Crime Files Network

Popular Australian

e-commerce fraud

suburbs revealed


Ben Grubb

May 4, 2011 – 1:24PM

New data collated from about 2 million Australian credit and debit cards reveals the popular suburbs in which e-commerce fraud has been attempted, using internet-connected computers.

E-commerce fraud involves a criminal using a stolen credit or debit card to buy goods online. The computers in the suburbs listed are either being used by an actual fraudster sitting at the terminal or remote fraudsters who have infected machines within that suburb.

The data, released by security company RSA to Fairfax, publisher of this website, showed Queensland was the hot spot for e-commerce fraud in Australia during the January to March reporting period, which used data collected from about 2 million Visa and MasterCard credit and debit cards.

Victoria, New South Wales and Western Australia were the second, third and fourth most popular states after Queensland, RSA data showed. Both MasterCard and Visa were RSA clients, RSA spokesman Mason Hooper said.

In NSW the suburb of Fairfield accounted for 6.9 per cent of the state’s e-commerce fraud. Gosford (5.4 per cent), Hurstville (2.1 per cent), North Ryde (2 per cent), Hay (1.5 per cent), Sydney (1.1 per cent) and Mascot (1 per cent) were also among the top-ranked NSW suburbs in which e-commerce fraud was committed.

The Victorian suburb of Sunshine accounted for 3.1 per cent of the state’s e-commerce fraud, Melbourne (1.1 per cent), Sunbury (0.7 per cent), Burwood East (0.3 per cent) and Burwood (0.2 per cent).

In Queensland the suburb of Sandgate accounted for 2.6 per cent of the state’s e-commerce fraud followed by Brisbane (1.6 per cent), the Sunshine Coast (0.8 per cent) and Ipswich (0.6 per cent).

Popular goods attempted to be purchased using stolen credit or debit card details often included iPhones, iPads, laptops and other computer hardware, as well as plane tickets, Mr Hooper said, adding: “We see a lot of fraud in the air travel space.”

A person’s credit or debit card information was usually stolen by a fraudster “phishing” for it or a victim unknowingly installing what is known as a “Trojan” virus on their computer.

Phishing can occur when a fraudster sends a victim an email that appears to look as though it’s come from a bank. It usually asks the victim to “verify” their details by clicking on a link and entering their credit or debit card details. Banks will never ask customers to supply these details online.

If the details are filled out and submitted, the victim essentially hands over their details to the fraudster instead of to their bank, allowing the fraudster to perform what is known as a card-not-present transaction to buy goods using the internet with the card information they have obtained.

A Trojan on the other hand, such as Zeus or SpyEye, can be used by hackers to steal information from a compromised computer. It usually takes advantage of security flaws in web browsers when a victim visits a compromised website that is used to install the Trojan.

Trojan-infected computers are also used by fraudsters to render a credit or debit card transaction anonymous, which is why many of the top-ranked suburbs were not necessarily crime hot spots, but where victims of Trojan-infected computers lived, Mr Hooper said.

Tapping into a Trojan-infected computer allows a fraudster to become untraceable, using the victim’s IP address – the unique sequence of numbers assigned to each computer, website or other internet-connected device – instead of their own.

“So we find out via IP address location [of suburbs],” Mr Hooper said. “Which … means that it could be the actual fraudster sitting at the end of that IP address or it could be someone proxying though an infected machine. And there’s no real way to break that down.”

Mr Hooper said there was “definitely a correlation between high-crime areas and online fraud”. He said he expected that “a lot” of the 6.9 per cent of e-commerce fraud being committed at Fairfield during the reporting period was “genuine” and not fraudsters using victims’ computers in that suburb “because there’s a lot of … crime out in [Sydney’s western suburbs] … so it’s not surprising to see genuine fraud attempts out in those areas”.

He also said Mascot, which is near Sydney Airport, would be where “you’d get a lot of fraud attempts on public machines”, especially on internet cafe computers at the airport.

“If you’re a fraudster then you don’t want to be caught, so it’s better if you’re going to commit fraud … to do it from public Wi-Fi or from a public machine,” Mr Hooper explained.

“So at airports it’s not surprising to see a lot in those sorts of areas and in universities where they’ve largely got free and open access to the internet.”

In the case of universities being a hot spot for e-commerce crime, Mr Hooper pointed to North Ryde, where 2 per cent of NSW’s e-commerce fraud had been committed and where Macquarie University is situated.

“So again that’s not surprising to see these things where universities exist and there’s a lot of public machines that people can use to commit fraud.”

Mr Hooper suspected many of the Queensland suburbs listed to be hot spots for Trojan-infected computers rather than where the criminals lived.

“[In] Sandgate … there’s a lot of retirees around there and people that might not be patching their machines and keeping both the patching up-to-date and the anti-virus up to date,” Mr Hooper said.

“They might be more likely to be prone to open an email message that they shouldn’t open. So either responding to a phishing attack or opening up a Trojan that’s embedded within a machine.”

He also suspected this to be the case for the NSW town of Hay – but for a different reason.

“Hay’s a very small town in NSW. I would suspect that [with] somewhere like Hay it’s actually more likely to be rampant Trojans out there. And because they’re a smaller community they’ll be sharing files between each other. So it’s quite easy to … get a concentrated infection in one area. So I would suggest there’d be less genuine fraud [there]. So I don’t think the fraudsters will live in Hay. I think they’ll live somewhere else. But there’ll be a large proportion of their machines that are infected out there. And again a lot of that will come from the community sort of impact of sending files around.”

Mr Hooper said schemes such as Verified by Visa and MasterCard’s Securecode were designed to stop e-commerce fraud from occurring.

“RSA are providing that extra level of authentication or fraud detection [to them],” he said. “So we’re stopping that fraud as the user’s making that transaction.”

Verified by Visa, which is available only on websites that participate in adding the extra level of security, creates another factor of authentication when completing a transaction.

MasterCard’s Securecode works on the same premise

Add A Comment


Subscribe to Crime Files Network