By Saeed Ahmad, Managing Director, Middle East, and North Africa, Callsign
The risk of fraud lurks behind most transactions, and the holiday shopping season provides fraudsters with opportunities to capitalize on shopping bonanzas by concealing themselves among the volume of transactions.
Consumers should be on the watch for increased phishing activity, with fraudsters attempting to trick consumers into passing over usernames and passwords via email and text messages or by sending links to phony websites. Scammers are using the same communication channels that banks and retailers use to authenticate actual consumers, making it increasingly difficult to discern between real and fake messages.
Bots are a popular weapon among bad actors, especially for malicious activities such as account takeover fraud (ATO) and identity theft. Bots are versatile and adaptive, allowing them to carry out a wide range of malicious activities, from credential stuffing attacks utilizing information obtained through data leaks to the creation of many online identities. However, bots are also important in another threat vector: inventory fraud. Bad actors employ several identities and advanced bots to purchase the full inventory of limited-edition or scarce items and resell them at a markup.
Another threat that consumers and retailers should look out for is the rise of Buy Now, Pay Later (BNPL) fraud. Account takeovers are a common strategy employed by fraudsters in which they hack into a legitimate user’s account to order products. The risks are heightened for retailers since they are often held liable for the repercussions of BNPL fraud. Retailers and BNPL suppliers are frequently left to suffer the costs of fraud while the perpetrators acquire things they have not paid for. Furthermore, because BNPL providers have collaborate with many popular businesses, users often open multiple BNPL accounts. This broadens the playing field for malicious actors. A common precursor to BNPL fraud is account takeover or credential theft.
To protect themselves during the shopping season, consumers are urged not to click on links in emails or text messages. Furthermore, since text messages in merchants’ names are harming their reputation and eroding consumer trust in their business, retailers must find better methods to authenticate their clients.
We recommend considering layering signals about a user’s device, location, threat and malware protection with unique behavioral biometrics that can recognize actual users with a single swipe or type. This assists retailers in developing a complete picture of the risk level connected with each user.