Blog / Fraud trends , Refund abuse

FaaS: What is it and why is Fraud-as-a-Service trending?

What happens when fraudsters use social media to advertise their very particular set of skills? Fraud-as-a-service is on the rise, with 56% of companies hit – as high has 67% in some countries.

04 March 2024

FaaS: What is it and why is Fraud-as-a-Service trending?

Social factors have always had a huge impact on our buying habits. But smartphones and social networks have completely transformed the way customers shop. Your business can reach and influence a global audience just by logging into Instagram and Facebook. Unfortunately, so can fraudsters.

Social media sites and messaging apps have become promotional channels for professional fraudsters. These fraudsters for hire offer their shady skills to help genuine customers looking to get your products for less than they're worth. What's in it for them? A cut of the profits.

In the past, you’d have to venture onto the deep web to get this kind of service – but not any more. "All of this fraud-as-a service is right on the surface web and it is the cause of the majority of fraud on our network," as one fraud fighter said to Ravelin. So what does this mean for your business and what can you do to stop it?

What is fraud-as-a-service (FaaS)?

Fraud as a service is when a bad actor provides a service to your customers to enable fraudulent activity. Fraudsters use a range of criminal methods to make purchases on behalf of clients, who then pay them a fraction of the cost. This essentially works out as free money for the fraudster.

There are usually two actors at play: the skilled professional fraudster who makes a living committing fraud and the naive opportunist who wants a sneaky deal, but probably wouldn’t go out of their way to commit fraud themselves.

Some customers might not be completely aware of the illicit tactics used to get these steep discounts. But when the cost of living shoots up or money becomes tighter, a sly saving here or there becomes more appealing. And this is what fraudsters are banking on.

How popular is fraud-as-a-service?

Unfortunately, FaaS is incredibly popular, and increasing to rise. According to Ravelin's 2023 Fraud Survey, 56% of fraud analysts around the world have seen fraud-as-a-service schemes against their companies. Top of the list was Canada and Australia, where 67% and 66% of respondents noted FaaS as a type of fraud they have been hit with respectively.

Merchants across all industries are being hit. One fashion retail brand reports seeing fraudulent adverts offering 50-60% off their products. According to an online grocery retailer, “we were digging online and we found a couple of Facebook groups selling to customers, saying “you can get 50% off your groceries.”

And for food delivery businesses, the “pizza plug” is a well-known favorite for young people looking for a cheap bite. This is when a scammer uses stolen card credentials to place orders for popular food delivery services on behalf of the buyer. The buyer pays the fraudster, using a less-easy-to-trace-method such as a gift card, and they receive their food order directly. Ultimately, the delivery business or marketplace will receive chargeback requests from the legitimate cardholder's bank, or perhaps have the payment fall through in the first place.

What is the role of social media in FaaS?

Consumers are 71% more likely to make a purchase based on social media referrals. And almost 80% of consumers say a company’s social media posts impact their purchases. Clearly social media is a powerful marketing and sales tool. But what happens when the same tools are used by fraudsters to promote themselves?

Leading social media sites like Reddit, Twitter, TikTok and Snapchat are chock-full of these schemes. Fraud as a service is growing and becoming more readily available. As put by one fraud analyst, “TikTok is a cesspit of fraudsters. If you know what to look for, it's like a never-ending rabbit hole”.

These fraudsters are comfortably capitalizing on the reach of social media. This has meant that it is easier for the average customer to participate in fraud – knowingly or not.

refund abuse menu on Google Sheets - set up by fraudsters as advertising
A refund abuse menu on Google Sheets - set up by fraudsters as part of advertising their services.

What types of fraud are offered as a service?

Fraudsters use a variety of methods to get items for their customers that you’ll likely be familiar with, from payment fraud to refund and policy abuse.

  • Online payment fraud is a common one. Fraudsters use stolen credit cards to place orders or buy items, and then advertise their stolen wares online at a discount. The fraudster gets free cash, the customer gets an unbelievable deal, and the merchant gets hit with a loss one way or another.
  • Fraud as a service using account takeover is becoming increasingly popular, particularly on “aged” accounts. The outcome is similar to online payment fraud, except the fraudster places orders using an existing customer’s account. Shrewd fraudsters understand that they can take advantage of a loyal customer's good reputation. They face less friction and are less likely to have their order blocked.
  • Fraudsters can also use refund fraud as part of their FaaS schemes. One of the easiest ways to commit refund fraud is by taking over an established customer account. This is because the merchant is more likely to accept the refund. The fraudster can then make use of the money credited back to the account – “they place an order to one customer and they’ll get a refund to pay for their next customer’s order. They're only putting money up once and they’re getting loads back”.
  • Supplier fraud as a service is also a possibility in certain situations, though this would normally be when a specific person or company want to sabotage competitors. There are fraudsters for hire who would consider such an offer, though it would come at a significantly higher cost than the run-of-the-mill refund abuse schemes we mentioned above, for example.

What should merchants look out for?

Fraud as service is now a major contributor to growing online fraud and cybercrime. And this only gets worse as things get more expensive and fraudsters get more organized. Although they use techniques that you may be familiar with, the patterns may differ, so it can be hard to track and eliminate.

That said, there are a few patterns that you can keep an eye out for on your network, and utilize link analysis tools wherever possible. What happens a lot is that we see multiple accounts, loads of addresses but the same payment method – for example, a PayPal account. And that is the indicator.

This is because customers using these questionable services are often geographically spread out. If we look at a compromised food delivery account, a genuine customer will only have a couple locations that they get food sent to. But the account takeover fraudster might order food to several different addresses not unique to one location. Once the number of addresses exceeds the normal 3 or 4 maximum one would associate with genuine consumers, this is a clear sign that fraudsters are making purchases on behalf of customers.

What steps can you take to stop FaaS?

As a merchant looking to minimize the impact and success of FaaS schemes against you, there are a few moves you can make, which include adjusting your rulesets, purpose-train your ML and keeping track of developments online. Specifically:

  • Revisit your rules with account age conditions: You can’t assume that a customer is who they say they are. Fraudsters know that you don’t want to negatively impact the experience of a loyal customer, and are exploiting this. Keep an eye on changes to long standing accounts – don't let this be a point of entry!
  • Track social media: Are you tracking mentions of your business online? Intelligence gathering is a key piece of fraud detection and social media is a goldmine. It can be time consuming, but it’s worth incorporating into your processes.
  • Retrain your machine learning model: Fraudsters are fast and adaptable but fortunately, so is machine learning. But only if you keep feeding your models as much data as possible. When you do spot patterns, make sure you’re retraining your model with this new behavior. Machine learning is better than rules at stopping fraudsters before they’ve even placed their first order.
  • Stay alert: Don't take old behavior for granted – just because you haven’t noticed something yet, doesn't mean it isn't happening. So you'll want to stay alert as well as stay on top of fraud trends in general.

If FaaS is a particular pain point for your company, set up a call with the Ravelin team today, to talk you through the advanced machine learning, graph visualization and rule setting options of our solutions.

Related content