Mitigating Dark Web Threats: Safeguarding E-Commerce Retailers Against Policy Abuse

The dark web is the equivalent of the group chat where e-commerce retailers know they’re being talked about but definitely aren’t included. With endless information existing on how to abuse retailer terms and conditions, steal personal data, and more, the dark web has fostered an environment where fraudsters feel comfortable expressing their views and freely exchanging information about their tactics.

Merchants are already experiencing a rise in more complex fraud and policy abuse that is eating into their margins — and these online forums are only exacerbating the problem. However, the dark web also provides an invaluable window into how fraudsters are thinking when it comes to policy abuse, which helps in combating their fraudulent behavior.

What Are Fraudsters Sharing on the Dark Web?

Dark web forums are offering guides and tools that make online fraud and policy abuse more accessible than ever, even without a technical skill set. This includes specific products to target, DIY fraud toolkits to purchase, and advice on how to trick returns processes and fraudulently file a chargeback. As policy abuse manifests in various forms — e.g., promo, reseller, returns, and refunds abuse — having readily available information on how to take advantage of each type makes committing this fraud far too easy for bad actors.

Conversations on the dark web also reveal that fraudsters don’t believe they're doing anything wrong when they commit policy abuse. In fact, they often consider acts of policy abuse as points of pride. Common statements found on the dark web include: “These big corporations have it coming,” “We are a modern-day Robin Hood,” or even highlighting their “respect for [policy abuse] artists who get paid for their work.”

But the pain these fraudsters pose to merchants is significant. We’ve found that merchants invest up to 25 percent of their overall revenue in fighting policy-related abuse, and refund abuse is among the costliest forms.

Fraudsters are also actively sharing tips on how to best commit social engineering to claim a refund while keeping possession of the good(s) purchased, either for personal use or to resell. On the dark web, fraudsters can learn how to model legitimate behavior and stay below the fraud detection radar, including working from mature accounts, alternating fraud methods, and allowing time between claims to avoid suspicion. There’s even insight into which merchants are easier to target than others and the most lenient with their policies.

Which Types of Policy Abuse Are Discussed the Most on the Dark Web?

The two most common scams we see discussed and acted on are the Item Not Received (INR) and the Fake Tracking ID (FTID) methods.

The INR method, or returns abuse, is one of the most popular methods because it’s simple and convenient. INR abuse occurs when a bad actor falsely claims that a package never arrived or was stolen upon delivery. They then request a full refund, which puts merchants in a difficult position as they don’t want to upset or add additional friction to the experience of good customers.

Despite countermeasures like signature requirements and GPS tracking, fraudsters have found ways to bypass these safeguards and proceed to share these findings on the dark web.

Similarly, FTID fraud involves altering return postage labels and returning an empty or junk-filled package instead of the actual item for which the refund was requested to remove any information linking the package to the customer. The return center is then unable to connect the package to the bad actor, and since the return tracking shows that the package reached the return center, the fraudster is automatically entitled to a refund.

To combat FTID, couriers have started measuring the weight of the package to confirm that it matches that of the product purchased. But fraudsters have easily countered this by ensuring their spoof return weighs the right amount, and the dark web is full of product weight comparisons — for example, did you know a box of matches weighs about the same as AirPods?

How Can Merchants Protect Against Bad Actors in the Digital Age?

The bad news is that as long as fraudsters have the dark web to share and hone their fraudulent behavior, new forms of e-commerce fraud and policy abuse will continue to surface. Implementing stricter policies, like paid-for returns, is just a stop-gap solution. Fraudsters will always find a workaround, while these harsher policies only hurt legitimate customers, pushing them towards competitors.

The good news is there's something merchants can be doing today to keep up with this complex, ever-evolving challenge without compromising customer experience. Monitoring what fraudsters are saying online and examining dozens of attributes, ranging from keyboard language to product type, merchants can triangulate signals, see relationships among shady transactions, and identify who is behind abusive transactions and what level of risk they pose. Enabling risk assessments to be run in real time with advanced artificial intelligence-driven identity resolution, merchants are increasingly able to analyze account and transaction data to understand where each instance of abuse originates and then tailor the customer experience and policy decisions accordingly.

And when merchants are proactive and harness AI to its full potential, they can be more efficient and accurate, and identify suspicious behaviors before scammers take hold. Crucially, in today’s difficult economic landscape, battling policy abuse effectively is vital to upholding trust and brand integrity.

Yael Hemo is a data analyst with Riskified, an e-commerce fraud protection solution for merchants.