Consumers Teaming With Hackers on Payment Fraud Schemes

a team of hackers

Consumers are allying with dark web hackers to participate in payment fraud tactics.

Sift on Thursday released its Q1 2023 Digital Trust & Safety Index with findings that nearly one in five (16%) consumers admit to committing, or know of someone who has taken part in, payment fraud. Likewise, 17% of consumers have encountered online offers to commit payment fraud.

The rapid growth of digital fraud by consumers working with dark web-based gangs is a symptom of fraud’s accessibility and democratization among everyday internet users, according to the report. Sift’s research finds fraudsters targeting fintech and digital goods and services, as well as recruiting consumers to commit digital fraud.

The data revealing this new trend came from the digital fraud prevention firm’s survey of over 1,000 U.S. adults. The report includes fraud data findings from Sift’s global network of over 34,000 sites and apps.

These combined insights show the latest techniques fraudsters are adapting to turn stolen data and proven attack methods into profitable — and marketable — products and services amid unstable economic conditions.

“The rapid democratization of fraud presents even more opportunities for motivated criminals to expand their reach by productizing their offerings and selling their services to commit fraud against businesses,” Jane Lee, trust and safety architect at Sift, told the E-Commerce Times.

Payment Fraud a Worsening Problem

According to Juniper Research, payment fraud cost online businesses $41 billion globally last year. Those losses are expected to jump 17% in 2023, hitting $48 billion by the end of this year.

With attacks on the rise, it is no longer a matter of if a business will face a payment fraud attack. Instead, the issue is now when it will happen to a company and at what scale.

Even industries facing significant headwinds remain in fraudsters’ sites, as Sift’s network, which analyzes more than one trillion events annually, shows that payment fraud attacks in fintech jumped 13% between 2021 and 2022.

Within fintech, buy now, pay later (BNPL) merchants faced a massive 211% increase, and Crypto exchanges saw a 45% surge. Meanwhile, digital goods and service providers experienced a 27% uptick in payment fraud.

“There is a misconception that fraud actors are all located overseas. While that certainly may be true for some, what we are seeing with the democratization of fraud is that fraud is alive and well domestically,” advised Lee.

‘Card Hopping’ To Avoid Detection

Payment fraud attacks persist through the veritable arms race between cybercriminals and businesses as digital fraudsters evolve their methods to avoid detection.

Sift researchers noted that more businesses are equipped with better tools and technology to fight attacks. They are seeing an increasing trend of payment fraudsters turning to “card hopping” techniques to avoid detection.

This new fraud method to pay for goods and services involves using various stolen credit cards. It can provide an air of legitimacy for cybercriminals looking to make purchases without detection by a business’s fraud prevention measures.

For instance, using a single credit card to make several high-value purchases on a company’s website could raise suspicion of fraud. Card hopping spreads the purchases out over several cards, so they appear unrelated and get approved by the merchant.

Fraud as a Service

One factor driving the digital fraud jump into mainstream e-commerce is that the process is readily available to anyone with an internet connection. According to Lee, the ease with which someone can both sell and purchase stolen credit card or account information has led to the democratization of fraud.

It has also opened new revenue streams for seasoned cybercriminals beyond pointed attacks. As veteran thieves recruit customers through web channels like Telegram forums and TikTok, fraudsters now scale their networks and activities.

This process has produced a fraud-as-a-service model that profits from the expansion of fraud and reaps the rewards from successful attacks. Similar to how software providers work to make their platforms more accessible to a broader range of users, fraudsters have productized their attack methods for anyone to find and use.

“In doing so, this has opened up new revenue streams for cybercriminals that go beyond pointed attacks,” said Lee.

Recruiting Fraudulent Buyers on the Deep Web

In recent years, government agencies have cracked down on certain parts of the dark web, causing cybercriminals to migrate toward the deep web — a part of the internet not indexed by search engines — and use encrypted platforms to commit illegal activity, Lee explained.

With increased deep web “recruiting” targeting consumers on social media and open web platforms, fraudsters profit from the expansion and reap the rewards of successful breaches.

The fraud attack starts with a cybercriminal stealing credit card credentials via hacking, malware, or a phishing attack. That individual creates or joins a group on a deep web forum and begins to cultivate a following.

The fraudster advertises the credit cards to other fraudulent buyers at a deep discount. An opportunistic buyer agrees to purchase multiple credit cards at 50% off. Finally, the buyer makes purchases with the stolen credit cards, and the cybercriminal earns a profit.

‘Underground’ Hangouts

The main channels on which fraudsters recruit consumers, noted Lee, are social and messaging platforms such as Telegram and TikTok. Deep web platforms that provide encryption capabilities, like Telegram, are even more preferable for fraudsters since it gives another layer of protection.

“In fraud forums on Telegram, cybercriminals employ a consumer-friendly fraud-as-a-service approach, which includes buying and selling stolen payment data and committing fraud on behalf of paying customers,” Lee explained.

Those who purchase stolen payment data are often other fraudsters. But fraud-curious consumers can freely join the fraud forum and are looking to take advantage of deals on the products and services they want.

The prevalence of fraud as a service on fraud forums cannot be measured precisely due to its covert nature. The rise of democratized fraud and fraud as a service poses an inherent risk for all businesses, especially merchants, who remain top targets for payment attacks.

“We can confidently say, based on Sift’s research, that these scams are common across all forums and a regular conduit of fraud in the e-commerce space,” Lee warned.

She added, “We are almost certainly going to see expanded use of these platforms to lure consumers into becoming cogs in the fraud economy, especially as inflation and unease in the legitimate economy persist.”

How Merchants Can Fight Fraud

Merchants should keep a close eye on these trends and work with their fraud prevention solution providers to ensure they can properly adjust their risk thresholds and monitor for emerging fraud patterns, Lee suggested.

A lack of substantial fraud prevention tooling and incessant data breaches exacerbates payment fraud. Adding insult to injury is the fact that cybercriminals have access to tools that allow them to test and use the credentials they acquired at scale, she said.

“As online fraud continues seeping into everyday internet culture, trust and safety operations have become the single point of failure or success for businesses. Now is the time for companies to ensure they are leveraging the right technology and implementing a digital trust and safety strategy to successfully stop payment fraud while fueling growth with every transaction,” Lee offered.

For merchants to better protect themselves from fraudsters’ widespread attacks, it starts with having the right technology and strategy in place. Organizations should leverage technology that utilizes real-time machine learning and AI to reduce manual efforts and automate processes and respond faster and more accurately to emerging threats, offered Lee.

“Implementing this type of technology alongside a digital trust and safety strategy enables businesses to stop payment fraud while growing their bottom line,” Lee said.

Jack M. Germain

Jack M. Germain has been an ECT News Network reporter since 2003. His main areas of focus are enterprise IT, Linux and open-source technologies. He is an esteemed reviewer of Linux distros and other open-source software. In addition, Jack extensively covers business technology and privacy issues, as well as developments in e-commerce and consumer electronics. Email Jack.

Leave a Comment

Please sign in to post or reply to a comment. New users create a free account.

More by Jack M. Germain
More in Cybercrime

E-Commerce Times Channels