Data reveals Tampa as the top hot spot for online fraud and ThreatMetrix found a correlation between top cities for fraud and those home to hosted data centers.
The top 10 list of U.S. cities for online fraud are:
1. Tampa, Fla.
2. New York, N.Y.
3. Manassas, Va.
4. San Jose, Calif.
5. Atlanta, Ga.
6. Ashburn, Va.
7. Los Angeles, Calif.
8. San Mateo, Calif.
9. Chicago, Ill.
10. Phoenix, Ariz.
In the majority of the top 10 cities, there were large concentrations of fraud attempts coming from recognized data centers within those cities. Leveraging a sample of data across more than 1 billion monthly transactions and 250 million active user accounts, the data analyzes transactions in the ThreatMetrix Digital Identity Network that have been rejected due to high risk.
While previous ThreatMetrix city-specific research looked at the true origin of fraud attacks, the rankings for this study were determined by which proxies or virtual locations fraudulent transactions appear to come from.
“Cybercriminals are reaping the rewards of high profile data breaches by exploiting hosted servers and using stolen identities to their advantage,” said Alisdair Faulkner, chief products officer at ThreatMetrix. “Transactions coming from hosted servers and data centers should automatically set off a red flag to businesses, as cybercriminals use these servers to fraudulently route traffic using stolen data. Instead of hosted servers, authentic customer transactions are likely to come from business, consumer and mobile networks.”
Hosted data centers in the U.S. are being used by cybercriminals to actively exploit stolen identities from recent data breaches. More specifically, breached identities are being funneled through rented online servers using stolen credit cards. The top cities for online fraud data represents the intersection of locations that have the largest concentration of data centers with offline identities that have been compromised in recent breaches.
“Data centers and hosted service providers are both unwitting accomplices and victims of online fraud and cyberattacks,” said Faulkner. “Criminals set up VPN servers and proxy software at hosted service providers to appear in a location that is consistent with a stolen identity. For example, a fraudster might attempt a banking transaction that appears to be approximately located near the customer’s home address. While there are legitimate privacy-enhancing and VPN services also being hosted at these locations, a telltale sign that your data center is being used to monetize stolen identities will be an increase in the use of stolen credit cards to pay for server time.”
To keep cybercriminals at bay, hosted data centers should implement a cybersecurity strategy that dynamically assesses the digital identities and devices of the entities they do business with to accurately identify illegitimate usage in real time.