The Business of Fraud: Online Retail Fraud in the Criminal Underground

July 26, 2021 • Insikt Group®

Insikt Group

Editor’s Note: The following post is an excerpt of a full report. To read the entire analysis, click here to download the report as a PDF.

Recorded Future analyzed current data from the Recorded Future® Platform, as well as dark web and open-source intelligence (OSINT) sources, to review the current landscape of online retail fraud scams and schemes popular with threat actors. This report will be of most interest to anti-fraud and network defenders, security researchers, and executives charged with security and fraud risk management and mitigation. This report expands upon findings addressed in the first report of the Insikt Group’s fraud series, “The Business of Fraud: An Overview of How Cybercrime Gets Monetized.

Online retail fraud is a persistent, multifaceted threat to businesses of all sizes and their customers and is likely to persist for the foreseeable future as consumers engage more with online retailers and shop more online versus at traditional “brick and mortar” stores. Also called e-commerce fraud, online retail fraud is the act of committing some form of fraud, such as a fraudulent transaction, on a web-based retail platform. Generally, cybercriminals will use stolen payment or account information to conduct these transactions. Some elements of online retail fraud also involve social engineering schemes that look to defraud a retail platform directly, as in the case with refunding scams against one’s customer service branch, or a third party, such as interception fraud or scams that target shipping companies. 

Threat actors engaging in online retail fraud discuss the topic in multiple languages, primarily English, Russian, and Chinese, discussing methods, offering tutorials and guides, and selling various goods and services ranging from significantly discounted stolen gift card information to all-inclusive refunding services targeting major retailers. If major online retailers have implemented various methods of anti-fraud mitigation, threat actors often devise techniques to bypass anti-fraud measures, namely through anti-detection (anti-detect) browsers.

  • Online retail fraud will likely increase in the future as e-commerce platforms continue to grow in the coming years.
  • We believe that threat actors will continue to demonstrate flexibility, adaptability, and opportunism amid a shifting e-commerce landscape, targeting emerging retail opportunities such as curbside pickup. 
  • Gift card fraud is its own type of service across the dark web and a way for cybercriminals to steal and launder money. Threat actors who specialize in gift card fraud operate dedicated shops due to its high demand. 
  • Refund fraud, or refunding for short, is both an entryway for threat actors to establish credibility on criminal forums and a growing avenue for threat actors to engage in criminal services against online retailers through social engineering.
  • We believe that cybercriminals will continue developing and using anti-detection tools to circumvent organizations’ security mechanisms.

Editor’s Note: This post was an excerpt of a full report. To read the entire analysis, click here to download the report as a PDF.

New call-to-action