Download our Guide to Penetration Testing to learn everything you need to know to successfully plan, scope and execute your penetration testing projects
Fraud in the online retail industry is a persistent and evolving threat, impacting both buyers and sellers in various ways. However, there is a particular type of fraud that appears deceptively harmless at first glance. No one seems to get hurt, all sides benefit in some way. The fraud we're talking about is known as "triangulation fraud".
Online retailers can benefit through an increase in sales due to these fraudulent transactions and are not directly involved in the scam, however, they should be deeply concerned about triangulation fraud taking place on their platform. The long-term implications of such fraud can tarnish a retailer's reputation, leading to a loss of trust and credibility among consumers. Understanding and addressing triangulation fraud is essential for maintaining the integrity and reliability of online retail businesses.
Let's delve into what triangulation fraud is, and how you can protect your online retail platform and business.
Triangulation fraud is a type of online scam where a fraudster uses stolen credit card information to make purchases from legitimate online stores and sells the purchased goods to unsuspecting buyers, typically at a lower price than they cost. This type of fraud involves three key parties: the fraudster, the unsuspecting buyer, and the legitimate online store.
The unsuspecting buyer believes they are getting a good deal, while the legitimate online store can be left dealing with the chargeback when the real credit card owner disputes the transaction. Although sometimes a credit card issuer will simply issue an account credit for the amount you dispute to avoid the resource overhead required to contact the merchant and investigate the chargeback.
Let's examine the step-by-step process of triangulation fraud to understand better how the attacker sets up the scheme, baits buyers, and masks their own identity and location while using stolen credit cards for their own financial gain.
Step-by-Step Scenario: Selling Running Shoes
Step 1: Account Creation The fraudster creates multiple accounts on an online marketplace, using fake or stolen identities. They might use temporary email addresses and fake names to set up these accounts.
Step 2: Product Listing The fraudster lists a popular product, in our scenario, running shoes, at a discounted price on the marketplace. These listings attract buyers looking for a good deal.
Step 3: Attracting Buyers An unsuspecting buyer makes a purchase through the marketplace. They pay the fraudster directly, thinking they are buying from a legitimate seller.
Step 4: Using Stolen Credit Card Information Once the fraudster receives the payment from the unsuspecting buyer, they use stolen credit card information to purchase the running shoes from a different legitimate online store - hence completing the "triangle" in the name triangulation fraud. The fraudster provides the shipping address of the unsuspecting buyer for the delivery. This way the buyer will receive the goods as expected. Furthermore, the fraudster immediately withdraws the money paid by the unsuspecting buyer from the sales platform.
Step 5: Shipping the Product The legitimate online store processes the order and ships the running shoes to the address provided, which belongs to the unsuspecting buyer. The buyer receives the shoes and believes the transaction was successful and legitimate.
Step 6: Chargeback Initiation The legitimate cardholder notices the unauthorized transaction on their credit card statement and initiates a chargeback with their bank. The bank investigates the fraud and may or may not reverse the transaction depending on how much they stand to gain or lose.
Step 7: Loss for the Store or Bank Depending on whether the bank chooses to initiate a chargeback, either the online store is left without the payment for the shoes, or the bank absorbs the financial losses when the refund the credit card holder whose card was fraudulently charged. The fraudster can then repeat the process using new stolen credit card information or different accounts.
By understanding this process, online stores can implement specific security measures to detect and prevent triangulation fraud, protecting themselves and their customers from financial loss and identity theft.
In theory, everyone has incentive to passively accept the situation - everyone gets a good deal. Credit card insurance often absorbs the cost of fraudulent transactions on the victim's credit card. Combating triangulation fraud is also challenging to combat due to the structure and incentives of online sales platforms.
These platforms thrive on a continuous influx of new sellers to maintain a dynamic and competitive marketplace. As a result, they often implement lenient policies that make it relatively easy for individuals to create new seller accounts.
If you own or manage an online marketplace, here are some measures you can implement to help protect your business from triangulation fraud. These measures may be employed by online platforms being used as the bait platform or being used to forward goods to the unsuspecting buyer.
Require Robust Identity Verification: Implement stringent verification processes for sellers. By requiring government-issued ID before a seller can begin completing transactions, online platforms can gain a higher degree of assurance regarding the legitimacy of seller's authenticity.
Leverage Fraud Detection Solutions That Leverage Telemetry: Some fraud detection solutions leverage telemetry to identify scammer activity across multiple platforms by sharing data between them. Telemetry can include user behavior data (such as login patterns, transaction history, and browsing patterns), device information (like device type, device ID, and geolocation), network data (including IP address, network speed, and traffic patterns), transaction data (such as amount, frequency, and payment methods), historical data (including past fraud incidents and account changes), behavioral biometrics (like typing speed and mouse movements), contextual data (such as time of day and environmental factors), and communication patterns (including email and SMS usage and social media activity). When you are alerted to possible fraudulent activity you can suspend the seller's account until their activity can be verified as authentic.
Real-Time Transaction Monitoring: Monitor transactions in real time to detect unusual purchasing patterns or behaviors indicative of fraud. Additionally, prevent sellers from using technologies that help mask their identity, blocking known TOR network exit nodes, or blacklisting seller IP addresses by geolocation to ensure the legitimacy of transactions.
Account Takeover Prevention: Implement measures to prevent account takeovers, such as monitoring for unusual login attempts, employing Zero Trust authentication mechanisms for sensitive functions in the application, and requiring the use of multi-factor authentication (MFA) and providing mechanisms for quick account recovery.
Listen to Customer Feedback: Actively monitor and respond to customer feedback and reports of suspicious activity to quickly identify and address potential fraud cases.
Triangulation fraud is a deceptive scheme where fraudsters use stolen credit cards to buy goods from legitimate online stores and sell them to unsuspecting buyers. This fraud impacts both consumers and online retailers, leading to chargebacks and financial losses.
Combating this fraud is challenging due to lenient account creation policies on online platforms, which allow scammers to continuously create new accounts and evade detection. Understanding and implementing specific security measures is crucial for protecting online sales platforms from such fraudulent activities.
Ready to take the next step regarding proactive cybersecurity? Contact our team today.
Share your details, and a member of our team will be in touch soon.
Our Penetration Security Testing methodology is derived from the SANS Pentest Methodology, the MITRE ATT&CK framework, and the NIST SP800-115 to uncover security gaps.
Download MethodologyDownload our buyer’s guide to learn everything you need to know to successfully plan, scope and execute your penetration testing projects.
Download GuideFebruary 04 - Blog
Blackwood APT uses AiTM attacks that are set to target software updates. Is your organization prepared? Learn more in today's blog.
December 25 - Blog
It's official: Packetlabs has been recognized as one of the top penetration testing companies in 2024 on review platform Clutch.
December 10 - Blog
Hardware token protocols: what are they, and what role do they play in your organization's cybersecurity? In today's article, our ethical hackers outline the most common hardware token protocols.
© 2024 Packetlabs. All rights reserved.