Six common online fraudster types and how they operate

The Ravelin Investigations team is always analyzing trends in fraudster behavior and keeping an eye out for fraud discussions on the dark web.

The rise in popularity of fraud discussion groups has led to an increase in the number of individuals with the basic knowledge and skills to commit fraud, but we’ve also seen some more sophisticated fraudsters and behavior patterns emerge.

The Director of Intelligence & Investigations at Ravelin shares insight into six of the most common fraudster types and their methodologies.

Do you recognize these profiles as those targeting your business?

1. The Hungry Fraudster

The Hungry Fraudster does not usually make a living or a steady income from fraud, but is willing to commit food delivery fraud for a freebie, such as a pizza. Generally, they are opportunistic and driven by the ease of available online guides and cheap credit card details.

They have a low level of operational security, but due to the sporadic nature of their fraud, they consider themselves to be at a low risk of being caught and are willing to take chances.

The rise in popularity of fraud-themed discussion platforms online (forums, messenger groups, online guides) has made it simple for this type of fraudster to get a basic education on how to commit fraud, with plenty of 30-minute tutorials available.

2. The Friendly Fraudster

Also called consumer fraud and first-party fraud, friendly fraud is infamously difficult to detect. Of course, genuine customers sometimes request refunds for legitimate reasons, such as a product arriving damaged or not as described. However, a friendly fraudster has received the product but wants to get their money back too.

The friendly fraudster often uses their own payment methods, and their own real identity – and then issues a chargeback with their bank. They may claim they have not received the item, and there is evidence that this has increased during the Covid-19 outbreak due to a rise in contactless delivery.

In some cases, friendly fraudsters can order high value items, e.g. iPhones, laptops, and return the empty box for a refund from the retailer, even filling the empty packaging with junk to avoid suspicion.

2. The Professional Fraudster

The Professional Fraudster has a significant income from fraud. Often, their fraudulent orders are for high value items such as premium alcohol, electronics, clothing, tickets, software, luxury watches, jewelry, handbags etc. The business fraudster then sells these items to customers on platforms like eBay, Facebook, Telegram, Depop or dark web marketplaces.

The professional fraudster has a reasonably strong level of operational security, and relies on a degree of tradecraft to avoid detection. They create lots of accounts and make bulk orders for resale later on. They may also return empty boxes to merchants and use proof of postage to claim a refund.

3. The Voucher Abuser

The Voucher Abuser takes advantage of promotional schemes and vouchers on offer from a merchant.

They often abuse referral offers by creating multiple accounts to refer themselves as a new user repeatedly, and continuously benefitting from new user discounts.

4. The Account Thief

The account thief gains access to genuine customers’ accounts in order to monetize the account - which is known as account takeover (ATO).

ATO attacks are increasing partly due to the combined factors of multiple breaches and genuine customers reusing the same passwords across multiple different platforms. If one platform is breached, these credentials will be available for fraudsters to try everywhere online.

Once the account thief has access to a genuine customer account, they can do several things with it:

• Use the stored card details to make fraudulent purchases
• Use the customer loyalty points to make purchases or transfer these into another account
• Add a new compromized payment method and make fraudulent orders
• Scrape the genuine customer data to resell
• Change the account details to claim the account and lock the genuine customer out
• Delete the existing customer account and recreate it afresh with the same details to claim it

The account thief benefits from the genuine customer’s buying history and trust with the merchant, which makes it harder to detect when an account has been compromized.

5. The Supplier Fraudster

The supplier fraudster impacts marketplaces which connect customers and suppliers. These fraudulent suppliers abuse their trusted relationship with the merchant.

For example, a delivery driver may open a fake customer account and repeatedly place orders with themselves as the driver to get paid by the marketplace. Supplier fraudsters also commonly use vouchers on fake customer accounts or try to take advantage of promotional schemes on offer.

In most cases, marketplace supplier fraud is opportunistic and not professional – it arises when the supplier sees a way to make a bit extra at the platform or the customer’s expense. In some cases, there are professional fraudster suppliers using stolen cards to place orders, or colluding with rings of fraudsters on the consumer side.

Solutions for diverse ecommerce fraud

Ravelin's AI-native solutions protect ecommerce companies from all these types of fraudsters and more. You can read more in Ravelin's solutions guide.