Mail Security Threat Data Center

RaySecur’s Threat Data Center is an open-source database for tracking in near real-time threats that could be mitigated with proper mail screening.

US Map.

3D Real-Time Imaging Threat Delivery Method

Delivery methods vary from bags and boxes to pressure cookers and pipe bombs.

However, 42% of recorded incidents utilize letters while 18% rely on parcels.

This means 60% of these suspect packages can be screened and deterred by the MailSecur.

RaySecur’s 2019 Targeted Sites

In capturing and analyzing possible threats, we focus on types of targets.

Over 1/3 of targets are government facilities, while 22% are businesses and another 25% are public spaces and public transportation.

RaySecur’s 2019 Targeted Days

The data demonstrates that every day of the week mail handlers deal with suspect packages of one type or another.

However, Tuesdays and Wednesdays are the days most likely for these occurrences to happen. A full 41% of incidents occur on these two days.

However, Thursday-Sunday sees a precipitous drop in events in that less than 40% of all events occur on these days.

ATF’s 5-Year Trend of 3 Largest Target Types (Business, Edu, Residential)

Statistically, the five-year trend shows a downward trend in overall targeting of businesses and residential areas. T

he educational site targeting continues to show historically erratic incidents. All three saw an increase over 2018 from 2017.

ATF’s 5 Year Trend Data of the 3 Highest Threats by Delivery Method

Delivery types stay within historical levels and heavily lean towards packages that are small and innocuous to the surrounding areas.

There is, however, a 95% increase in letters, parcels and powders between 2017 and 2018 indicating a shift in the general methodologies of attack.

ATF’s 5 Year Trend Data of Hoax Versus Validated

The 5-year trend analysis demonstrates a steady reduction in hoax threats while simultaneous exhibiting an increase in validated threats.

This statistical combination suggests a trend of increased lethality.

About the Threat Data Center

Cataloged in this data are dates of offenses, target types, means of attack, and the eventual outcomes. The intent is to capture a holistic understanding of threat events as they unfold and not continue dependence on the annual reports of other organizations. 

All statistical information contained in the TDC Tracker is based on reports from a variety of open media sources. Information is not added to the tracker until the sources are determined as credible, with updating occurring daily.

Statistically, local police initiate investigations into events most often followed up by Bomb Squads from local, state or federal levels. 

The largest number of threats reported to date has been suspicious packages and when they contain powders the substance is four times as likely to be chemical rather than biological. 

Injuries are most often associated with white powder events. Victims may experience sickness and unexpected health issues. 

Traditionally, anthrax is the concern in these scenarios. However, drugs such as fentanyl and methamphetamine are becoming more common.

The overall threat with the highest probability of being targeted is government and businesses and the states experiencing the most events are California, Florida, New York, Massachusetts, followed by Texas. 

By city, Cambridge, MA, reports the most incidents, followed by Oklahoma City, Washington D.C., and finally, Phoenix. This covers settlements ranging from medium-size cities to bustling metropolitans areas, however, we track all instances in the United States. 

Potential attacks are most likely to occur on Tuesday or Wednesday, while they are least likely to happen on the weekends.