Staying Ahead Of First-Party Fraud & Abuse

Uploaded on 2025-03-28 in NEWS-Cybersecurity News, GOVERNMENT-Law Enforcement, FREE TO VIEW

Ecommerce fraud is undergoing a fundamental shift. While payments fraud has long been the dominant concern for retailers and payment providers, a more complex threat is emerging; first-party fraud and abuse.

This type of fraud, which involves consumers exploiting chargebacks, returns, and refund policies for personal gain, is now driving a significant portion of online retail losses.

New data highlights the severity of this trend. Ecommerce fraud surged by 20% in the past year alone, amounting to over £56 million in reported losses - up from £47 million the previous year.

This growth is being driven, not just by financial pressures on consumers, but by a rise in professional fraud-as-a-service operations, which make it easier than ever for bad actors to exploit online transactions.

The shift towards first-party fraud is partly due to worsening economic conditions. With inflation and the cost-of-living crisis continuing to put pressure on consumers, some are resorting to fraud to ease financial strain. However, it is no longer just individuals engaging in opportunistic refund abuse. Organised fraudsters are now offering sophisticated services that help customers claim refunds fraudulently in exchange for a cut of the money, allowing fraud to be carried out at scale. This has created a grey area where seemingly legitimate refund requests are, in fact, highly coordinated fraudulent operations.

The Evolution Of Fraud Tactics

At the same time, fraud tactics are becoming more advanced. Cybercriminals are exploiting vulnerabilities at multiple stages of the online purchasing journey, from manipulating shipping details to using AI-driven phishing attacks to compromise customer accounts. We are seeing a rise in address and IP spoofing, where fraudsters mask their locations using mobile proxies or breached banking credentials to evade detection. In some cases, fraud rings are placing over 100,000 fraudulent orders in rapid succession, overwhelming merchants and making it difficult to distinguish genuine purchases from fraudulent activity.

Returns and refund fraud, in particular, has become a major challenge for online retailers. While many merchants have already tightened their policies in response to increasing abuse, fraudsters have quickly adapted. Some are creating fake tracking details and counterfeit return labels to trigger refunds without ever returning the item. Others are working with insiders at logistics companies to falsely mark packages as lost or damaged, forcing retailers to issue refunds that should never have been approved. The growing popularity of social commerce, where goods are sold through platforms like Instagram and TikTok, is making it even easier for fraudsters to exploit loopholes in fulfillment and delivery processes.

Strengthening Fraud Prevention Strategies

Retailers need to take urgent action to address this escalating threat. Investing in more sophisticated fraud prevention technologies is essential, particularly solutions that use link analysis to track behavioural patterns and identify repeat offenders. By monitoring transactional data across multiple accounts, merchants can spot connections between fraudulent users based on shared IP addresses, devices, or purchase histories, helping to flag and block suspicious activity before it causes financial damage.

Moreover, tightening refund and return verification processes will be critical, however adding too much friction could incur resentment from loyal customers.

Many retailers are already implementing stricter evidence requirements, such as requiring photo proof for faulty items or leveraging advanced tracking systems to verify lost shipments. However, to further mitigate return fraud and reduce customer frustration, businesses are increasingly turning to machine learning and behavioral analytics to identify patterns associated with serial returners. By analysing purchase histories, return frequencies, and discrepancies in claims, retailers can differentiate between genuine customers and those exploiting return policies.

This data-driven approach allows for more targeted fraud prevention while maintaining a seamless experience for legitimate shoppers.

Looking ahead, social commerce fraud prevention will become an increasingly important focus. With ecommerce sales through social media platforms expected to reach $1.2 trillion globally by the end of 2025, fraudsters will continue shifting their tactics to exploit these channels. Behavioural data from social platforms could help verify transaction legitimacy, adding another layer of security for merchants looking to combat first-party fraud and abuse.

The reality is that fraudsters will always evolve their methods to stay one step ahead. For retailers, the key to long-term resilience is taking a proactive approach to fraud prevention.

By investing in advanced fraud detection, refining policies, and strengthening intelligence-sharing efforts, merchants can better protect themselves from the growing threat of first-party fraud - before it becomes an even bigger financial liability. The time to act is now.

Xavier Sheikrojan is Senior Risk Intelligence Manager at Signifyd

Image: Lima Santos

You Might Also Read: 

New Exploits & Examples Of Online Fraud:

« Rethinking The Role Of Penetration Testing
Half of Employees Use Shadow AI  »

ManageEngine
CyberSecurity Jobsite
Check Point
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Directory of Cyber Security Suppliers

Directory of Cyber Security Suppliers

Our Supplier Directory lists 8,000+ specialist cyber security service providers in 128 countries worldwide. IS YOUR ORGANISATION LISTED?

Clayden Law

Clayden Law

Clayden Law advise global businesses that buy and sell technology products and services. We are experts in information technology, data privacy and cybersecurity law.

ManageEngine

ManageEngine

As the IT management division of Zoho Corporation, ManageEngine prioritizes flexible solutions that work for all businesses, regardless of size or budget.

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

Alvacomm

Alvacomm

Alvacomm offers holistic VIP cybersecurity services, providing comprehensive protection against cyber threats. Our solutions include risk assessment, threat detection, incident response.

SecureWorks

SecureWorks

SecureWorks provides intelligence-driven security solutions for organizations to prevent, detect, rapidly respond and predict cyberattacks.

AVR International

AVR International

AVR educate, advise, analyse and provide professional, technical consultancy and support to ensure your business is safe, compliant and protected.

Institute for Critical Infrastructure Technology (ICIT)

Institute for Critical Infrastructure Technology (ICIT)

ICIT is a leading cybersecurity think tank providing objective research, advisory, and education to legislative, commercial, and public-sector cybersecurity stakeholders.

Zeneth Technology Partners

Zeneth Technology Partners

Zeneth is a consulting firm providing information technology and cybersecurity services to federal and commercial clients.

RazorSecure

RazorSecure

RazorSecure offers products and services to enhance railway cyber security, by protecting and monitoring networks and key systems.

Gradiant

Gradiant

Gradiant’s mission is to contribute to the growth and competitive improvement of Galician businesses through technology development and innovation using ICT.

Advens

Advens

Advens is a company specializing in information security management. We provide Consultancy, Security Audits and Technology Solutions.

iQuila

iQuila

iQuila is a virtual overlay network which runs on top of an existing network. It creates a secure software enabled layer 2 connection across the internet or any public or private cloud.

SAP National Security Services (NS2)

SAP National Security Services (NS2)

SAP NS2 are dedicated to delivering the best of SAP innovation, from cloud to predictive analytics; machine learning to data fusion.

BlueHalo

BlueHalo

BlueHalo is purpose-built to provide industry capabilities in the domains of Space Superiority and Directed Energy, Missile Defense and C4ISR, and Cyber and Intelligence.

IGI Cybersecurity

IGI Cybersecurity

IGI Cybersecurity delivers people-driven cybersecurity for personalized, resilient cyber defense focused on individualized strategy and unshakeable partnership.

xdr.global

xdr.global

Xdr.global is a cybersecurity consulting firm, focused on promoting and aligning Extended Detection and Response (XDR) security solutions.

Eficens Systems

Eficens Systems

Eficens Systems is a global IT services and consulting company. We specialize in empowering businesses to harness the potential of Information Technology as a strategic asset.

Raito

Raito

Raito's unique solution integrates with the data development process and lets data teams monitor, manage, and automate data security across the data stack.

Hudson Rock

Hudson Rock

Hudson Rock’s products — Cavalier & Bayonet — are powered by our cybercrime database, composed of millions of machines compromised by Infostealers in global malware spreading campaigns.

SGS Brightsight

SGS Brightsight

SGS Brightsight is the largest independent security evaluation lab in the world, with ten recognised labs worldwide.