchandise out of the country. Florida, California, and New York led this list, together accounting for 52% of e-commerce shipping fraud and 44% of e-commerce billing fraud.

What can merchants do to help customers avoid identity theft and fraud?

Merchants can improve email security by requiring strong, unique passwords, encourage customers to sign up for credit card transaction notifications, and periodically ask customers to confirm their contact information. They should also warn customers about phishing scams, where fraudulent emails mimic legitimate companies to trick people into sharing passwords or account data.