Over the past few years, online shopping has grown significantly, making it extremely easy to order anything you like, whenever you like, to wherever you like. Technology has made it more convenient for us to purchase goods, and threat actors are no exception. This growth in online shopping, combined with the explosion of compromised financial data available, is why the retail and eCommerce industries are some of the most targeted sectors in the Dark Web. The ease with which you can commit fraud these days and get goods delivered to your doorstep with little to no risk, is just too appealing to overlook.
To help retail and eCommerce organizations combat these threats, we partnered with Riskified, a leader in online fraud prevention solutions, to produce the Retail & eCommerce Threat Landscape Report (October 2018). Here's a bit more about the report and what we discovered.
Retail Fraud: A Fact of Life
If you’re an eCommerce merchant, you already know that fraud is a fact of life. eCommerce fraud nets its perpetrators tens of billions of dollars each year, and there’s no sign of it slowing down. For retailers, fraud falls somewhere between “inconvenience” and “crippling.” No matter the magnitude of fraud you face, failing to prepare adequately can leave merchants with huge financial losses. But it’s not just the direct fraud costs that hurt merchants. Contrary to popular belief, more money is lost managing fraudulent purchases than is actually lost to chargebacks. Fraud puts a lot of strain on customer support teams, hinders the ability to scale or expand internationally and leads to unhappy customers (aka brand reputation damage). These costs can be far more damaging, so organizations need to make sure they’re managing the fraud process efficiently, while working to identify fraud attempts early.
Most online retail fraud follows a simple 2-step process:
- Get a stolen credit card.
- Order goods from a retailer.
From there, it’s only a question of abilities and scale. Retail fraudsters range from your average neighborhood whiz kid who uses a stolen credit card to order the new Call of Duty, to organized crime groups that buy digital goods as a money laundering tactic. Retailers of all sizes are getting hit. From your local pizza shop to huge retail conglomerates, fraud affects every company that sells products, services, or goods online. It’s important that organizations understand the latest fraud and cyber scam tactics so they can identify fraud early and respond appropriately.
Key Report Findings
IntSights and Riskified combined their data to identify key trends in fraud and cybersecurity threats facing the retail and eCommerce industry, and to highlight which threats and vectors pose the largest risk.
- 278% rise in retail goods for sale on dark web black markets
- 297% rise in retail phishing websites
- 469% spike in suspicious applications in Q4 2017 (right around the holiday season)
- 345% spike in malicious social media profiles in Q4 2017 (again, right around the holiday season)
- Average of 22.1 internal login pages or development servers exposed per retail company
The report also breaks down fraud statistics by retail sub-sector and by country to show how different segments of the retail market is impacted by retail fraud and cyber scams.
Additional Report Components
In addition to statistics and fraud trends, the report also features sections to help retail cybersecurity teams respond more effectively to cyber threats, including:
- Common Tactics and Tools Used by Fraudsters
- Factors That Contribute to Retail Fraud
- An Inside Look at the Underground Credit Card Trade
- Predictions for 2019
- Recommendations and Best Practices
For any organization that sells their products or services online, the Retail & eCommerce Threat Landscape Report (October 2018) is an important resource to review to ensure you're staying up-to-date on the latest cyber trends and taking the appropriate precautions to minimize your chance of attack. Click here to request your copy of the report!