Security & Fraud

The Rise Of Holiday Reshipping Fraud

Criminals get into the holiday spirit, too. For instance, they know how to talk in friendly, polite terms to overworked and often-frustrated customer service representatives — to gain such advantages as having purchased items redirected to their own addresses, rather than to the customers who supplied their payment information.

Such a scam promises to play a big role in retail’s fourth quarter, said Yinglian Xie, CEO and co-founder of DataVisor. In a new PYMNTS discussion, she and Karen Webster spoke about online fraud trends for the 2019 holiday season — and the prospect that the 2019 winter holidays will see the worst levels of online fraud ever.

 

“We are going to see another big year of fraud this holiday shopping season,” Xie told Webster.

Growth Factors

Part of the reason for that growth, of course, comes from the fact that, every year (and every holiday shopping season), more people use digital and mobile channels to buy retail products. However, that’s only a portion of the story. As PYMNTS research has documented, and as experts such as Xie know well, fraudsters continue to get better at their work, as well as use sophisticated technology and techniques to steal from legitimate consumers.

Reshipping fraud offers a timely example of that, and represents an upgrade in how criminals conduct their business — a warning for retailers and payment service providers hoping to stay abreast of current fraud trends.

As it turns out, traditional shipping fraud is relatively straightforward: Criminals simply have purchased items redirected to their own addresses, rather than to the customers who supplied their payment information. These consumers may have intentionally made their purchases, or simply had their data stolen.

Reshipping fraud is more complicated. The criminal first steals payment data from a legitimate consumer, and uses that information to purchase an expensive product. These bad actors then rope in unsuspecting assistants through job advertisements, promising work flexibility. These victims are told to accept shipments at their private addresses, repackage them then reship them to fraudsters at different addresses — often overseas.

“It’s becoming a factor” in online-enabled and holiday fraud, Xie said. “It actually happens quite frequently in this form.”

Arms Race

A few factors are involved in this apparent upswing with reshipping fraud, she noted.

First, as online and mobile commerce becomes more popular, more consumers are becoming comfortable with the delivery of expensive electronics, luxury items and other pricey goods via those channels. Not only that, but the holiday shopping season features seemingly endless promotions on a growing number of products, increasing the urge to spend more money on those delivered products. In addition, eCommerce operators continue to seek ways to reduce friction, which can lead to fewer fraud checks and detections. Customer service agents also tend to work long, busy hours during the holiday shopping season, which can make it easier for sweet-talking fraudsters to talk their way into theft.

“The time is well worth it to commit the crime,” Xie told PYMNTS, discussing the return on investment of, say, spending 20 minutes arranging the fraud versus the hundreds or even thousands of dollars that a single product or delivery can bring on the black market.

As Webster put it during the discussion: “It’s kind of easy to overwhelm customer service people to agree to something quickly if there is a nice person on the other end of the phone.” That is no dig against customer service people — rather, an observation of the stresses of retail in the fourth quarter of the year.

Retailers are not helpless, of course. However, staying abreast of fraud increasingly requires investments in machine learning, as well as other new and emerging technologies, which can better spot potential fraud without increasing false positives and other forms of friction that tend to scare away, or even alienate, legitimate customers.

“The attackers are always creating new methods of attacks,” Xie said, “and we don’t always act accordingly.”

Indeed, she said fraudsters are using similar data analysis techniques to those of retailers — including the same analysis that shows how people shop via different channels.

“They are actively doing the same things as well,” she said. “It’s an arms race.”

——————————

NEW PYMNTS DATA: HOW WE SHOP – SEPTEMBER 2020 

The How We Shop Report, a PYMNTS collaboration with PayPal, aims to understand how consumers of all ages and incomes are shifting to shopping and paying online in the midst of the COVID-19 pandemic. Our research builds on a series of studies conducted since March, surveying more than 16,000 consumers on how their shopping habits and payments preferences are changing as the crisis continues. This report focuses on our latest survey of 2,163 respondents and examines how their increased appetite for online commerce and digital touchless methods, such as QR codes, contactless cards and digital wallets, is poised to shape the post-pandemic economy.

TRENDING RIGHT NOW