Generative AI Powers New Fraud Techniques in Top 2024 eCommerce Fraud Hot List
By Mike Habermann
Director of Fraud Services, Radial
eCommerce fraud rates continue to climb as fraudsters become more sophisticated, now further enabled by generative AI. Mastercard expects 2023 U.S. eCommerce fraud totals to come in at $48 million and Juniper Research predicts total global 2023-2027 eCommerce payment fraud at $343 billion. Overwhelmingly, return fraud remains a primary crime as it accounted for $101 billion in overall retail losses in 2023. No doubt, your business has been impacted and will be targeted in the coming year.
As we look at 2024, we’re preparing for new threats and the continuance of last year’s top fraud trends. Needless to say, the landscape has shifted significantly with the introduction of mainstream generative AI and ChatGPT — which is proving to be a double-edged sword. Generative AI scales fraud detection and prevention techniques and provides fraudsters the same toolset to create more insidious fraud schemes at an unprecedented rate. More on this in a bit, but suffice it to say, an already pressurized fraud scene has become exponentially more complicated.
We recently compiled our analysis of the top 2023 fraud trends that we mitigated across our retail clients. These, along with emerging trends, are on our 2024 hot list.
Whether you’re managing fraud through a variety of fraud prevention tools and vendors, or enlisting the services of fraud, payment, and chargeback professionals like Radial, there are fraud trends you need to be aware of and actively defend against.
10 Top 2024 Retail Fraud Trends
The following are on our top 10 list for this year, along with evergreen threats such as return fraud. Fraudsters evolve their strategies and tactics as the fight against their crimes gains ground; however, we believe the tactics listed here will prevail in retail and eCommerce in 2024.
- Synthetic identities.
Synthetic identities continue to be a top fraud trend as fraudsters combine elements of valid data to create fake identities. Since each element of the identity is a verifiable data point, only multi-layered fraud prevention strategies that check multiple data points are able to recognize it. Fraudsters use synthetic identities for account takeovers, gaining access to accounts or opening new accounts where they pose as legitimate customers and make fraudulent purchases.
- Payment wallet fraud.
Payment wallets like ApplePay and GooglePay provide a convenient and often a safer way for customers to pay. Adding and validating a payment method, such as a debit or credit card, typically happens on initial signup. Based on the financial institution, verification processes can vary quite differently between a large bank and a credit union. Fraudsters are taking advantage of institutions that have processes lacking thorough validation, opening the door to fraud exposure. It’s important for retailers to employ a multi-layered defense and stay on top of trend analysis.
- Near-real address delivery fraud.
Part of employing a multi-layered approach to fraud prevention is to check for delivery address proximity to the billing address. We have seen an increase in fraud attempts using this method. Delivery addresses are often nearby businesses where mules are receiving the items and then profiting off the fraudulent purchase.
- Bot-driven card testing.
Card testing often times increases during peak season, but can happen sporadically throughout the year. It’s extremely important for retailers to monitor web traffic to identify this behavior. There is not a method to this madness as it can vary between low and high dollar, velocity, time of day, etc. Websites that get hit with a card testing attack are not only at risk of exploitation, but performance disruption. It may also indicate a symptom of much larger problem.
- BIN attacks.
Similar to card testing, BIN attacks utilize bank identification numbers (BIN) obtained from a stolen run of cards from a financial institution. The attack process is similar as fraudsters look for which cards will validate. It’s important for retailers to be proactive and identify specific BIN ranges that pose risk. Card testing and BIN attacks can be conducted at any time, but are more prevalent during peak volume when retailers have high site traffic volumes and cannot readily react. Having a partner like Radial to manage fraud makes it easy to quickly implement needed changes during peak season attacks.
- BOPIS fraud.
Buy online, pick up in-store has become a popular order fulfillment method. It is normally low-risk for fraud as customers need to show ID to pick up their order. Fraudsters have taken this low-risk channel and are exploiting it by using a combination of in person social engineering during the pickup process and splitting the order fulfillment method between pickup and low-risk shipping. It’s important to take a risk-based approach to your strategy, regardless of fulfillment method.
- Chargeback fraud. Chargeback fraud is often referred to as first party fraud. A cardholder can dispute a transaction with their bank as fraud, knowing that the purchase was legitimate. If they succeed in winning the dispute, they’ve just gotten their merchandise for free. As Americans are carrying more credit card debt than ever before, there may be a correlation to financially stressed customers stretching the moral line by disputing good transactions.
- Real-time payment fraud.
In traditional payment processing, there is a gap in time between authorization and payment processed. Savvy customers understand the authorization, then later, the verified transaction, which is when the money is debited from the account. The gap between authorization and when the card is charged provides time to validate the transaction and credit a transaction. Real-time payment methods transfer the money immediately with zero time to reverse a potential fraudulent charge. The push for checkout optimization is driving this approach, but it’s important to build trust with customers using a real-time payment method. Retailers should use data strategies to identify what typical shopping behavior looks like and enable friction points if flaws are detected along the way.
- Social commerce fraud.
Increasingly, customers buy on social media apps. Social commerce is a leading retail channel in Asia and is growing in North America and Europe. However, social commerce fraud detection and prevention often does not get the same focus as other eCommerce channels. We’re keeping a close eye on social commerce as more retailers begin using it as a sales channel.
- AI generated fraud.
All of the fraud methods highlighted in this article are subject to being enhanced and scaled by generative AI. Fraudsters now have the ability to quickly create fake, believable personas complete with histories, photos, and networks, at scale. These synthetic identities will be more challenging to detect. Like any new technology, generative AI has the capacity to be used for good or evil. It enables criminals to scale their strategies, techniques, and tactics in ways that remain to be seen. Thankfully, it also enables those of us who fight fraud with the same capacity to scale fraud detection and mitigation techniques.
Prevent Fraud with Radial Payment Solutions
Need help? Radial Payment Solutions provides fully managed payment, fraud, and chargeback services to retailers, with a zero fraud indemnification policy. We continually track and mitigate the latest fraud trends with the expertise and technology required to fight sophisticated, organized, and individualized fraud while preserving high sales conversion rates and a positive customer experience. We’re proud to provide an industry-leading 99+% order conversion rate for retailers.
As Director of Fraud Services, Michael Habermann is responsible for Data Science & Advanced Analytics, Business Intelligence, and Fraud Operations. Prior to his current role, Michael was as a Sales Engineer, supporting new business for Radial Payment Solutions. Michael has more than 25 years leading high performing teams as a Merchant and as a Solution Provider for Fraud, Identity, and Chargeback Management. You can follow Michael on LinkedIn.
Learn how Radial can protect your business.