A Thing
The Green SheetGreen Sheet

Friday, April 21, 2017

Experian study finds increased ecommerce fraud

A new study by Experian Information Solutions Inc. found a 33 percent increase in ecommerce fraud in 2016, compared with the previous year. The findings were consistent with Experian's forecasts and not surprising to security analysts.

Analyzing millions of ecommerce transactions, researchers concluded certain geographical regions were hot spots for cybercriminals. Miami, Houston, and South El Monte, Calif., earned the dubious distinction of being top-ranked cities for fraud. The states with the highest concentration of billing and shipping fraud were Delaware, Oregon and Florida, company representatives stated. They also attributed a record number of data breaches in 2016 to vulnerabilities in security infrastructures.

"There were 1,093 data breaches last year, a 40 percent increase from 2015, according to the Identity Theft Resource Center," Experian stated. "The recent Federal Trade Commission (FTC) 2016 Consumer Sentinel Network Data Book announced a jump in consumers who reported that their stolen data was used for credit card fraud, from 16 percent in 2015 to more than 32 percent in 2016. The record number of data breaches is a signal that future fraudulent activities will take place."

EMV pushes fraud online

Payment analysts anticipated the U.S. EMV (Europay, Mastercard and Visa) migration would push fraudsters to ecommerce, which was the case in other regions that previously achieved widespread EMV adoption. Experian found evidence that fraudsters who trafficked in counterfeit POS fraud have, indeed, shifted focus to digital channels. Experian expects more thieves to follow suit.

"Criminals rob banks because that's where the money is," said Monica Eaton-Cardone, Chief Operations Officer and co-founder at Chargebacks911. "It's the same thing for fraudsters, hackers and career criminals; they are all seeking the quickest possible path to someone else's money, and the widespread usage of EMV is driving them online."

Eaton-Cardone said ecommerce fraud skyrocketed by 80 to 100 percent in Australia, Canada and the United Kingdom during early-stage EMV adoption. "Predictably, the same trend lines are now taking root in the United States," she said. "What we've learned is criminals don't abandon their desire to commit crime, but they do modify their behavior. Online merchants and e-stores would be wise to modify their behavior, as well, because the threat of cyber fraud is rapidly rising."

Evolving threat landscape

Fraudsters' resourcefulness and creativity is reflected in the sophisticated ways in which packages are rerouted. They reportedly use re-shippers or shipping "mules," freight forwarders, and international ports and airports where fraudulent order can be picked up and quickly dispatched to final destinations. "From a shipping perspective, 10 states saw at least a 100 percent increase in fraudulent orders, having a significant impact on the overall population attack rate," Experian stated.

Eaton-Cardone added, "Every single link in the transactional chain has vulnerabilities that can be exploited. Merchants must relentlessly and methodically examine and strengthen each individual link in their transactional chain until it's no longer a tempting target for fraudsters and criminals to exploit.

Eaton-Cardone said payment acquirers can also play an important role because they have a vested interest in helping merchants avoid exposure to fraud. Without a magic bullet or one-size-fits-all solution, payments industry stakeholders must remain vigilant in this ongoing game of cat-and-mouse, and merchants should consider working with a third-party expert consultant when necessary, she noted.

"Fighting fraud requires a specialized knowledge of proactive tactics and preventive options," Eaton-Cardone said. "But the absolute worst thing you can do is ignore the problem because that incentivizes more attacks. Once the criminals smell blood in the water, you're in real trouble."

Current, future trends

Experian researchers warned that 2017 is perpetuating the same accelerating fraud trends, with a 56 percent increase in reported data breaches year-to-date, compared with the same period in 2016. "Our annual fraud attack rate data brings to light the increase of e-commerce attacks over the last year across the U.S.," the company's researchers stated. "This latest data is a strong indicator that other types of fraud have already occurred and can help businesses understand how to better protect themselves and their customers."

Eaton-Cardone said the U.S. chargeback issuance rate is 240 percent higher than in Japan or China, a disadvantage for American merchants. "Chargeback fraud, also called friendly fraud, costs online merchants over $40 billion annually, and the problem is growing by 20 percent each year," she said. "Friendly fraud is considerably different than criminal fraud; the same fraud filters that shield you from criminal fraud are largely ineffective at stopping chargebacks."

We're on the front lines in the war against chargeback fraud, she added, and clearly, the threat-level is rising. "If you sell a product or service online, you need to protect yourself," she stated. "This is no longer an option, but a business necessity." end of article

Editor's Note:

The Green Sheet Inc. is now a proud affiliate of Bankcard Life, a premier community that provides industry-leading training and resources for payment professionals. Click here for more information.

Notice to readers: These are archived articles. Contact names or information may be out of date. We regret any inconvenience.

2022 2021 2020 2019 2018 2017 2016 2015 2014 2013 2012 2011 2010 2009 2008 2007
A Thing