February 19, 2021

Refund Fraud: Why 2021 Is the Perfect Storm

By Uri Arad, VP of Product and co-founder of Identiq

If the 2008/2009 financial crisis brought our industry the term "friendly fraud" then 2021 will be bringing "refund fraud" into our fraud fighting vocabulary with a whole new potency. Once a minor nuisance from the occasional cheating customer, refund fraud is erupting into an efficient industry powered by professional fraudsters and their deep knowledge of merchants' systems and procedures.

At the same time, the background of the pandemic provides good cover, great motivation, and even technical support to take refund fraud from growing to exploding. 2021 is, in short, a perfect storm for refund fraud.

The Industrialization of Refund Fraud

Industry expert Karisse Hendrick talks about what is happening to refund fraud right now as a process of "industrialization" and it is easy to see what she means. Of course merchants have been dealing with refund abuse for years, but it is only recently that professional fraudsters have moved in en masse to take it to a whole new and very fraudulent level.

The frightening thing, from my perspective as a fraud fighter, is that it is so simple -- and that this very simplicity makes it hard to identify.

A normal, otherwise respectable consumer (let's give them the benefit of the doubt) wants to make a purchase. Unfortunately, it is beyond their means. Instead of waiting for a sale or saving up, they find an alternative path, with the help of a professional fraudster they found on Telegram, Reddit, or even ordinary social media. (I was shocked by how easy these were to find.)

The fraudster tells them they can have the cake and eat it too. All they have to do is to go ahead and place the order, and to let them know once it arrives. They are to avoid signing for the package if possible -- and, if not, to use a fake name. The consumer follows instructions, and once the item arrives, they contact the fraudster, who takes over the case.

Refund fraudsters typically focus on particular merchants so they are absolutely au fait with every detail of the refund policies and processes. Many even know the individual support representatives who deal with refunds, and they know the scripts they use, and which steps to take to be most effective with each one.

The refund fraudster contacts the merchant to place a refund claim they know will be approved: the package never arrived, or was damaged, or was not what they had ordered. They (pretending to be the customer) want a refund.

If asked to return the package, they send a photo of the package or the shipping label. The package will be empty, or, if the merchant checks for weight, will have something heavy in there to match the precise weight of the item. Sometimes fraudsters even use packs of dry ice, which is heavy at the point of shipping but evaporated by the time the package arrives at the merchant warehouse, giving the illusion that the contents were stolen en route.

Retailers who only look at labels will be sent envelopes with appropriate labels on them; the label is entered into the system, but the envelope is assumed to be spam and is thrown away or recycled, destroying the evidence.

At the end of the day, the customer gets their refund, and also gets to keep the product. They pay the fraudster a percentage of the cost of the item -- somewhere 5% - 40%, though usually 15% - 30%. It is a bargain. You could even say it is a steal.

And as a fraud fighter, analyzing these cases, all you would see would be a known and probably trusted customers, or sometimes new but legitimate-looking customers, making perfectly ordinary purchases. It is not a returning fraudster. It is lots of normal customers, using their own legitimate details, devices, and behaviors. In reality, for many merchants these cases never even reach the fraud department, being earmarked as damaged or missing goods by the operational teams.

Fraudsters specializing in refund fraud have been seen in the wild for the last six or seven years, but mostly as an interesting curiosity. What happened to turn it into a serious threat?

Professional Refund Fraudsters, Meet Pandemic

COVID-19 has changed the nature of the refund fraud threat, just as it has changed so much else in our lives. Apart from anything else, of course, there is the sheer scale of eCommerce now that so much has moved online so quickly.

Many fraud teams are only just keeping on top of the challenge, particularly since a number of statistical tools were (and often are) less effective than usual at a time when things keep changing so quickly. It puts a lot of pressure on fraud teams to both provide a great customer experience and stop chargebacks during this stressful time. Add to that the fact that teams are in many cases working remotely, and the fact that catching refund fraud requires lots of communication between departments, and it is easy to see how the pandemic has provided fertile ground for refund fraudsters.

Beyond that, though, there are two new areas of vulnerability which have opened up as a direct result of the pandemic, and both are contributing to the growth of refund fraud by simply making it so much easier to carry out.

Delivery companies have had to adapt their procedures to a world where many consumers cannot come to the door, if they are in quarantine, protecting others, or shielding as high risk individuals or families themselves. Lots of delivery couriers no longer require anyone to answer the bell, much less sign for a package. That is great for good customers, but also makes life easy for refund fraud, because there is no proof of delivery.

Refund processes have changed in similar ways. Where once companies tended to be firm about the requirements for a refund, now many businesses are waiving the need for a box or label. Some, such as Amazon and Walmart, are even directing customers to keep the problematic item in preference to sending it back, because of the risks involved with the virus, as well as the logistical challenges involved. And where these giants lead, others follow.

Last but not least, COVID-19 has created many more customers who are willing to "bend the rules" just to get the product they desire, even if they have lost their source of income. These users are receptive to the fraudster offers, resulting in a steady flow of new users with a good history that the refunders can sell their services to.

One way and another, 2021 could not be a better situation for a professional refund fraudster and their clients. It is a perfect storm.

Collaboration as a Defense

The refund fraud hurricane could spell serious loss for a merchant. One customer is advised not to hit a specific merchant too often, but a refund fraudster can hit hundreds of times a week. It is very hard to catch, though, because the people completing the transactions are all different, and generally using their own legitimate information.

To combat this threat effectively, collaboration is essential. First, there is inter-departmental collaboration, with fraud teams working with customer support and perhaps delivery or returns departments as well.

Second, to handle the challenge that refunding consumers first hit one merchant and then another, fraud teams at different merchants should work together directly. Using Privacy Enhancing Computation (a Gartner top strategic trend of 2021), this can be done without sharing any personal user information, so competitive and privacy concerns need not arise. In that way, merchants can pool knowledge about which consumers are making a habit of refund fraud -- and act accordingly to protect their business.

Third, there are organizations such as the MRC, which are more important than ever. Fraud fighters need to be able to trace the scale of the problem across the industry to get a grip on it, bring awareness to upper management in their organization, and stay on top of new fraud attacks, as well as best practices and tools for dealing with this problem. Working together, merchants can act to stop refund fraud becoming the fraud legacy of the pandemic, and make sure that 2021 is not only the ideal setting for refund fraud -- it is also the year fraud fighters banded together to stop it.

About Uri

Uri Arad, Identiq's VP of Product, has been fighting fraud and fraudsters for more than a decade and has seen the fraud and identity challenge from diverse perspectives: product, risk, and R&D.

Before he co-founded Identiq to create the solution he had been dreaming of for years, he was the Head of Analytics and Research at PayPal's risk department. He has tremendous experience building cross-functional teams which use the latest technological developments to create innovative products that both reduce loss and improve customer experience.

Uri's expertise extends both to analyzing and meeting business needs and to an in-depth understanding of the technology that makes improvement possible.