Staying Ahead Of First-Party Fraud & Abuse

Uploaded on 2025-03-28 in NEWS-Cybersecurity News, GOVERNMENT-Law Enforcement, FREE TO VIEW

Ecommerce fraud is undergoing a fundamental shift. While payments fraud has long been the dominant concern for retailers and payment providers, a more complex threat is emerging; first-party fraud and abuse.

This type of fraud, which involves consumers exploiting chargebacks, returns, and refund policies for personal gain, is now driving a significant portion of online retail losses.

New data highlights the severity of this trend. Ecommerce fraud surged by 20% in the past year alone, amounting to over £56 million in reported losses - up from £47 million the previous year.

This growth is being driven, not just by financial pressures on consumers, but by a rise in professional fraud-as-a-service operations, which make it easier than ever for bad actors to exploit online transactions.

The shift towards first-party fraud is partly due to worsening economic conditions. With inflation and the cost-of-living crisis continuing to put pressure on consumers, some are resorting to fraud to ease financial strain. However, it is no longer just individuals engaging in opportunistic refund abuse. Organised fraudsters are now offering sophisticated services that help customers claim refunds fraudulently in exchange for a cut of the money, allowing fraud to be carried out at scale. This has created a grey area where seemingly legitimate refund requests are, in fact, highly coordinated fraudulent operations.

The Evolution Of Fraud Tactics

At the same time, fraud tactics are becoming more advanced. Cybercriminals are exploiting vulnerabilities at multiple stages of the online purchasing journey, from manipulating shipping details to using AI-driven phishing attacks to compromise customer accounts. We are seeing a rise in address and IP spoofing, where fraudsters mask their locations using mobile proxies or breached banking credentials to evade detection. In some cases, fraud rings are placing over 100,000 fraudulent orders in rapid succession, overwhelming merchants and making it difficult to distinguish genuine purchases from fraudulent activity.

Returns and refund fraud, in particular, has become a major challenge for online retailers. While many merchants have already tightened their policies in response to increasing abuse, fraudsters have quickly adapted. Some are creating fake tracking details and counterfeit return labels to trigger refunds without ever returning the item. Others are working with insiders at logistics companies to falsely mark packages as lost or damaged, forcing retailers to issue refunds that should never have been approved. The growing popularity of social commerce, where goods are sold through platforms like Instagram and TikTok, is making it even easier for fraudsters to exploit loopholes in fulfillment and delivery processes.

Strengthening Fraud Prevention Strategies

Retailers need to take urgent action to address this escalating threat. Investing in more sophisticated fraud prevention technologies is essential, particularly solutions that use link analysis to track behavioural patterns and identify repeat offenders. By monitoring transactional data across multiple accounts, merchants can spot connections between fraudulent users based on shared IP addresses, devices, or purchase histories, helping to flag and block suspicious activity before it causes financial damage.

Moreover, tightening refund and return verification processes will be critical, however adding too much friction could incur resentment from loyal customers.

Many retailers are already implementing stricter evidence requirements, such as requiring photo proof for faulty items or leveraging advanced tracking systems to verify lost shipments. However, to further mitigate return fraud and reduce customer frustration, businesses are increasingly turning to machine learning and behavioral analytics to identify patterns associated with serial returners. By analysing purchase histories, return frequencies, and discrepancies in claims, retailers can differentiate between genuine customers and those exploiting return policies.

This data-driven approach allows for more targeted fraud prevention while maintaining a seamless experience for legitimate shoppers.

Looking ahead, social commerce fraud prevention will become an increasingly important focus. With ecommerce sales through social media platforms expected to reach $1.2 trillion globally by the end of 2025, fraudsters will continue shifting their tactics to exploit these channels. Behavioural data from social platforms could help verify transaction legitimacy, adding another layer of security for merchants looking to combat first-party fraud and abuse.

The reality is that fraudsters will always evolve their methods to stay one step ahead. For retailers, the key to long-term resilience is taking a proactive approach to fraud prevention.

By investing in advanced fraud detection, refining policies, and strengthening intelligence-sharing efforts, merchants can better protect themselves from the growing threat of first-party fraud - before it becomes an even bigger financial liability. The time to act is now.

Xavier Sheikrojan is Senior Risk Intelligence Manager at Signifyd

Image: Lima Santos

You Might Also Read: 

New Exploits & Examples Of Online Fraud:

« Rethinking The Role Of Penetration Testing
Half of Employees Use Shadow AI  »

Infosecurity Europe
CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

The PC Support Group

The PC Support Group

A partnership with The PC Support Group delivers improved productivity, reduced costs and protects your business through exceptional IT, telecoms and cybersecurity services.

Directory of Cyber Security Suppliers

Directory of Cyber Security Suppliers

Our Supplier Directory lists 8,000+ specialist cyber security service providers in 128 countries worldwide. IS YOUR ORGANISATION LISTED?

ObserveIT

ObserveIT

ObserveIT helps companies identify & eliminate insider threats. Visually monitor & quickly investigate with our easy-deploy user activity monitoring solution.

Kroll

Kroll

Kroll provides clients a way to build, protect and maximize value through our differentiated financial and risk advisory and intelligence.

Assured Information Security (AIS)

Assured Information Security (AIS)

AIS is committed to providing our customers with critical information security products, services, and training. We support diverse needs throughout business and industry.

Exabeam

Exabeam

Exabeam is a global cybersecurity leader that delivers AI-driven security operations.

Nullcon

Nullcon

Nullcon provides an integrated platform for exchanging information on the latest attack vectors, zero-day vulnerabilities and unknown threats.

ANIS

ANIS

ANIS represents the interests of Romanian IT companies and supports the development of the software and services industry.

GreyNoise Intelligence

GreyNoise Intelligence

GreyNoise Intelligence is a cyber security company that collects, labels, and analyzes Internet-wide scan and attack data.

MicroSec

MicroSec

MicroSec is a company specializing in IoT security. We focus on bringing enterprise grade security to IoT and embedded systems.

Acmetek Global Solutions

Acmetek Global Solutions

Acmetek is a Global Distributor and a Trusted Advisor of PKI /IOT & SSL Security Products and a Managed Services Company.

PCS Security (PCSS)

PCS Security (PCSS)

PCS Security provides secure, reliable and state-of-the-art security solutions to help our customers address their security concerns.

Chartered Institute of Information Security (CIISec)

Chartered Institute of Information Security (CIISec)

CIISec is dedicated to helping individuals and organisations develop capability and competency in cyber security.

Artjoker

Artjoker

Artjoker is a full cycle software development partner specialized in Blockchain projects and smart contract development including full cycle information security of all projects.

Akamai Technologies

Akamai Technologies

Akamai's leading security, compute, and delivery solutions are helping global companies make life better for billions of people, billions of times a day.

c0c0n

c0c0n

c0c0n is the longest running conferences in the area of Information Security and Hacking, in India.

Silobreaker

Silobreaker

Silobreaker is a SaaS platform that enables threat intelligence teams to produce high-quality and relevant intelligence at a faster pace.

Endari

Endari

Endari specializes in building cybersecurity maturity within the operational DNA of early-stage startups and SMBs.