Businesses can preserve customer trust and revenues on Cyber Monday, the busiest online shopping day of the year, by striking at the root of fraud
Not only is the volume of online transactions increasing every year, but the average transaction dollar-value is also increasing year-over-year during the annual Cyber Monday sales. Consumers have numerous deals to choose from and can shop conveniently regardless of their geographical location or device type. For businesses, it is the busiest time of the year when the most money flows through the system. And for fraudsters, it's an opportune time to sneak in with the genuine traffic to 'gift' themselves goodies at the expense of consumers and businesses.
Spike in Malicious Transactions
While consumers are looking around for the best deals, fraudsters are preparing to take advantage of credit card details bought off the dark web, stolen payment data, validating stolen credentials, creating fake accounts, putting up fake web-stores, processing fake coupons, and readying bots to attack at scale. Although the modus operandi or the types of fraud remain more-or-less the same as during the rest of the year, it is the timing and scale of attacks that make Cyber Monday so challenging for businesses.
Fraudsters leverage high consumer interaction with social media platforms to lure victims looking to snag discounted deals. Fraudsters use bots to create fake new accounts—which according to Arkose Labs Q4 Fraud Report amounts to 70% of new account creation—and use them to post enticing ads that promise massive discounts and are usually accompanied with hashtags #blackfriday and #cybermonday. These ads either exploit the FOMO (fear of missing out) mindset to entice people into paying up instantly or redirect to a fake website created by scraping images of a popular shopping site.
Skimming is one of the top threats this Cyber Monday with FBI and US-CERT releasing a warning about it. Card skimming can be particularly devastating for businesses as in such cases, retailers are held liable for fraudulent charges on a consumer's card for CNP purchases.
Denial of Service
Online retailers are at a greater risk of denial of service attacks on Cyber Monday as fraudsters are aware that retailers cannot afford such an attack during the busiest commercial period of the year and will pay any ransom to ensure smooth sailing. Ransomware and other malware are in greater circulation during this time of the year and can cause a big headache for businesses.
Consumers are increasingly leaning toward mobile devices for shopping. Fraudsters are following suit and are adapting to the changing consumer behavior. They are increasingly using bots, sweatshops, and click-farms—again mostly from developing economies—to exploit stolen customer credentials, which is resulting in a proportionate increase in fraud from mobile devices—especially when the online traffic is high. As per Arkose Labs Q4 report, mobile share of transactions grew 20% compared to the previous quarter with every third transaction originating from mobile devices, which is expected to rise further during Cyber Monday sales.
Fraudsters take identity fraud to a new level during such high-activity days. They use a compromised account or stolen credit card details to shop for desirable items such as mobile phones, tablets, and cameras, that can be quickly resold for cash. As soon as the item gets delivered at the victim's address, they visit the victim and collect the item on the pretext that the item got delivered at the victim's address in error. This doesn't raise suspicion at the merchant's end as it's a genuine customer account with a valid digital identity and the consumer doesn't realize that his details have been used for fraud.
Fraud-prevention: The need for a long-term approach
Businesses are at greater risk this time of year due to the dramatic increase in malicious attacks during Cyber Monday sales. Apart from financial losses, businesses risk long-lasting damage to reputation and customer churn, should they fall victim to fraud. Businesses must, therefore, look for a long-term approach to fraud-prevention that makes them resilient to evolving fraud tactics and helps genuine consumers continue to shop without unnecessary friction.
Arkose Labs helps global businesses root out fraud by breaking the fraud business model. To learn more, schedule a demo now.