Knowing how to stop return fraud is critical as customers shift from shopping in-store to using eCommerce platforms. More users buying more products and services online means more issues and complaints. To keep them coming back and buying more, return policies have to be aligned with customer expectations. In most cases, that means getting their money back as quickly and easily as possible.
However, there is not enough time to do due diligence on every customer complaint. Unfortunately, fraudsters know this and take advantage of companies prioritizing the customer. Because of that, merchants who try to prevent fraud while providing exceptional customer experiences often end up not knowing how to stop return fraud.
This is why the cost to merchants of return fraud is currently estimated to be over $25 billion. And the problem is only getting worse.
How do fraudsters commit return fraud?
Fraudsters’ return fraud methods began very simply but have now grown to be exceptionally complex. So much so that they have enough confidence in the ability of their schemes to offer them as paid services and build their own “businesses” around them. These have been given the industry moniker of Fraud-as-a-Service.
The return fraud services offered by bad actors can vary quite a bit. In relation to refunds, they will either coach an individual on how to obtain one through fraudulent means or reach out to the company on behalf of the customer and get it for them. Where there is the need to do so, this is sometimes done through the customer’s own account.
Fraudsters will also use and abuse lax refund and return policies on their own fake accounts for different modus operandi.
They will use them to try and extend the life of accounts using stolen credit card credentials or those that have been taken over by placing one order with compromised details and get it refunded to the account in credit to continue ordering. In many cases, doing so will allow their return fraud operations to go undetected for longer periods of time. They’ve even been observed having the refunds put back to the stolen card in hopes that the balance remaining the same will keep those owners who do not look at their transaction histories from discovering them.
Some triangulation fraudsters have developed an interesting means of financing their own offerings using prepaid cards. They know that most merchants look at payment fraud and still consider card details to be their point of prevention. They will load a prepaid card with funds and use them to place orders for their own clients. They will get consecutive refunds back in credits or gift cards to keep ordering without spending anything more. If they get caught, they rinse and repeat, committing more return fraud by using a new account with the same prepaid card for their first order. If the card gets flagged or stopped, they load the balance of funds that are left onto a new prepaid card, replacing what has been spent from a float that they keep and start all over again with more return fraud via a new account.
Example of return fraud and refund abuse
Much of the same is done with refunds received through fraudulent return processes, but the methods to receive the refunds are even more conniving.
The first I will mention, and their easiest to accomplish, are Item Not Received or Order Not Delivered claims. In these situations, be it a genuine or fraudulent customer, there would be nothing to return in the first place. If there is no concrete proof to the contrary that shows the items were actually delivered they get their refund. Bad actors keep an ear to the ground and eye to the sky to find out who ships through which delivery companies and they research which do not have a confirmation of receipt process, which have the weakest, and what their dispute policies–anything that makes it easy to exploit the refund process and commit return fraud.
Perpetrators of this kind of return fraud/refund abuse scam have been known to ship back empty boxes, packages containing different items and even not sending anything at all by using doctored shipping labels and other methods. They will make it look like everything is in order but that it is just taking too long and, often, when things are sent through, customer service will have a record of a receipt scan that shows something came in without the receiving bay having had time to go through the package. If nothing was sent they have some form of shipping label and claim it must have been lost while en route back to the supplier. There will always be something and it will always lean and lend to them getting their refunds processed.
The fraudulent refund claims that pass through customer service do not always arise from such methods. It’s not always a professional con-person behind the activity. It could be a genuine customer who has turned “bad” for whatever reason. It could be just one instance or it could be several with obvious malicious intent. Regardless, the task of preventing them without affecting the experiences of legitimate customers falls to us.
The difference between return fraud and refund abuse
There’s a difference between refund abuse and return fraud when it comes to definiting it. With return fraud, one fraudulent claim should be enough upon confirmation, especially once a dummied return package is opened. With refund abuse and the inability to confirm many details around a claim, merchants have to determine and decide at what point a customer becomes an abuser and should be actioned. They can create multiple criteria for as many different situations as they see fit.
To determine a criteria for refund abuse, look at when a customer becomes bad for business. It is not always just about value. Velocity plays a role within and outside of that, too. Constant complaints can lead to profit, brand and reputational damage from both the public and your partners. Look at the elements of an order’s completion details and their relationship to the complaint to see if there is anything you should consider as part of your condemning criteria or that should be omitted as exceptions. Be as micro as possible to limit the actioning of customers you don’t want to have affected. The criteria that you come up with can be used on one account or across the combined histories of many that share any account details you might wish to use, like billing and delivery address. You can be market specific based on what is observed where.
If there are key indicators and trends that come to light, you can always create criteria that are specific to them with different values and/or velocities. You can change criteria at any time. You can truly do whatever works best for your company.
With return fraud, the same criteria creation from above can be applied to returns, especially across the activities of newly created accounts but there are some limitations without solid data enrichment. You will lose address as a give-and-go offense. Return fraudsters are known to use dropship addresses and freight forwarders. These can be used by legitimate customers, as well. Without knowing if an address is one of these types of locations or not, addresses cannot be used on their own. I can suggest that these establishments, once confirmed, be monitored and that exceptions are made to specific locations being included if they do not show any genuine order/refund claims over a period of time based on rates and activities observed in the area.
Once you have demonstrated this is happening and determined what criteria you are going to use, decide upon an action and make it live if you can. You do not want to sit and allow this activity to continue through whatever window of opportunity may be left open between the timing of the activity happening and your ability to have accounts actioned.
How to stop return fraud without harming the customer experience
As with all attempts to stop fraud while still providing exceptional customer experiences, both of these types of fraud require you to limit the amount of friction that is faced by genuine users while keeping necessary ones in place.
Limit the use of photo verification that they may have to partake in. There is no point in having a customer send any photos for item not received nor incorrect item claims. There would be no opportunity for a photo from the first and all too easy to defraud with the second. However, damaged item claims would benefit from photo enforcement. Fraudsters will attempt to submit online pics of damaged items but reverse image searches are available to help determine the validity of some submitted photos. Outside of that, most photo proof should come from packing, shipping and delivery providers. Since return fraud may happen at any of those points, as well, they are not always definitive proof but can be used as such or as one prong of your approach.
Validate customer details at account creation so that you have good data to work with in the first place. Use data enrichments that can determine use of VOIP and online SMS services if you are able. If you’re not going to do so, you could force a 2FA challenge upon refund request or limit to those of suspicion. If they created their account with fake details, in most cases, they would no longer have access to the fake phone number upon the account and, in some cases, the same for the email address they had used. Make sure your device and payment fingerprinting is accurate. Standardise address input or, at least, how it is housed for use. You need to be able to use the information that you have. If you have bad account details, you will have bad results.
For return fraud and refund abuse, you have to draw the data and do the work. If your company is victim to any of these schemes, you’ll probably be amazed at your findings and the amount of savings you will be able to generate.
This article was contributed by Shawn Colpitts, Senior Fraud Investigator at Just Eat Takeaway.com