大流行后的欺诈情况

Global data mining firm LexisNexis released its annual True Cost of Fraud Study for Ecommerce and Retail 今年早些时候. The report seeks to quantify the costs incurred as a result of fraud.

 It does this by calculating the total cost for each dollar lost to fraud inclusive of the fraud itself and all organizational costs associated with the fraud, including but not limited to investigation, remediation, legal, etc.  Trends identified in the report can give us clues about how the fraud landscape has changed and what it will look like going forward.

在今年的报告中, LexisNexis found that the cost and volume of fraud in ecommerce and retail increased substantially during 2022. Every $1 lost to fraud costs retail and ecommerce merchants $3.75美元，而不是3美元.大流行前为13美元，大流行前为3美元.60 just last year, marking a nearly 20% increase since the beginning of the pandemic and a $0.15 increase over the past year alone.² The increase is said to be related to the greater use of mobile commerce and coincided with the largest year-over-year increase in online/mobile transactions in history from 2020 to 2021³, which has largely continued into 2022 despite the receding pandemic. Given the increased convenience of transacting digitally, this trend may slow but is unlikely to reverse. 

What kinds of attacks are online merchants increasingly facing?

• Card testing/credential stuffing These occur when an attacker obtains stolen credit card information or account credentials. The fraudster attempts to use the information to access a customer account and make unauthorized purchases. While consumers are the targets of this fraud, merchants may end up reimbursing customers when the fraud is detected.
• 退货/退款欺诈行为 These occur when fraudsters request refunds for items, claiming that the merchandise never arrived, is broken or that they intend to return the merchandise. These kinds of frauds are on the rise. CNBC found that, on average, retailers expected returns of about 16.6% of merchandise during 2021 compared to 10.6% in 2020. It also found that for every $100 in returned merchandise, $10.30岁的人被骗了.¹
• 拦截欺诈 A fraudster ships merchandise using a stolen account to an address the fraudster can access. 这可以是自己的地址, 他们附近的地址, or it could be the actual customer’s address, where the fraudster intends to intercept the merchandise from the customer’s doorstep.
• Many others, mostly attacks involve fraudsters posing as customers. 

What are some strategies to combat the rise of these types of frauds? Lexis Nexis recommends several potential solutions:

1. 评估交易风险. Monitor transaction patterns of individual accounts to see if current transactions match against previous patterns and identify irregularities. This is otherwise known as transaction scoring.
2. 验证个人身份. Verify names, addresses, dates of birth. 使用双因素身份验证.
3. 验证帐户. Utilize biometrics, digital fingerprints, facial identification, geolocation, etc.

Other potential mitigation strategies include:

1. Maintain Payment Card Industry (PCI) standards
2. Monitor IP addresses; flag and/or block those that appear suspicious
3. Make CVV codes mandatory at purchase

All indications are that in the coming years these kinds of incursions will become more common and attackers will develop new strategies to obtain sensitive customer information. Merchants will have to be creative if they hope to weed out fraudulent activity.

Schneider Downs offers risk advisory, forensic accounting and other services to retailers and other business to consumer organizations. For more information, please email us at c(电子邮件保护).

About Schneider Downs 网络安全 

The Schneider Downs cybersecurity practice consists of experts offering a comprehensive set of information technology security services, 包括渗透测试, intrusion prevention/detection review, ransomware安全, vulnerability assessments and a robust digital forensics and incident response team. 此外，我们的 Digital Forensics and Incident Response teams are available 24x7x365 at 1-800-993-8937 if you suspect or are experiencing a network incident of any kind. 

想要了解情况? Subscribe to our bi-weekly newsletter, 关注网络安全, at maztn.sorizu.net/subscribe. 

To learn more, visit our dedicated 网络安全 and Forensic and 调查会计 pages. 

¹CNBC: ‘A more than $761 billion dilemma: Retailers’ returns jump as online sales grow’ by Melissa Repko on January 25, 2022
²LexisNexis Risk Solutions: “True Cost of Fraud Study for Ecommerce and Retail”. 2022 US & 加拿大版
³美国电子商务增长14%.2% in 2021. Jessica Young, Digital Commerce 360. 2022年2月18日

额外的来源:

LexisNexis Risk Solutions: “True Cost of Fraud Study for Ecommerce and Retail”. 2021 U.S. & 加拿大版
Statista: • UK: impact of COVID-19 on grocery shopping 2021 | Statista