By Jack M. Germain
Jul 9, 2020 10:44 AM PT
If you conducted e-commerce transactions since the pandemic struck, you have probably been the target, or even a victim, of online fraud.
Fraud prevention solutions firm Sift yesterday released a report focusing on a 109 percent increase in content abuse and growth of the fraud economy from January through May 2020.
The report, titled “Q2 2020 Digital Trust & Safety Index,” concludes that this increase is likely connected to the global disruption caused by the coronavirus pandemic. The study shows how fraudsters have used content to deceive and exploit consumers on e-commerce sites and within online communities.
Counterfeit content has played a role in e-commerce for as long as digital businesses have existed. Scams, spam, fake reviews, and misinformation have evolved in tandem with online shopping, discussion forums, and social networks, the report acknowledges.
Sift’s analysis of abuse types shows that most of this fraud is financially motivated. Scams make up 46.8 percent of the content abuse that Sift’s technology blocked.
One of the most jarring findings includes the discovery of a fraud ring based in Russia where criminals executed a credit and debit card testing scheme through fake listings on an e-commerce marketplace.
This increase in e-commerce fraud is representative of a concerning upward trend that both e-commerce providers and their customers must navigate, according to Hank Schless, Senior Manager, Security Solutions at Lookout.
“Malicious actors are taking advantage of an increasingly complex risk landscape, and now more than ever it’s important to evaluate and secure every potential risk vector across all channels,” he told the E-Commerce Times.
Pandemic Profitable for Fraudsters
The revelations come from Sift’s global network of 34,000 sites and apps. Researchers also surveyed over 1,000 consumers in June 2020. The report also details how content abuse is a critical part of the fraud supply chain, the interconnected ecosystem of fraud.
Findings show from January to May 2020 digital e-commerce (subscriptions, apps) was hit by fraud at an exceptionally high rate. In the first five months of 2020, fraud — scams, spams, and fake reviews — occurred 123 percent more than in all of 2019.
Coronavirus has affected virtually every business, and cybercrime is no different as it is a business — a big one, according to Brendan O’Connor, CEO and co-founder of AppOmni.
“It is estimated that global cybercrime revenues exceed US$1 trillion annually. In challenging times like these, businesses must adapt,” O’Connor told the E-Commerce Times.
Cybercriminals are capable of adapting quickly, and that is what they have done with coronavirus, he added. With people around the world staying home and maintaining social distance, there has been a huge increase in both remote work and e-commerce.
“It should come as no surprise to see malicious actors investing in attacks that target these trends,” he said.
Since the majority of the population has shifted to working from home, malicious actors have been taking advantage of a massive increase in remote shopping, banking, and work. Their job is to scam unsuspecting victims, O’Connor explained. Looking at e-commerce specifically, fraudsters can take advantage of both mobile and web channels to successfully carry out an attack.
The situation is growing on two fronts. Cloud storage for business and online shopping for consumers.
“As critical business operations and data move to the cloud at record speed, attackers are targeting cloud applications like never before. With consumers everywhere increasing the amount of shopping they do online, attackers have naturally gone after online shoppers with sophisticated fraud campaigns,” noted O’Connor.
These trends are unlikely to slow anytime soon, he observed. He predicts that we will continue to see more attacks targeting cloud applications for businesses and e-commerce sites for consumers.
On mobile, global phishing encounters increased 37 percent during the first quarter of 2020. Many of these were attempts to steal personal data as consumers adjusted to a new normal of shopping exclusively from the web via their mobile devices, added Schless.
“On web platforms, there’s been an increase in activities like Magecart that skim customers’ credit card data from the checkout page of a website by injecting malicious code into the page,” he offered as another form of online fraud separate from the Sift research.
Content Abuse Leads to Fraud Supply Chain
Content abuse is not merely a standalone threat but a type of cybercriminal behavior that acts as a springboard for, and a bridge between, account takeover and payment fraud, contributing to what Sift calls the “Fraud Supply Chain” in its report.
“Fraud doesn’t happen in a vacuum,” said Jason Tan, CEO of Sift. “Our latest report illustrates how cybercriminals use different attack vectors to steal from consumers and businesses, often through more complex ways than merely buying stolen credit cards to make large purchases.”
Merchants must adopt a digital trust and safety strategy to protect across the entire user journey. That will combat the fraud supply chain. In turn, it will also help them protect and grow revenue, Tan explained.
The fraud network involves three action patterns: Payment Fraud, Content Abuse, and Account Takeover.
Content abuse is a means to an end. Fraudsters use it to commit payment fraud.
They create a post, comment, email, or text message to disguise a malicious link or drive consumers to unsecured sites and media. The attack only works when people engage with that content and link by sharing it or by clicking on it themselves, the Sift report detailed.
That produces two calculated results. The first action widens the pool of potential victims. The other action directly impacts the person who clicked.
Cybercriminals make money by selling the data they steal on the Dark Web. The report describes this market as a “fraudster flea market” which is essentially an illicit mirror image of digital e-commerce.
Card-Testing Fraud Ring Uncovered
Sift’s Data Science team identified a key card-testing scheme in early June 2020. It’s one of the more covert ways content abuse fits back into the fraud supply chain. It occurs after login information, gift card details, or payment data has been stolen or bought.
A group of 15 fraudsters in Russia with identical IP addresses (a fraud ring), who Sift named “Bargain Bear,” worked together to test dozens of credit cards and digital wallets by posting fraudulent content listings on an e-commerce marketplace.
Sift’s Data Science team uncovered sinister behavior on an e-commerce marketplace: a fraud ring using fake content listings to execute a classic card-testing scheme.
Using these fake listings, they sold items to each other in order to vet stolen data, “negotiating” the costs of those items down so that the exchanges appeared more legitimate. This allowed Bargain Bear to test payment information in order to make much larger purchases thereafter.
The attempted scam also sought to bolster the fraud ring’s legitimacy on the marketplace by having the “buyer” post positive, yet fake, reviews.
Brand Loyalty Threatened
The Digital Trust & Safety Index reveals the true cost of content fraud as brand abandonment.
Content fraud decimates brand loyalty. Content abuse is typically financially motivated. The content is designed to facilitate scams making up nearly half of the attacks that were blocked.
Slightly more than half (56 percent) of consumers surveyed reported that if they discovered that their personal information had been exposed as a result of a scam on a website, they would stop using the site or service and choose a different provider.
Using the pandemic as cover, content scammers focused on ticketing sites. The ticketing and events space was hit the hardest by attempted content abuse since the start of 2020.
Those sites also experienced record drops in event volume (down 84 percent from April 2019) as large gatherings of any kind became impossible. Research shows that fraudsters have maintained their focus on businesses struggling amid the pandemic.
Caught in the Act
Sift’s research showed that a significant percentage of consumers recognized fake content and its consequences. Sift’s survey showed that 67 percent of those polled believe they come across some type of fraudulent content or false information on a daily, weekly, or monthly basis.
That survey also showed that 94 percent of the responding consumers deem content to be suspicious based on conspicuous factors. These include pie-in-the-sky promises, multiple typos or grammatical errors, outlandish claims, or a lack of identity information from the person posting it.
The Sift Digital Trust & Safety Index gives online merchants visibility into the covert economics that injure businesses. It also provides merchants with industry expertise to help businesses protect their customers without losing money or momentum.
More COVID-19 Fraud Tactics
Sift has tracked how fraud rates and event volumes are changing each week across multiple e-commerce verticals in response to the pandemic since March of 2020. The pandemic is causing acute effects within the economy that fraudsters are monetizing, according to Sift’s research. These ploys directly victimize merchants as well as consumers.
Criminal tactics include using text messages to encourage stockpiling of products and sowing fear about quarantine restrictions. Other tactics include emails sent to consumers to trick them into believing a vaccine exists and is being withheld, proffering fake treatments, and offering refunds to people whose plans were disrupted by travel bans.
The fraud does not end there. Fraudsters manipulate social media posts to pose as medical representatives with access to tests and antiviral medications for a fee.