How to Make Cyber Monday Free From Fraud
Cyber Monday is the online version of a complement to Black Friday that debuted in the US in 2005. It was initiated to encourage online shopping on the Monday after Thanksgiving. Since its inception, Cyber Monday has grown into a mega annual shopping carnival breaking sales records every year – with fraud following closely
Digital being the norm currently, it will benefit the Cyber Monday sales. Cyber Monday will likely break records this year by surpassing the sales figures of $10.8 billion dollars in 2020. The eCommerce transactions on Cyber Monday this year are expected to breach the $11.8 billion mark.
Social media platforms will continue to drive online sales. Last year, social media platforms contributed nearly 10% of customer visits to retail websites during the Thanksgiving weekend. This trend is likely to become stronger this year. Another trend that is likely to remain strong is that of BOPIS (buy online pick-up in-store) to facilitate contactless pick-up.
All these measures put together will make online shopping convenient for consumers, who are likely to shop in record numbers this year too. This is great news for retailers who can look forward to expanding their businesses and revenues. This also means fraudsters will have ample opportunities to exploit the increase in digital traffic.
Common Fraud Tactics
Peak traffic periods are opportune times for fraudsters to blend in with good users and gain entry into business networks. Using automation, they can scale up their attacks to gain more profits. For instance, they can score discounts and deals much faster than genuine users to sell them at a premium price later. They can hoard inventories to deprive good users of a chance to buy discounted goods and force them to spend more or switch over to competing retailers. This causes loss of revenue and customer churn for the afflicted retailer.
Some of the common types of fraud fraudsters engage in during the holiday season include:
- Identity fraud: In addition to a wealth of consumers’ personal information – names, email addresses, phone numbers, credit card numbers, and social security numbers (SSNs) – fraudsters also possess information about their bank accounts, funds therein, payment history, loyalty points, saved passwords, and so forth. This means fraudsters can launch a myriad of fraud including payment fraud, synthetic fraud, account takeover, new account registration, money laundering, inventory hoarding, among others.
- New Account Registration: In their efforts to expand their customer base, retailers often use lenient verification methods. Fraudsters use stolen and synthetic customer details to create numerous fake accounts, which they use to abuse businesses.
- Account Takeover: Fraudsters hack into genuine customer accounts and use them to shop for expensive or limited-edition items that can be resold later at a premium. They also abuse the saved payment information to buy multiple items and redeem the points for the next purchases without raising suspicion.
- Payment Fraud: Card not present (CNP) is the most common type of payment fraud where fraudsters use stolen credit card details to purchase expensive items. Merchants lose money in the form of chargebacks when consumers discover the fraud and dispute the transaction.
- Gift Card Fraud: Although gift cards have low dollar values associated with them when abused at scale, the cumulative returns are massive. Furthermore, gift cards are easy to monetize with remote chances of detection, which makes gift cards attractive to fraudsters.
- BOPIS: Again, a CNP transaction where fraudsters can use stolen credit card details to buy products online and request in-store pick-up. With fake or stolen identity proofs, fraudsters can clear the in-store verification processes themselves or use delegates to pick up the products before the fraud is detected.
- BORIS: Fraudsters use the products and return them at stores within the specified return period. A common BORIS fraud type is ‘wardrobing’ where fraudsters buy expensive apparel, wear them for an occasion or two and return it for cash at the store. Retailers lose revenues as the returned items cannot be sold again.
- Inventory Hoarding: Fraudsters deploy bots to hoard the inventory, which prevents genuine consumers from accessing the limited-edition items. Consumers are forced to buy items from competitors, causing revenue losses to the business.
- Fake Reviews: Consumers increasingly base their purchase decisions on online reviews and ratings of the products. Fraudsters can tarnish the image of a retailer by posting damaging reviews that can cause losses to retailers.
- Spam: Fraudsters abuse the online messaging systems of the retailers to disseminate spam to the entire customer base and phish out verified consumer details, which can be used to fuel numerous crimes.
Ignorance Abets Fraud
Fraudsters get assistance in their attacks from businesses and consumers themselves – many businesses fail to change the default passwords on the devices they use whereas most consumers reuse and recycle passwords across digital accounts. Subpar fraud detection mechanisms also make it easy for attackers to succeed in their fraud attempts. For instance, CAPTCHAs fail in bot detection, but add unnecessary friction for good users. Similarly, purely data-driven solutions end up confusing fraud defense teams as corrupt digital identities and evolving consumer behaviors have rendered signals unreliable.
Fraudsters are a tech-savvy opponent who have studied the commonly deployed fraud solutions across industries. They also know that peak traffic periods are particularly challenging for online retailers who have little to no time to authenticate users. Online retailers often relax authentication norms to make the onboarding process simpler in order to attract more customers.
Using this knowledge, fraudsters use bots, human click farms, or a combination of both, to circumvent the defenses. The Availability of commoditized tools and bots with human-like capabilities further enables fraudsters to reduce investments and increase ‘profits’ from their attacks. However, these activities leave user experience disrupted and frustrated, who may lose trust in the business, causing damage to brand equity.
It is, therefore, in the interest of the retailers to proactively stop fraud as it can help protect business and customer interests.
Fight Fraud Keeping User Experience Front and Center on this Cyber Monday
Online retailers cannot afford to trade off user experience for fraud defense or vice versa. They need a solution that not only fights fraud effectively but also keeps user experience at the forefront.
Arkose Labs understands this dilemma and offers a solution that goes beyond fraud detection to enable fraud deterrence. As a first step, the Arkose Labs platform shifts the attack surface to its own network, which protects the business network from the onslaught of fraud attempts. Instead of blocking any incoming user – which may potentially be a revenue-generating prospect – the platform presents 3D challenges to users based on their real-time risk assessment. Good users sail through, often even unchallenged; whereas automated attacks – bots and automated scripts – fail instantly.
To stop persistent malicious human actors, the enforcement challenges increase in volume and complexity. This wastes the attackers’ time, effort, and resources. Clearing the challenges at scale needs attackers to invest more time and resources. This makes the attack so costly that attackers are forced to abandon the attack and move on.
Cyber Monday is an important commercial period of the year and eCommerce players must focus their attention on expanding business and revenues. Arkose Labs helps global eCommerce players fight evolving fraud with confidence while maintaining a superlative user experience. To learn how, please book a demo now.
*** This is a Security Bloggers Network syndicated blog from Arkose Labs authored by Vanita Pandey. Read the original post at: https://www.arkoselabs.com/blog/how-to-make-cyber-monday-free-from-fraud/