Top 5 Fraud Threats for the Holiday Season

Nov 19, 2011 2:22 AM  By

While mobile transactions have increased 50% year-over-year worldwide, merchants are still trying to figure out this channel. Fraud prevention platform provider ThreatMetrix predicts that as many as one in four sales will be lost on Cyber Monday because of incorrect mobile fraud classifications.

With an increased volume of online transactions during the holidays, retailers are left with less time for manual screening and review of transactions – whether they are coming from a laptop, desktop computer, tablet or mobile device.

What are the top five fraud threats retailers need to watch for this holiday season? ThreatMetrix identifies these five:

Mobile device spoofing: Merchants are put at increased risk with mobile transactions simply because it’s more user-friendly for fraudsters. Today, most fraud coming from the mobile channel actually originates elsewhere; the device acts like a mobile device.

Use of botnets and malware: This is a prominent concern on traditional desktop and laptop computers, as well as mobile devices, as malware can steal passwords and payment account information. On top of that, many of today’s consumers fail to install appropriate fraud prevention software on their mobile devices, according to Faulkner. Analyzing anomalous behavior and checking third-party IP reputation can help detect malware.

Cookie-wiping: Merchants could previously track repeat visitors through cookies, yet many of today’s consumers and fraudsters remove cookies by using add-ons and private browsing modes. This makes it difficult to recognize suspicious repeat visitors and identify returning good customers; cookieless device identification is more important than ever.

IP address cloaking: It has also become easier for fraudsters to spoof or mask IP addresses today. This makes it harder for merchants to know the “true” IP of the visitor and distinguish the good transactions from the bad. Identifying proxied visitors is crucial; this can be done by inspecting HTTP headers, maintaining a blacklist of known proxy sites, dynamically detecting proxied requests and piercing the proxy with a callback request.

Use of Virtual Private Networks: VPNs use separate software on the originating device to place it on a different network, showing traffic is originating from a different address than its true network. To identify fraudsters who are using VPNs, it’s important to monitor time zone and language settings, as well as global anomalies.