No Rest for the Wicked:

Cybercriminals don’t take holidays

January 13, 2021

This week we dive into a commentary by Andrea Montero (Director of Product Management at Forter) on the ways fraudsters have taken note of the changes in consumers’ behavior and how they exploit the newfound vulnerabilities they have found in the boom of online shopping since the COVID-19 pandemic started.

Merchants Should be Prepared for the Holidays

While the holidays may seem far off, if your current fraud-prevention solution can’t handle the four items listed below well or at all, you should start upgrading your systems now, in time for the 2022 holiday season.

- Andrea Montero

The four items Andrea mentions in her list are accepting new users, offering same-day delivery and pickup, preventing account takeover, and identifying returns abuse.

Accepting New Users

As we have stated in previous blog posts on the topic, many online retailers lose customers because many systems have a hard time telling whether a new customer is indeed genuine, therefore giving way to something called a “false decline”, this is in part due to a lack of data and limited visibility into customer identities.

Wrongly declining new users gives way to them turning to other shops or systems, resulting in the loss of a new customer. According to Andrea, “[retailers] need to ensure their system has access to a larger external network of identity data so that it can distinguish between new legitimate users and fraudsters.”

Same-day Delivery and Pickup

In this day and age there is nothing more attractive to a prospective new customer than offering them same-day delivery or BOPIS (buy online, pickup in store) especially during the holidays, which historically are the times people make last-hour purchases the most. According to Andrea, stores that offered convenient services like BOPIS saw their sales rise 49% on average over 2019, while stores that didn’t offer these options saw about a 28% rise.

Achieving this is not possible with systems that rely on manual reviews, as they are too slow to offer such a service, therefore an automated fraud-prevention solution is imperative.

Preventing Account Takeover

Online shopping is an amazing and convenient way to do business; but it does come with its own set of problems. Account takeovers (ATO for short) are a big part of the issue. Fraudsters target customers’ accounts through phishing attacks and the dark Web marketplaces, where they are able to purchase the information of several accounts and completely take them over. 

Unfortunately for retailers, once the information of a customer is vulnerated, they no longer feel safe making use of their services, therefore a fraud-prevention solution that can block ATO attacks that can detect when an account has been compromised is a must. According to Andrea, hopefully the solution will be swift, as once an account has been taken over, 40% of the fraudulent activities will happen within 24 hours.

Identifying Returns Abuse

Flexible return options are expected of merchants, customers are very attracted to those businesses that make it easy to return a product after purchase, especially when buying gifts. However, there are those who abuse return policies, “the holidays bring out policy abusers and fraudsters. In 2020, fraudulent holiday returns to U.S. merchants totaled about $10.2 billion.”

Legacy fraud prevention can help with basic returns abuse, however, it can be blind to fraudsters who buy online and return in-store. Not only does a solution need to focus on ecommerce channels, but also physical in-store fraud. If retailers want to be covered, they need to seek a solution that enforces their return policy across all purchases.

In conclusion, merchants need to familiarize themselves with the systems they use and their limitations. Even if fraudsters don’t take days off, merchants can actively look for solutions that will help prevent loss of revenue and business as a result of cybercrime.

Want to learn more? Check out Andrea’s full commentary here.

As a merchant, how are you preparing for the holidays? share your thoughts on our LinkedIn page.

UK: businesses’ compliance capabilities are worryingly below par

March 22, 2023

UK: businesses’ compliance capabilities are worryingly below par March 22, 2023 Quod Orbis,  leaders in Continuous Controls Monitoring (CCM) and cyber security services, recently released …

Read More →

American SMBs redirect $225Billion to third-party providers

March 15, 2023

American SMBs redirect $225Billion to third-party providers March 15, 2023 A recently published whitepaper from BankiFi and RedCompass Labs unveiled American small and medium businesses …

Read More →

Financial Organizations in the UK Spend £22k per Hour in the Fight Against Fraud.

March 8, 2023

Financial Organizations in the UK Spend £22k per Hour in the Fight Against Fraud. March 7, 2023 In your daily life, have you ever wondered …

Read More →
Scroll to Top