With the peak of the holiday sales cycle fast approaching, retailers must be especially vigilant and on guard against fraud.
Increases in online shopping, an expanded array of promotional activity and intensified shipping volumes all combine to create fertile ground for fraud and abuse, and post-holiday sales cycles will be just as vulnerable as mid-season ones, so short-term fixes will not suffice. Holiday fraud has a ripple effect, and downstream damage can take time to materialize. Credit card information stolen during a busy holiday sales cycle, for example, might not be used right away, and hijacked accounts might be incubated for later attacks. Then, before you know it, the 2020 sales season begins anew with Valentine’s Day—only 51 days after Christmas—so there’s little if any downtime. The only option is to establish effective defenses now.
Many organizations head into the Cyber 5 well prepared. They already have advanced AI and machine learning-powered fraud solutions in place and are well-equipped to defend against large-scale fraud attacks. They know their brand reputations are at stake, as well as their bottom lines. Malicious, abusive, and fraudulent activity can ruin an otherwise prosperous and successful holiday season, so they’ve got the solutions in place that will see their businesses and their customers safely through a busy final quarter and into the new year. These organizations will come through unscathed. But not every company will be so fortunate.
If your business hasn’t yet implemented a fraud prevention plan that incorporates AI and machine learning, now is the time to begin the process. The 2019 holiday season is already in progress, and the 2020 sales season that starts with Valentine’s Day will be here before you know it. This is a critical opportunity for retailers to evaluate and integrate AI and machine learning solutions into their fraud strategies. By leveraging the power of these technologies, it is possible not only to detect and prevent known fraud patterns but also uncover new and emerging attacks that can evade existing systems. The scale, speed, and sophistication of modern digital fraud necessitate a new approach, and AI and machine learning represent the only viable solutions.
The complexities and painful consequences of online fraud
The dramatic migration of commerce to online platforms has created an ever-expanding surface area for fraud attacks. Criminals are using and combining tools and techniques that include phishing, credential stuffing, SIM swaps, device emulators, GPS spoofing and botnets to obscure their digital footprints and circumnavigate existing detection solutions.
- Content abuse: The increasing agility and adaptability of the modern criminal, and the growing complexity, coordination, and sophistication of their attacks represent a severe risk to retailers that need to build and grow positive brand awareness, drive demand generation and open additional sales channels through social media. Because of ecommerce sites’ dependence on user-generated content, they are especially vulnerable to content abuse that can hurt reputations, slow sales and cause significant customer churn. Of particular concern is the speed at which criminals operate. DataVisor’s Q3 2019 Fraud Index Report found that criminals launching content abuse attacks move very quickly: 60% of fraudulent accounts posted or sent malicious content within two hours of registration, and 76% did so within 24 hours of account registration
- Account takeover: Content abuse is, of course, only one of the problems online retailers face. Financial fraud is another, and account takeovers (ATO) are uniquely damaging—not only are the financial implications immediate, but so are the attacks themselves. Our Q2 2019 Fraud Index Report found that 72% of financial accounts made fraudulent transactions within one hour of compromise.
- Mass registrations and fake accounts: Fraudulent transactions using stolen credit cards have always been a serious concern for retailers, particularly during peak shopping seasons. In addition to ATO, in which criminals take over legitimate users’ accounts and use the credit cards on file, retailers have to contend with mass registrations and fake accounts that use compromised credit cards fraudsters have acquired elsewhere. Mass registration fraud is carried out using a complex array of techniques, including user behavior simulation, device and IP obfuscation, and identity theft.
Peak season fraud
One of the most significant challenges in fighting modern fraud is that today’s attackers generally have the same access to emerging technologies as the businesses they target. That can make it hard for legitimate platforms to get the upper hand. Criminal behavior also tends to mirror normal business behavior. For example, just as retailers up their sales and promotional activity during peak seasons, criminals ratchet up their efforts as well. This can be a dangerously effective strategy, as—during these peak seasons—consumers’ interest is high, while their guards are low.
Criminals exploit the dramatic increases in transaction volume during peak seasons and benefit from increased cover for their malicious activity. For example, they are keenly aware that many retailers relax detection rules during the holiday season to prevent being overwhelmed by a flood of triggered alerts due to the increased order traffic.
In addition to fraudulent transactions, malicious or unwanted activity can take on many additional different forms during sales and promotion events. For example, exclusive discounts for new customers can be taken advantage of by criminals who set up multiple fake accounts. Using these bogus accounts, they can purchase limited quantity items in bulk that may not typically be discounted, and resell those items on P2P marketplaces and auction sites. This problem frequently occurs for limited-edition or highly resellable items. Criminals can use scripts to rapidly purchase multiple quantities before legitimate customers even get access, later reselling the products at a sizeable profit.
Modern approaches to fraud detection and prevention
A growing number of artificial intelligence and machine learning companies are applying sophisticated algorithms to tackle fraud. Two of the latest approaches involve the use of “supervised” and “unsupervised” machine learning.
Supervised machine learning relies on historical fraud loss cases (“labels”) to train a model to detect similar attack patterns, and are valuable for preventing future instances of previously identified attacks. Unsupervised machine learning algorithms do not rely on labels and accordingly excel at identifying new fraud patterns and attack behaviors.
The accuracy of machine learning-based fraud detection can be as high as 99% when using the right approach, and the right solution can provide a level of automation and operational efficiency that’s impossible to achieve using a rules-based approach, or a strategy that relies on outmoded techniques such as blacklists. AI-powered solutions that offer intelligent automation are particularly effective when fraud volumes are high and resources are limited—scalability is a key differentiator for advanced fraud solutions.
Most fraud detection systems provide risk scores, and it is common for businesses to take a variety of actions against suspected malicious users depending on ascertained risk levels. While in some cases the appropriate action is to freeze an account altogether, in many cases, it might be preferable to “soft block” or “quarantine” the account. When soft blocked, an account stays open, but its activities are no longer visible to other users, and transactions do not actually clear.
If a criminal is unaware he’s been flagged,he will continue to perform their malicious actions. If the activity has no impact, it does no harm to the business or its customers, and also allows the enterprise to gain insights into the suspected criminal’s modus operandi. An added benefit is being able to better quantify the potential harm that could have been caused had the criminal not been caught in time.
Preparing for peak fraud periods
As the year draws to a close, retailers must take the opportunity to test and implement an improved fraud system before the full brunt of the holiday season hits, and before the next big sale or promotion cycle comes around.
Here are three quick tips that will help you minimize high season fraud loss and guide you towards successful new year planning:
- Don’t rely on rules alone. If you are currently using a rules-based fraud detection system, do not rely entirely on this technology during peak shopping seasons. Criminals are continuously adapting their techniques, and attacks are growing in both scale and complexity. Rules—and other legacy systems that might have detected yesterday’s attacks—are not able to detect the advanced attacks we see today.
- Be on the lookout for anomalous activity or transactions. Your organization must proactively keep watch for any anomalous activity that your existing systems is not capturing. If you currently do not have good unsupervised machine learning capabilities, regular manual reviews are the only way to uncover fraudulent behaviors that escape detection of rules-based or supervised machine learning systems.
- Keep one foot on the brake. While it is tempting to celebrate successful sales or promotions, there may be bad actors under the surface trying to game your promotions in ways that you won’t be expecting. While your campaigns are active, it’s important to continuously analyze user activity to make sure that the promotions are being used by legitimate customers who will provide continuing revenue to the business.
Fraud management has always been a cat-and-mouse game, and criminals are continuously improving their techniques. While there is no one surefire way to protect your business from all threats, AI and machine learning are enabling retailers to fight against criminals more effectively, and to protect both their businesses and their customers—during the holidays, and throughout the year.
Priya Rajan, vice president of marketing at fraud security firm DataVisorFavorite