Fraudsters adapt to take advantage of changes in the eCommerce environment. Here we outline four key aspects of fraud evolution that businesses should look out for.
One thing we know for sure about fraudsters is that they're always ready to adapt and take advantage of change in the eCommerce environment. So it wasn't surprising to see the speed at which they evolved their behavior as soon as the pandemic set in. Now, as restrictions start to lift in many parts of the world, fraudsters will be ready to change again. Here, we discuss four key aspects of fraud evolution that merchants should look out for.
1. Get ready to deal with the evolving fraudster playbook
As countries have cycled through pandemic-driven lockdowns and other restrictions, fraudsters have been quick to update their playbooks in line with the changing situation. Based on what they learned during the first wave, they refined their tools and techniques to take advantage during the second. And they'll doubtless continue to hone their approach as things continue to evolve.
Despite effective vaccination programs and other measures in many regions, the potential for a future COVID-19 wave can't be entirely discounted, especially as the virus continues to mutate. Should this happen—even at a regional level—fraudsters will likely be ready to deploy attacks more promptly, given their recent experience.
Businesses that use Cybersource Decision Manager can sample data from previous spikes to prepare for future waves with DM Replay. They can test multiple scenarios—without affecting the live environment—to understand which approaches are most apt to help optimize conversion rates while mitigating their potential exposure to fraud.
2. Stay vigilant as the dark web moves into the light
Fraudsters have traditionally used the dark web to avoid criminal prosecution by using techniques like credit card dumps and information hacking.
However, pandemic-driven economic uncertainty for many people, especially millennials and Generation Z, has led to this material appearing on websites that can be found using mainstream search engines. YouTube tutorials, Reddit forums, Twitter feeds, and Snapchat accounts dedicated to carding have become "legitimized" ways to generate income. We anticipate that popularizing this content on social media will become even more commonplace as fraudsters realize they face limited risk of prosecution.
To help your business stay up to date with the latest information, we recommend you assign a resource to actively track the fraud community on social media, who can reverse-engineer the known carding tips being shared.
3. If you're new to eCommerce, take extra care
The pandemic acted as a catalyst for new online businesses. Some brick-and--mortar-only brands moved quickly to open digital channels, while a number of new brands launched straight into the eCommerce space.
Brands that are relatively new to online shopping may also be inexperienced when it comes to fraud screening. And their rules and processes may need updating if they were built around consumer and fraudster behaviors that have since evolved.
Fraudsters may view newer online operations as softer targets, assuming they lack the knowledge and expertise to combat fraud effectively. To help online startups protect against fraud, we developed Fraud Management Essentials (FME). Designed for midsize businesses, it offers an intuitive fraud configuration that's easy to set up, even for businesses without a team dedicated to fraud management. As your business takes off, you can transition seamlessly to our advanced risk management solution, Decision Manager.
4. Watch out for Professional Refunders and other emerging fraud trends
Over the past year or so, we've seen a number of new fraud trends emerge. Among them: the role of the professional refunder, which changes the dynamic of so-called friendly (or first-person) fraud.
Professional refunders openly advertise their services on social media and market themselves as experts in certain merchants' returns policies. They use strategies to increase refund approvals.
A customer who previously carried out friendly fraud themselves, may now employ a professional refunder instead. Working on behalf of the customer, the professional refunder will call the merchant's contact center to initiate the refund process. Once the refund has been processed the professional refunder will charge the customer a fee for their services—for example, 20 percent of the value of the item.
We recommend you advise your contact center to be alert to the potential for professional refunding activity. You may also want to record refund claim calls for future reference. And of course, you'll want to flag customers with excessive refunds in your fraud screening tool.
Merchants who work with Cybersource can benefit from the expertise of our Managed Risk Analysts, who can create and build strategies to help reduce dispute rates associated with professional refunders and other emerging fraud trends.