eCommerce Fraud: How Fraudsters Use the Dark Web To ‘Warm Up the Shop’ and Fool Rules-Based Anti-Fraud Systems

Fraud

Attack Types

Dark Web

Mateusz Chrobok -- Nethone

Jun 22, 2022

Webinars

With e-Commerce booming, merchants are increasingly turning to fraud intelligence companies to prevent fraudsters impacting their growth. While it’s true anti-fraud systems are becoming more sophisticated at detecting fraudsters - rules-based systems can be fooled. With all the tools and knowledge available on the dark web, even mid-level fraudsters can bypass security measures. All they need to do is mimic original account holders of stolen accounts and credit card details in a process called ‘warming up the shop’.

It all sounds too easy. And it can be. With stolen credit card details, e-Commerce accounts and the tools needed to attempt account takeovers (malware etc.) readily available for purchase on dark web marketplaces, half the work of the fraudster is already accomplished. Aside from patience, some additional tools to spoof digital fingerprints (unique identifiers of a user’s device setup, IP address, geo location etc.) and even legitimate browser cookie sessions are all available to buy online. One of the main tools used are anti-detect browsers, a fraudster tool resembling a regular internet browser, but packed with features to mask a user’s true identity and location, mimicking a regular user’s browsing session.

We aim to present to you how the process of ‘warming up the shop’ looks from start to finish, showing you some of the fraud tools available on the dark web to aid fraud attempts - you’ll be surprised how sleek and professional they appear, even giving legitimate companies' marketing campaigns a run for their money!

Imitation is never perfect. The perfect solution to prevent a successful ‘warm up’ attempt comes in the form of truly knowing your users (KYU) and understanding their interactions and behaviors. Advanced fraud solutions powered by machine learning models can effectively weed out fraudsters before they’ve had a chance to warm up. Join us to discover how.

Learning Objectives:

To understand the long process of fraudsters ‘warming up the shop’ to bypass rules-based anti-fraud systems by acting as naturally as a regular customer as possible.
Be aware of the tools and knowledge available on the dark web that allow fraudsters to fool rule-based fraud systems.
How KYU Advanced fraud solutions powered by machine learning (ML) models can help you understand every user behavior and interaction - and prevent fraud from happening.

Some content is hidden, to be able to see it login here Login

Tagged:

Blue-tinted background of a man watching a webinar

Host a Webinar with the MRC

Help the MRC community stay current on relevant fraud, payments, and law enforcement topics.

Submit a Request

Publish Your Document with the MRC

Feature your case studies, surveys, and whitepapers in the MRC Resource Center.

Submit Your Document

Related Resources

Jun 26, 2024

A Holistic Framework for Managing Generative AI Fraud, Presented by Persona It’s easy to feel paralyzed by generative AI, as if it’s creating new attacks that are impossible to proactively address. Generally speaking, however, this isn’t true — sophisticated fraudsters who can bypass the best automated models and most seasoned fraud analysts have always existed. It’s just the multiple ways a wider variety of bad actors can evade detection that’s changing the game.

Jun 19, 2024

Insights From the LexisNexis® Risk Solutions True Cost of Fraud™ Study – Ecommerce & Retail Edition To protect more legitimate transactions while keeping ahead of emerging retail and ecommerce fraud trends, merchants need to understand how industry peers are balancing customer experience with fraud prevention. Attend this webinar to access insights from over 350 risk and fraud executives in retail and ecommerce companies in the U.S. and Canada, aggregated in the latest LexisNexis® True Cost of Fraud™ study of North American merchants.

May 22, 2024

The Power of Fresh Data: A Fraud Fighter's Guide to Honeypots, Presented by IPQS In this webinar presentation, we'll explore applications of honeypots, traditionally associated with cybersecurity, in the realm of fraud prevention. The focus will be on addressing the rising challenges posed by malicious bot attacks, account takeovers, transaction fraud, and other abuse. The need for fresh and discerning data to distinguish between legitimate users and fraudsters is more critical than ever, especially with the proliferation of spoofing, residential proxies, and easily accessible fraud toolkits fueling attacks on websites.

Sep 13, 2023

Optimizing Fraud Capture in a Digital Environment The key is connecting consumers’ digital information to their devices, understanding device risk and identifying signals of fraudulent behavior.

Apr 24, 2024

2024 Global eCommerce Payments & Fraud Report The annual survey, produced by MRC in partnership Visa Acceptance Solutions, will deliver data-driven insights into today's most pressing issues. We will be joined on stage by top merchants, for added insight into how global fraud and payments trends are playing out in Europe.

Apr 24, 2024

Emerging Markets in Africa, Asia, and Latin America Emerging Markets in Africa, Asia, and Latin America" features insights from Boku, eShopWorld, and dLocal industry leaders.

Apr 24, 2024

The Forgotten Half of ATO: Digitizing Account Recovery During account takeovers, there are two timelines teams work to optimize — time to stop the fraudster from causing more damage and time to reinstate the account to its rightful owner.

Apr 24, 2024

Dragging Legacy Into the Future All businesses, unless brand new, have some legacy in their payment stacks, and for those who are moving from physical to digital, this legacy can lead to decisions that can restrict the choices around the way consumers like to pay.

Dec 05, 2023

DataDome - 2023 U.S. Bot Security Report DataDome's new study finds that a staggering 68% of US websites are unprotected against simple bot attacks, highlighting how vulnerable US businesses are to automated online threats. E-commerce sites are particularly exposed.

Aug 11, 2023

2023 UK Bot Security Report 2 in 3 UK Websites Are Unprotected Against Simple Bot Attacks.

Dec 05, 2022

2022 Southeast Asia Digital Commerce Insights While the region’s recovery after a turbulent period is well underway, businesses now find themselves in a more complex environment. How nimble and flexible is your business in adopting new payments to stay on top of market shifts and fraud risks? See how you compare.

May 17, 2022

2022 MRC Global Fraud and Payments Survey This illuminating report, produced by the Merchant Risk Council, Cybersource and Verifi, provides the latest industry fraud trends, fraud management methods, and payment strategies used by merchants globally, along with a robust set of performance benchmarks that can help with the optimization of payments and fraud management and prevention practices.

Apr 17, 2024

Cyber-Fraud Fusion: The Future of AI Fraud Prevention? AI tooling has fundamentally changed the threat landscape, with attacks becoming faster, cheaper and more effective.

Apr 10, 2024

Promotion Abuse Exposed: Protecting Gig Economy and Delivery Platforms Promotion abuse has become a major threat to delivery and gig economy platforms.

Apr 03, 2024

Battling Bots: A Pragmatic, Proactive Approach to Fighting Fraud With bot attacks more prevalent than ever, and increasingly a common path to online fraud, merchants are under fire to protect their online platforms.

Mar 20, 2024

Mastering the Fraud Ecosystem: Your Blueprint for Unbreakable Security In this webinar, we will delve into the intricate ecosystem of fraud, providing invaluable insights and practical solutions to keep your business safeguarded against fraudulent activities.

Mar 27, 2024

LexisNexis® Risk Solutions True Cost of Fraud™ Study: Ecommerce and Retail Report Digitalization continues to transform the industry. One-fifth of transaction volume occurred via digital payments methods such as digital wallets, payment apps, Buy Now Pay Later (BNPL) schemes and cryptocurrency. Digital transactions drive over half of revenue.

Feb 13, 2024

DataDome 2024 EMEA Bot Security Report Bot protection is the foundation of online fraud prevention. With the proliferation of bots and their potential to cause financial losses and reputational damage, it is crucial for website owners to defend themselves against automated threats. Yet our recent analysis of 4950+ EMEA websites found that a significant majority of EMEA-based digital businesses are inadequately protected against simple bot attacks.

Dec 13, 2023

Payment Methods Report 2023: Should Merchants Accept Crypto Payments? Looking Towards 2024 and Pros & Cons In The Paypers Payments Methods Report 2023, Tracy Kobeda Brown, VP of Programs and Technology at the Merchant Risk Council, extensively explores the realm of cryptocurrency adoption. The report, titled "Should Merchants Accept Crypto Payments? Looking Towards 2024 and Pros & Cons," explores the advantages of cryptocurrency, such as swift transactions and reduced fees that align with consumer preferences. However, it does not sidestep the challenges, encompassing factors like market volatility, regulatory uncertainties, and conventional fraud risks. Brown provides an insightful guide, urging merchants to meticulously consider these factors in the ever-evolving landscape of payment technologies.

Dec 07, 2023

The Paypers Fraud Prevention in Ecommerce Report 2023-2024 The Paypers 2023-2024 Fraud Prevention in Ecommerce Report explores the escalating global ecommerce market post-pandemic, emphasizing the rising threat of online fraud.

View All Resources

X

Cookies help us improve your website experience.
By using our website, you agree to our use of cookies.

Confirm