The Merchant Risk Council took the rare step of issuing an email warning to its entire membership this week that an “unprecedented increase” in first-party ecommerce fraud was underway and suggesting that organized criminals were likely a significant factor in the attacks.
“We have reason to believe that there is an organized and targeted focus on exploiting loopholes in the return and chargeback processes at a higher volume,” said the email from Julie Fergerson, CEO of the MRC, among the world’s leading fraud and risk advisory organization. “We suspect that the fraudsters are sharing this information and that the volume we are hearing about is either systemic, organized through various online fraud-as-a-service sites, or both.”
The email appeared to mark a new and disturbing phase in a trend that merchants have been battling for years and have recently been putting at the top of their list of fraud concerns. In fact, in a survey of 1,100 merchants published by the MRC earlier this year, 48% and 45% of respondents respectively said refund and policy abuse and first-party misuse were the biggest two fraud problems they face. Additionally, 63% said that first-party misuse had grown over the last year, according to the MRC’s “2024 Global Payments and Fraud Report.”
Consumer abuse is up 15% year-over-year
First-party fraud and abuse — also called consumer abuse, first-party fraud, first-party misuse and friendly fraud — is up markedly in the first half of this year. Signifyd data shows a year-over-year increase in four out of the six first months of the year, including a 15% increase in June compared to a year ago.
And while first-party fraud has long been a challenge for merchants, its growth has accelerated in recent years — and weeks. In its email, the MRC noted “a marked rise over the last 30 days in this volume with significant financial loss.”
Why first-party fraud is rising at an alarming rate
Catherine Tong, co-founding parter of payment consultancy Allyiz, says first-party fraud is on the rise for a number of reasons. In this short video she runs through the predominant causes she sees in a trend that prompted the MRC to issue an extraordinary warning to the 700-pluse retailers, solution providers and law enforcement agencies on its member rolls.
The alarming increase in first-party fraud can be attributed in part to customers weary of inflation and feeling squeezed by an uneven economy. How-to videos on social media target this group, alternatively bragging about successful scams or guiding others in their finer points, as reported recently by NBC News.
But the prime factor in the most recent rise is more likely the industrialization of criminal fraud — the trend toward the growing sophistication and scope of organized online retail crime.
Organized retail criminals are adding to first-party misuse pressure
“Organized retail theft rings significantly add to the pressure as they have identified and exploited retailers that allow them to double dip — the practice of scanning mailing labels to receive an instant online refund while they quickly move to sell the item they failed to return. It’s a way to double their money with zero investment,” Signifyd’s Senior Director, Risk Intelligence Michael Pezely said.
As rapid innovation has steadily improved fraud prevention, including AI-driven protection, improvements to 3D Secure and other two-factor authentication and Signifyd’s machine-learning-based guaranteed fraud protection, criminal rings have looked to exploit other segments of the online buying journey.
The MRC’s warning described an increase in INR claims and SNAD claims — or claims that an item was not received or an item arrived damaged or not as described on a merchant’s website. And it told merchants what they might encounter as these claims roll in — tactics that hardly sound like they’d be employed by typical consumers getting in touch with their dark sides.
Faked photos are part of the SNAD scam
“For the goods damaged example,” the email said, “fraudsters are using false photographs and sending them to merchants to show that the products arrived broken, when in fact they did not. Merchants are following their policies and standard operating procedures and sending out replacement products.”
The MRC also pointed to other techniques that bear the mark of criminal rings specializing in financial fraud and identity theft, “including falsified documents from the customer service center. The documents promise refunds, additional products, discounts, and many other creative ideas.”
The MRC’s email appeared to mark a serious escalation in a simmering threat. While it is part of the non-profit council’s mission to provide information and advice about fraud trends and practices, it typically sends such membership-wide email warnings only two or three times a year to alert merchants to particularly voracious attacks.
Advice from the Merchant Risk Council
In the email, the MRC recommended that merchants review their current policies and the metrics they use to detect first-party fraud. In particular, retailers should be wary of any indication that refund requests or actual refunds are on the rise and accelerating. Among the metrics the MRC warning mentioned are:
Refund rate
Repeat refund requests
Refund amount as a percent of sales (including replacement products)
Time between purchase and refund request
Refund reasons
Refunds by product category or ticket price
Customer lifetime refund rate
Refund-to-purchase ratio
Refund processing time
Refund by payment method
Complimentary gift card / Credit issuances
Call center volumes
Signifyd customers already have access to Decision Center, a solution that provides a series of relevant insights and can quickly understand the threat level of a refund request and present an alternative return process based on that determination. With this highly accurate solution, merchants can reduce losses associated with this abuse while still allowing good customers access to quick refunds. Signifyd customers also benefit from a highly automated chargeback recovery solution that provides an efficient way to dispute illegitimate chargebacks.
Feature photo by Getty Images
Need help stopping first-party misuse? Let’s talk.