Staying Ahead Of First-Party Fraud & Abuse

Uploaded on 2025-03-28 in NEWS-Cybersecurity News, GOVERNMENT-Law Enforcement, FREE TO VIEW

Ecommerce fraud is undergoing a fundamental shift. While payments fraud has long been the dominant concern for retailers and payment providers, a more complex threat is emerging; first-party fraud and abuse.

This type of fraud, which involves consumers exploiting chargebacks, returns, and refund policies for personal gain, is now driving a significant portion of online retail losses.

New data highlights the severity of this trend. Ecommerce fraud surged by 20% in the past year alone, amounting to over £56 million in reported losses - up from £47 million the previous year.

This growth is being driven, not just by financial pressures on consumers, but by a rise in professional fraud-as-a-service operations, which make it easier than ever for bad actors to exploit online transactions.

The shift towards first-party fraud is partly due to worsening economic conditions. With inflation and the cost-of-living crisis continuing to put pressure on consumers, some are resorting to fraud to ease financial strain. However, it is no longer just individuals engaging in opportunistic refund abuse. Organised fraudsters are now offering sophisticated services that help customers claim refunds fraudulently in exchange for a cut of the money, allowing fraud to be carried out at scale. This has created a grey area where seemingly legitimate refund requests are, in fact, highly coordinated fraudulent operations.

The Evolution Of Fraud Tactics

At the same time, fraud tactics are becoming more advanced. Cybercriminals are exploiting vulnerabilities at multiple stages of the online purchasing journey, from manipulating shipping details to using AI-driven phishing attacks to compromise customer accounts. We are seeing a rise in address and IP spoofing, where fraudsters mask their locations using mobile proxies or breached banking credentials to evade detection. In some cases, fraud rings are placing over 100,000 fraudulent orders in rapid succession, overwhelming merchants and making it difficult to distinguish genuine purchases from fraudulent activity.

Returns and refund fraud, in particular, has become a major challenge for online retailers. While many merchants have already tightened their policies in response to increasing abuse, fraudsters have quickly adapted. Some are creating fake tracking details and counterfeit return labels to trigger refunds without ever returning the item. Others are working with insiders at logistics companies to falsely mark packages as lost or damaged, forcing retailers to issue refunds that should never have been approved. The growing popularity of social commerce, where goods are sold through platforms like Instagram and TikTok, is making it even easier for fraudsters to exploit loopholes in fulfillment and delivery processes.

Strengthening Fraud Prevention Strategies

Retailers need to take urgent action to address this escalating threat. Investing in more sophisticated fraud prevention technologies is essential, particularly solutions that use link analysis to track behavioural patterns and identify repeat offenders. By monitoring transactional data across multiple accounts, merchants can spot connections between fraudulent users based on shared IP addresses, devices, or purchase histories, helping to flag and block suspicious activity before it causes financial damage.

Moreover, tightening refund and return verification processes will be critical, however adding too much friction could incur resentment from loyal customers.

Many retailers are already implementing stricter evidence requirements, such as requiring photo proof for faulty items or leveraging advanced tracking systems to verify lost shipments. However, to further mitigate return fraud and reduce customer frustration, businesses are increasingly turning to machine learning and behavioral analytics to identify patterns associated with serial returners. By analysing purchase histories, return frequencies, and discrepancies in claims, retailers can differentiate between genuine customers and those exploiting return policies.

This data-driven approach allows for more targeted fraud prevention while maintaining a seamless experience for legitimate shoppers.

Looking ahead, social commerce fraud prevention will become an increasingly important focus. With ecommerce sales through social media platforms expected to reach $1.2 trillion globally by the end of 2025, fraudsters will continue shifting their tactics to exploit these channels. Behavioural data from social platforms could help verify transaction legitimacy, adding another layer of security for merchants looking to combat first-party fraud and abuse.

The reality is that fraudsters will always evolve their methods to stay one step ahead. For retailers, the key to long-term resilience is taking a proactive approach to fraud prevention.

By investing in advanced fraud detection, refining policies, and strengthening intelligence-sharing efforts, merchants can better protect themselves from the growing threat of first-party fraud - before it becomes an even bigger financial liability. The time to act is now.

Xavier Sheikrojan is Senior Risk Intelligence Manager at Signifyd

Image: Lima Santos

You Might Also Read: 

New Exploits & Examples Of Online Fraud:

« Rethinking The Role Of Penetration Testing
Half of Employees Use Shadow AI  »

CyberSecurity Jobsite
Check Point
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

Directory of Cyber Security Suppliers

Directory of Cyber Security Suppliers

Our Supplier Directory lists 8,000+ specialist cyber security service providers in 128 countries worldwide. IS YOUR ORGANISATION LISTED?

Snort

Snort

Snort is an open source intrusion prevention system capable of real-time traffic analysis and packet logging.

Organization for Security and Co-operation in Europe (OSCE)

Organization for Security and Co-operation in Europe (OSCE)

OSCE is the world's largest security-oriented intergovernmental organization. Areas of activity include Cyber/ICT security.

Brainwave GRC

Brainwave GRC

Brainwave GRC is a leading European software provider focused on Identity Analytics and intelligence to strengthen IT security and compliance.

Copenhagen FinTech

Copenhagen FinTech

Copenhagen FinTech is a centre for R&D and innovation in the Danish finance IT sector. Focus areas include cyber security and payments platforms.

ZenMate

ZenMate

ZenMate is a Virtual Private Network services provider offering secure encrypted access to the internet.

Corvus Insurance

Corvus Insurance

Corvus' mission is to create a safer, more productive world through technology-enabled commercial insurance.

KeyXentic

KeyXentic

KeyXentic Inc. is a professional mobile and data security service provider. We are devoted to design convenient and strong security for user’s data protection and privacy without any compromise.

Sequoia Capital

Sequoia Capital

Sequoia Capital is a venture capital firm focused mainly on technology. We partner both with young companies finding their stride and established ones looking for growth.

Pioneer Search

Pioneer Search

Pioneer Search is a UK based Technology & Change, Electronics Engineering, Cyber Security & Cloud and Data & Analytics Employment Agency.

IT Acceleration

IT Acceleration

IT Acceleration is a full-service IT management and support, IT compliance and Digital Forensics company.

OSI Security

OSI Security

OSI Security's primary services include penetration testing, security auditing, web application security testing and risk management.

AB Handshake

AB Handshake

AB Handshake offers a game-changing solution for telecom service providers that eliminates fraud on inbound and outbound voice traffic.

ID North

ID North

ID North is a Nordic service provider offering identity security to its customers by providing world class expertise and best-in-class solutions and services.

Moore ClearComm

Moore ClearComm

Moore ClearComm is part of Moore Kingston Smith a leading UK firm of accountants and business advisers. Our services include Data Privacy, Cyber Security, Business Continuity and Information Security.

HADESS

HADESS

We are "Hadess", a group of cyber security experts and white hat hackers.

Uptime Institute

Uptime Institute

Uptime Institute is an unbiased advisory organization focused on improving the performance, efficiency, and reliability of business critical infrastructure.