When we talk about fraud detection and prevention, it's important to understand the range of activities covered. Today's businesses are able to defend themselves to varying degrees, which has caused criminals to improve their techniques.
As such, criminals deploy a range of ever evolving fraud tactics, using the best methods for the target at hand. Therefore, fraud teams and security specialists need to not only know the most common fraudulent activities, but also emerging fraud patterns too.
It's also important to note that many of these terms overlap and are not necessarily independent of each other.
Online payment fraud
Online payment fraud covers a range of fraudulent activities that use someone else's details to make payments. It puts a burden on businesses to invest in fraud detection techniques to determine when a genuine user is making a payment, compared to a fraudster using stolen credentials.
Card not present fraud
When it comes to online fraud, the majority often falls under card not present (CNP) fraud. This refers to payments made without the physical card present, such as through online stores or even over the phone. This typically includes stolen information, such as the card number, CVV security code and other details, to bypass standard security. The biggest challenge with card not present fraud often comes in the aftermath, as card issuers often hold vendors responsible for checking and validating identities.
Account takeovers
Account takeover attacks happen when fraudsters gain access to someone else's accounts, whether that's social media accounts, bank accounts or shopping accounts on e-commerce websites. Consequently, account takeover fraud (ATO) often leads to identity theft, where fraudsters make transactions under the assumed identity of the original account holder.
Policy abuse
Policy abuse fraud refers to a range of fraudulent activities designed to exploit the individual policies of businesses. This can include promotional abuse, or even finding loopholes in free shipping, returns and other offers. Fraudsters often make new accounts, abuse loyalty programs or otherwise try to gain free goods from merchants, costing the business as a result.
Resellers fraud
Common in limited goods or services where demand is high, reseller fraud occurs when fraudsters use various means to buy as many of these items as possible, only to resell them at a significantly higher price. This includes the likes of festival tickets, or goods that are limited in number, such as new phone releases. As a result, this hampers the experience customers have with the brand, threatening long term loyalty.
Multiaccounting
Also known as new account fraud, multiaccounting fraud occurs when fraudsters make multiple accounts with one business. This is done in order to either take advantage of special offers or promotions for new users, or to gain unfair access to goods or services limited at a per-user level. This can damage businesses through lower revenue and, in the latter case, to a damaged brand reputation in the eyes of customers that missed out.
Mobile app fraud
With mobile shopping and business growing regularly, it's unsurprising that mobile app fraud is also increasing. In fact, all major fraud trends can be found on mobile devices, from account takeover fraud to identity fraud and multiaccounting. What's important for businesses, then, is to ensure that they invest in fraud detection and prevention techniques on their mobile offerings too, less they become an exploitable vulnerability.
Friendly fraud
Friendly fraud refers to various complaints and actions taken by legitimate customers. Many of these are often due to misunderstanding, such as issuing chargebacks because the business name on their statements differs from the name of the store. However, it also covers a range of malicious activities, such as claiming products were not delivered and issuing a chargeback.
Identity fraud
Often the result of account takeovers, identity fraud occurs when criminals use stolen credentials to act as an unsuspecting customer or user. This often targets merchants that sell physical goods, as fraudsters aim to make a successful fraudulent transaction before the store detects it. Once achieved, both the customer and the merchant are at a loss.
Fake accounts
When real accounts can't be acquired, fraudsters can create fake accounts to try and gain access to systems. This is also sometimes known as synthetic identity fraud. While many fraud prevention methods can determine a fake account, basic systems often lack the ability to identify when the same fraudster or user makes a new account, as the information is often completely different.
Gift card fraud
Gift cards represent a choice target for many fraudsters. In addition to cracking the PIN or code of specific gift cards, criminals can also use phishing and other scams to acquire codes. These can often be used in money laundering, or sold on the dark web at a discount. Because the gift card itself represents a closed loop between the purchaser and user, gift cards often lack the wider security seen elsewhere, leading to the popularity of gift card fraud.