Refund Fraud: Why 2021 Is the Perfect Storm

Member News
Friendly Fraud
Uri Arad -- Identiq
Feb 19, 2021
If the 2008/2009 financial crisis brought our industry the term "friendly fraud" then 2021 will be bringing "refund fraud" into our fraud fighting vocabulary with a whole new potency. Once a minor nuisance from the occasional cheating customer, refund fraud is erupting into an efficient industry powered by professional fraudsters and their deep knowledge of merchants' systems and procedures.

At the same time, the background of the pandemic provides good cover, great motivation, and even technical support to take refund fraud from growing to exploding. 2021 is, in short, a perfect storm for refund fraud.

The Industrialization of Refund Fraud

Industry expert Karisse Hendrick talks about what is happening to refund fraud right now as a process of "industrialization" and it is easy to see what she means. Of course merchants have been dealing with refund abuse for years, but it is only recently that professional fraudsters have moved in en masse to take it to a whole new and very fraudulent level.

The frightening thing, from my perspective as a fraud fighter, is that it is so simple -- and that this very simplicity makes it hard to identify.

A normal, otherwise respectable consumer (let's give them the benefit of the doubt) wants to make a purchase. Unfortunately, it is beyond their means. Instead of waiting for a sale or saving up, they find an alternative path, with the help of a professional fraudster they found on Telegram, Reddit, or even ordinary social media. (I was shocked by how easy these were to find.)

The fraudster tells them they can have the cake and eat it too. All they have to do is to go ahead and place the order, and to let them know once it arrives. They are to avoid signing for the package if possible -- and, if not, to use a fake name. The consumer follows instructions, and once the item arrives, they contact the fraudster, who takes over the case.

Refund fraudsters typically focus on particular merchants so they are absolutely au fait with every detail of the refund policies and processes. Many even know the individual support representatives who deal with refunds, and they know the scripts they use, and which steps to take to be most effective with each one.

The refund fraudster contacts the merchant to place a refund claim they know will be approved: the package never arrived, or was damaged, or was not what they had ordered. They (pretending to be the customer) want a refund.

If asked to return the package, they send a photo of the package or the shipping label. The package will be empty, or, if the merchant checks for weight, will have something heavy in there to match the precise weight of the item. Sometimes fraudsters even use packs of dry ice, which is heavy at the point of shipping but evaporated by the time the package arrives at the merchant warehouse, giving the illusion that the contents were stolen en route.

Retailers who only look at labels will be sent envelopes with appropriate labels on them; the label is entered into the system, but the envelope is assumed to be spam and is thrown away or recycled, destroying the evidence.

At the end of the day, the customer gets their refund, and also gets to keep the product. They pay the fraudster a percentage of the cost of the item -- somewhere 5% - 40%, though usually 15% - 30%. It is a bargain. You could even say it is a steal.

And as a fraud fighter, analyzing these cases, all you would see would be a known and probably trusted customers, or sometimes new but legitimate-looking customers, making perfectly ordinary purchases. It is not a returning fraudster. It is lots of normal customers, using their own legitimate details, devices, and behaviors. In reality, for many merchants these cases never even reach the fraud department, being earmarked as damaged or missing goods by the operational teams.

Fraudsters specializing in refund fraud have been seen in the wild for the last six or seven years, but mostly as an interesting curiosity. What happened to turn it into a serious threat?

Professional Refund Fraudsters, Meet Pandemic

COVID-19 has changed the nature of the refund fraud threat, just as it has changed so much else in our lives. Apart from anything else, of course, there is the sheer scale of eCommerce now that so much has moved online so quickly.

Many fraud teams are only just keeping on top of the challenge, particularly since a number of statistical tools were (and often are) less effective than usual at a time when things keep changing so quickly. It puts a lot of pressure on fraud teams to both provide a great customer experience and stop chargebacks during this stressful time. Add to that the fact that teams are in many cases working remotely, and the fact that catching refund fraud requires lots of communication between departments, and it is easy to see how the pandemic has provided fertile ground for refund fraudsters.

Beyond that, though, there are two new areas of vulnerability which have opened up as a direct result of the pandemic, and both are contributing to the growth of refund fraud by simply making it so much easier to carry out.

Delivery companies have had to adapt their procedures to a world where many consumers cannot come to the door, if they are in quarantine, protecting others, or shielding as high risk individuals or families themselves. Lots of delivery couriers no longer require anyone to answer the bell, much less sign for a package. That is great for good customers, but also makes life easy for refund fraud, because there is no proof of delivery.

Refund processes have changed in similar ways. Where once companies tended to be firm about the requirements for a refund, now many businesses are waiving the need for a box or label. Some, such as Amazon and Walmart, are even directing customers to keep the problematic item in preference to sending it back, because of the risks involved with the virus, as well as the logistical challenges involved. And where these giants lead, others follow.

Last but not least, COVID-19 has created many more customers who are willing to "bend the rules" just to get the product they desire, even if they have lost their source of income. These users are receptive to the fraudster offers, resulting in a steady flow of new users with a good history that the refunders can sell their services to.

One way and another, 2021 could not be a better situation for a professional refund fraudster and their clients. It is a perfect storm.

Collaboration as a Defense

The refund fraud hurricane could spell serious loss for a merchant. One customer is advised not to hit a specific merchant too often, but a refund fraudster can hit hundreds of times a week. It is very hard to catch, though, because the people completing the transactions are all different, and generally using their own legitimate information.

To combat this threat effectively, collaboration is essential. First, there is inter-departmental collaboration, with fraud teams working with customer support and perhaps delivery or returns departments as well.

Second, to handle the challenge that refunding consumers first hit one merchant and then another, fraud teams at different merchants should work together directly. Using Privacy Enhancing Computation (a Gartner top strategic trend of 2021), this can be done without sharing any personal user information, so competitive and privacy concerns need not arise. In that way, merchants can pool knowledge about which consumers are making a habit of refund fraud -- and act accordingly to protect their business.

Third, there are organizations such as the MRC, which are more important than ever. Fraud fighters need to be able to trace the scale of the problem across the industry to get a grip on it, bring awareness to upper management in their organization, and stay on top of new fraud attacks, as well as best practices and tools for dealing with this problem. Working together, merchants can act to stop refund fraud becoming the fraud legacy of the pandemic, and make sure that 2021 is not only the ideal setting for refund fraud -- it is also the year fraud fighters banded together to stop it.

About Uri

Uri Arad, Identiq's VP of Product, has been fighting fraud and fraudsters for more than a decade and has seen the fraud and identity challenge from diverse perspectives: product, risk, and R&D.

Before he co-founded Identiq to create the solution he had been dreaming of for years, he was the Head of Analytics and Research at PayPal's risk department. He has tremendous experience building cross-functional teams which use the latest technological developments to create innovative products that both reduce loss and improve customer experience.

Uri's expertise extends both to analyzing and meeting business needs and to an in-depth understanding of the technology that makes improvement possible.

Blue-tinted background of a man watching a webinar

Host a Webinar with the MRC

Help the MRC community stay current on relevant fraud, payments, and law enforcement topics.
Submit a Request

Publish Your Document with the MRC

Feature your case studies, surveys, and whitepapers in the MRC Resource Center.
Submit Your Document

Related Resources

Mar 08, 2023
First-Party Fraud: What It Is, and What It Isn’t

The fraud prevention industry is peppered with hundreds of vendors who mainly solve for third-party identity theft fraud. Some vendors branch out into synthetic fraud, including manipulated or fabricated identities, yet very few vendors tackle first-party fraud. First-party fraud is defined as the use of one’s own identity to open an account and use it to commit a dishonest act for personal or financial gain. It remains an elusive problem because there are no consumer victims in chargebacks, disputes, or overdraft fraud. Moreover, when it comes to the granular semantics of first-party fraud, different opinions start to clout the agreed-upon definition, making it difficult to classify, pinpoint, and ultimately combat these dishonest acts. 

Join this session to hear from industry experts about: Where do manipulated identity or rewards gaming abuse fall on the spectrum between first-party and synthetic fraud?  How do these categorizations differ by industry? In what ways do our assumptions around these semantics turn into ineffective proxies for first-party fraud?  How can we differentiate between a consumer’s intent to commit a dishonest act, versus a consumer who was manipulated into a dishonest act, versus a consumer making an honest mistake? 

The key is context. We need to understand a consumer’s act in context of other financial decisions they’ve made across various life stages, across different financial institutions, and across various economic environments. Behavioral anomalies across time and space will serve as better proxies in determining whether a consumer is a true first-party fraudster or whether new socio-economic conditions or happenstance interactions with malicious actors have resulted in a first-party-like occurrence. 

In order to achieve this level of context, a multi-industry data consortium is required. Consumer transactional behavior can then be analyzed across the financial ecosystem, over time, to correlate actions with true first-party fraud and to promote an ecosystem of trust.

There are no related Surveys

Cookies help us improve your website experience.
By using our website, you agree to our use of cookies.