Fraud City U.S.A. — ThreatMetrix Digital Identity Network IDs Top 10

Posted August 6, 2015


New ThreatMetrix Study Finds Correlation Between Fraud and Cities That Host Data Centers

We won’t keep you in suspense. Besides, you’d only scan down the page to find out if you live in one of those cities. So, without further ado, here are the top ten U.S. cities for online fraud as revealed by the ThreatMetrix® Digital Identity Network:

  1. Tampa, Fla.
  2. New York, N.Y.
  3. Manassas, Va.
  4. San Jose, Calif.
  5. Atlanta, Ga.
  6. Ashburn, Va.
  7. Los Angeles, Calif.
  8. San Mateo, Calif.
  9. Chicago, Ill.
  10. Phoenix, Ariz.

Proxies or virtual locations of fraudulent transactions

While previous ThreatMetrix® city-specific research looked at the true origin of fraud attacks, the rankings for this study were determined by which proxies or virtual locations fraudulent transactions appeared to come from.

ThreatMetrix analyzed transactions from the ThreatMetrix Digital Identity Network that were rejected due to high risk. The analysis was based on more than 1 billion monthly transactions, 250 million active user accounts, 3,000 customers, and 15,000 websites and mobile applications.

Alisdair Faulkner, ThreatMetrix chief products officer, warns businesses to be wary of hosted servers and data centers

“Cybercriminals are reaping the rewards of high profile data breaches by exploiting hosted servers and using stolen identities to their advantage. Transactions coming from hosted servers and data centers should automatically set off a red flag to businesses, as cybercriminals use these servers to fraudulently route traffic using stolen data. Instead of hosted servers, authentic customer transactions are likely to come from business, consumer and mobile networks.”

Hosted data centers and recently ripped-off identities

Hosted data centers in the U.S. are being used by cybercriminals to actively exploit stolen identities from recent data breaches. More specifically, breached identities are being funneled through rented online servers using stolen credit cards. The top cities for online fraud data represents the intersection of locations that have the largest concentration of data centers with offline identities that have been compromised in recent breaches.

Faulkner on one good sign a data center is being used to commit fraud

“Data centers and hosted service providers are both unwitting accomplices and victims of online fraud and cyberattacks. Criminals set up VPN servers and proxy software at hosted service providers to appear in a location that is consistent with a stolen identity. For example, a fraudster might attempt a banking transaction that appears to be approximately located near the customer’s home address. While there are legitimate privacy-enhancing and VPN services also being hosted at these locations, a telltale sign that your data center is being used to monetize stolen identities will be an increase in the use of stolen credit cards to pay for server time.”

How the ThreatMetrix Digital Identity Network can help hosted data centers stop cybercriminals in their tracks

To stop cybercriminals from using them as unwitting accomplices, hosted data centers should implement a cybersecurity strategy that dynamically assesses the digital identities and devices of the entities they do business with to accurately identify illegitimate usage in real time. The ThreatMetrix Digital Identity Network brings together all aspects of a person’s online devices and behavior into one anonymized digital identity – including email addresses, geo-locations, devices and both personal and business personas. The unique identity combines the specific device and persona each individual is using at any given time, at any place to authenticate users in real time.



close btn