E-Commerce Fraud is Rapidly Becoming a Super Scourge for the Retail Industry

E-commerce fraud is undergoing a dramatic transformation as international criminal rings increasingly take on the structure and mindset of the Fortune 500 companies they sometimes attack, according to a new report by Signifyd.

The types and targets of online fraud are multiplying, the report notes, as fraudsters look for new revenue streams and novel schemes to outsmart protections deployed by merchants that have redoubled fraud protection in recent years.

The State of Fraud and Abuse 2024 report details the rise of first-party fraud and abuse, a flavor of online crime and cheating focusing on vulnerabilities before and beyond e-commerce checkout. Common first-party scams include falsely claiming an order never arrived or arrived in poor condition, breaking the rules on promotions and discounts, and engaging in unauthorized reselling of popular items.

Among the report’s key findings:

• Attempts at placing fraudulent orders increased 19 percent in the first half of 2024 compared to the previous year, according to Signifyd data.
• Thirteen percent of orders now include signs of address manipulation, a fraud ring tactic that attempts to outsmart machine learning models’ ability to recognize addresses with a history of fraud.
• Cases of attempted re-shipper fraud are up 50 percent in 2024, a sign that crime rings increasingly rely on go-betweens to mask their role in online orders while moving stolen goods out of the United States.
• Professional fraud rings have significantly expanded into nonpayment fraud, often labeled first-party fraud and abuse, helping drive a 4 percent increase year-over-year in consumer abuse. These efforts include “fraud-as-a-service” operations through which fraud rings commit return and refund fraud on behalf of consumers for a cut of the profits.

The report leaves no doubt that the fraud rings operating today aren't your parents’ fraud rings. These criminal rings act in many ways like the enterprises they torment — planning their paths forward, brainstorming new tactics and targets, testing new strategies, and calculating the return on investment of the various ways they pilfer products from legitimate merchants and convert them to cash.

The list of analogies for the battle between fraud fighters and fraudsters is long — arms race, cat-and-mouse game, whack-a-mole, etc. — but the dynamic is correct. As fraud rings continually innovate, so do the professional fraud fighters and solution providers that beat back fraud.

The rise in scale and scope of fraud is a concern for retailers that need to protect their businesses without treating loyal customers like suspected criminals.

While global fraud rings have been growing in prominence for some time, it’s the acceleration of that growth that's most concerning to e-commerce merchants. The dynamic expansion of fraud enterprises puts merchants in the position of needing to provide a best-in-class customer experience and preserve the customer lifetime value they’ve built up without putting their businesses at risk.

And, of course, consumers are victims here, too, when their personal information and identities are stolen. While shoppers are generally compensated for the cost of online fraud committed with their credentials, the experience is stressful and inconvenient. The breaches can also lead to more serious problems should a consumer fall victim to the gift card, romance or investment scams that end with savings accounts being drained.

All this is happening at a time when both criminal rings and fraud prevention professionals are increasingly turning to artificial intelligence to achieve their opposing goals. Criminal organizations have long used bots to rapidly attempt unauthorized logons and to clear digital shelves of scarce and desirable products. Now they've broadened their automated tool set. Fraudsters increasingly are employing deep fakes to run social engineering schemes that yield the personally identifiable information needed to commit fraud and create synthetic accounts.

For their part, risk professionals are increasingly turning to AI to protect the entire buying process, from account creation to account login to return requests. Machine learning models determine the legitimacy of an account modification, an online order or a refund request by recognizing patterns found in past transactions with known good or bad consequences.

The AI vs. AI competition is only picking up speed, according to the State of Fraud and Abuse report. It calls out the growing role of fraud and cybercrime compounds in Southeast Asia staffed through human trafficking, as reported by the United Nations, and the new fraud-as-a-service trend, which experts say encourages otherwise upstanding consumers to seek illegitimate refunds.

One Vietnam-based ring, described in the report, targeted an estimated $4.7 billion in goods nationwide and successfully stole $940 million in merchandise in a matter of months. This industrialization of fraud is part of an illicit industry that cost U.S. e-commerce retailers $48 billion last year, Juniper Research reported.

Mike Cassidy is head of PR and storytelling at Signifyd, a commerce protection provider.