One of the most watched holiday season specials is the cartoon adaptation of Dr. Seuss’ “The Grinch Who Stole Christmas.” While the Grinch that steals from the “Who’s in Whoville” is a figment of literature that eventually sees the error of his ways, the Grinch that impacts retailers — fraudsters — is very real, and their taste for thievery grows significantly every year, especially during holiday peak season.
According to global consumer and business credit reporting leader Experian, e-Commerce fraud increased to 33% in 2016 compared to 2015. Much of this fraud originated from the 1,093 data breaches that occurred in 2016 — up 40% over 2015, according to the Identity Theft Resource Center (ITRC). Predictions for 2017 are for an even higher rate of fraud, based on ITRC’s report that 791 breaches took place in the first half of the year, which set a very dubious half-year record.
These figures leave little doubt that e-Commerce fraud has become big business, and its practitioners are becoming more sophisticated, tenacious and dangerous. Moreover, those committing fraud grow more savvy each year. By staying a step ahead of systems meant to thwart their efforts, they are in a position to commit even more fraud acts than they did a year ago.
Advertisement
What this amounts to is the equivalent of climate change in the fraud world. Retailers need to recognize this and accept that they are not immune to it. Furthermore, assuming that fraudsters will go away after a single attack is akin to an ostrich burying its head in the sand; every prevented attack on the retailer’s end is a lesson for the fraudster en route to a future, successful attack.
As a retailer, you need to realize you can use all the help you can get to counter fraud attacks. Taking the steps necessary to stop fraud while maximizing positive payment approvals, is difficult, if not impossible, to handle in-house.
Here are a couple of examples that illustrate what you’re up against:
Scripts
Scripts are velocity-based attacks that digitally deliver thousands of fraudulent orders in less than a minute. This kind of attack overwhelms manual fraud detection and ties up product inventories, leading to loss of legitimate customers due to out-of-stocks. In addition, criminals turn around and sell your products — obtained fraudulently, at no cost — cheaper than you can possibly sell them, which undercuts you. Some may even be clever enough to ship to their customers using your delivery system, which eliminates the shipping issues for their “businesses,” and leaves you with the bill. Normally, blocking an IP address would be an effective way to shut down an emerging, velocity-based attack, but clever fraudsters spin up new IP addresses for each attack, rendering network-based safeguards ineffective.
Fraudulent Gift Cards
There is nothing more attractive to a criminal than a digital attack that provides speed and anonymity. While criminals can carry out attacks in a variety of ways, digital gift cards are increasingly their most popular choice. Unlike physical merchandise, digital gift cards do not carry an inventory restriction in most cases. Fraudsters can purchase them in virtually unlimited quantities, giving them immediate access to stolen funds, which they can use or resell quickly. However, digital gift cards are also an extremely popular choice for loyal and legitimate customers, making them a must-have option for merchants. That’s why this type of attack is particularly popular among fraudsters during the holiday season.
With “good” customers buying gift cards en masse just before the holidays, fraudsters use this volume to blend in, making it very difficult to detect them. While fraudulent digital gift cards get used most frequently after December 25, that’s too late for a retailer to catch the perpetrators — the fraud has already occurred weeks earlier.
Unfortunately, you can’t always know what fraudsters will do. Unlike inventory, fulfillment and labor needs, fraud is the “un-anticipatable unknown.” It is driven not by market forces or other impersonal events, but rather by actual people who are plotting against you with the intent to inflict harm on your business.
During peak season, more than any other time of the year, you need to have a team not only blocking current fraud attempts, but also detecting new fraud trends and proactively blocking them before they impact your business. You need a fraud partner that’s a cutting-edge expert with the technology, processes and people to completely manage your fraud protection, while guaranteeing your fraud liability is zero.
KC Fox has more than 20 years of experience in payments and fraud with both Fortune 500 and startup brands. Fox is currently the Head of Payments, Tax and Fraud at Radial where his team is responsible for leading more than 200 retailers to increased revenue and customer loyalty with its comprehensive payment and fraud solutions. He oversees Radial’s state-of-the-art fraud lab, which takes 100% of the liability and fraud risk on for all its customers. Formerly, he held numerous leadership roles at PayPal and eBay. At PayPal, Fox oversaw the company’s developer platform, advancing the way PayPal integrated with partnering platforms and solutions.
