Refund fraud and promo abuse/fraud represented the most challenging fraud types for merchants and marketplaces throughout 2023 and Q1 2024. Following a surge in ecommerce transactions and in businesses looking to increase their revenues and retain clientele, fraudsters have discovered new ways to draw illicit funds and obtain goods.
Refund abuse, return abuse, or refund fraud represents the action of a customer requesting and receiving a refund for a purchase they claim is either incomplete, unsatisfactory, or inexistent. Taking advantage of lax return policies from some ecommerce merchants, customers ask for a refund for a series of reasons. According to the Ravelin Consumer Fraud Survey 2023, the cost-of-living crisis, the COVID-19 pandemic, unemployment, starting school/university, or a new family member represent the main triggers for consumer fraud in the UK, France, and Germany, Europe’s biggest ecommerce markets.
On the other hand, a recent survey from Sift claims that younger generations, such as Gen Z, are more willing to commit first-party fraud, even when the product they ordered is delivered in perfect shape. The younger the consumer, the more likely they will dispute an order and claim back their money, even after receiving the items. Thus, 42% of Gen Z will engage in first-party fraud, while only 22% of Millennials and 10% of Gen X will do the same.
According to the 2024 Global Ecommerce Payments & Fraud Report released by the Merchant Risk Council (MRC), refund/policy abuse surged in North America and Europe, especially for SMEs and mid-market merchants. In the Asia-Pacific area, the same type of fraudulent activity ranked second, while Latin America continues to handle more cases of card testing, phishing, identity theft, and account takeover (ATO).
It is interesting to explore the months during which refund and promo abuse surge, especially in the world’s biggest ecommerce markets. Consultancy company Reid suggests that January might be retailers’ Achiles’ heel, with plenty of customers willing to get refunds or exchanges for unused holiday gifts. The National Retail Federation in the US claims that customers have returned USD 816 billion in merchandise (or approximately 17% of goods sold) in 2022 alone. And, while many of these returns and requests for refunds are legitimate, January also looks like a good month for fraudsters to try their luck online.
At the same time, Riskified suggests that each fraud type has its season, with gift card fraud, for example, seeing spikes around Christmas, Valentine’s Day, and Mother’s Day. Ecommerce fraud is more likely to see an increase in chargebacks after the holiday season, while policy abuse, including refunds, returns, resellers, and promo fraud, fastens in the summertime.
But why do light policy abusers and fraudsters tend to become more malicious during the hot summer months? An interesting survey conducted by the Massachusetts Mutual Life Insurance Company (MassMutual) showed that customers in the US spent an average of USD 765 more per month in 2021 compared to the same time in 2020. Thus, the answer is simple – people experience a ‘fear of missing out’ and tend to make up for as much daylight time as possible by having a more active social life – which requires new outfits for parties, dinners, vacations, festivals, tools to work around the house, or new camping accessories. This translates into hectic shopping behaviour, with customers trying to work around returns and refund policies to make the most bang for their buck. However, most of these summer fraud perpetrators are not abusers making a living off scamming merchants but rather average customers who want to shop more and still have enough cash for vacations and experiences.
Not all customers requesting a refund are bad actors but some abuse merchants’ light policies. In June 2024, the US Attorney’s Office unmasked the case of five sisters who exploited a merchant’s system for quick returns, stealing more than USD 1 million over the course of two years. The sisters ordered multiple shipments weekly from a victim company, often using several different accounts and asking for refunds, sometimes even before their orders arrived. The refund was processed quickly and a return credit was issued within two hours via email.
However, the sisters never mailed the merchandise back but, instead, travelled to the merchant’s in-store locations across several states (including Arizona, Colorado, California, Florida, Michigan, and Nevada) to return the merchandise for a second refund.
Big retailers are often the targets, as they are keen on providing lax return policies for low-value orders to retain and increase their customer base. This was also the case for Amazon, where a fraud ring operated at an Amazon call centre in India to make millions off fake returns. An organised crime group named REKK allegedly logged fake returns in the merchant’s systems so buyers could keep high-value merchandise, such as Apple products, and still get a refund. Using social engineering techniques, phishing attacks, and even bribing Amazon employees, the group even offered a paid service to shoppers willing to exploit the company’s return system vulnerabilities. REKK even advertised its services in a private Telegram channel with over 30,000 followers, offering packages of different values for people willing to try their luck in the professional scamming life.
However, channels like the one from REKK are popping up more often over the dark web and Telegram, an app known for its end-to-end encryption messages that represent a haven for criminals and terrorists. Noir’s Luxury Refunds and Refunds by Santa are other Telegram channels whose members provide fraud-as-a-service packages, starting for as little as USD 999. Interested customers do not only receive mentorship; in exchange for each successful scam, they must pay a percentage of the product price to the leaders of the group. Noir’s Luxury Refunds channel operated between 2020-2022 and had around 6,000 members. A group member was prosecuted and pled guilty to participating in a fraud conspiracy in March 2024.
The practice of abusing a merchant’s promotional policy is also known as promo abuse and refers to four main aspects – exploiting discounts, stacking codes, creating fake accounts, and using bots. Often enough, specialised fraudsters use a combination of these traits that can also be linked to other types of fraud such as carding and ATO.
Individuals or groups misuse promotional codes and discounts intended for specific purposes to purchase goods at a better price and later resell the items for a higher price, obtaining a profit. Combining multiple promotions or discounts is also known as stacking codes, and represents a popular technique used by many, even unintentional, fraudsters. Similarly, during big sale days (such as Black Friday, Cyber Monday, or any other private sale held by a merchant), fraudsters use automated software programmes designed to rapidly purchase discount items or redeem promotions that will be later used with the same scope – to be resold for a higher value.
At the same time, refund abuse can be divided between false claims, item switching, or multiple returns, each with the scope of scamming the merchant and not sending the purchased merchandise back after receiving an order. In these cases, customers often falsely report faulty or missing items from an order or even choose to return a different item instead of the one bought to receive a refund. Item switching is often encountered by luxury product merchants and resellers, where the customer returns a low-quality version of the product or even a counterfeit item for a refund while keeping the original item.
In the US alone, refund fraud cost merchants up to USD 101 billion in 2023, quickly becoming one of the most expensive types of fraud in ecommerce. However, apart from the direct financial losses of e-merchants, companies may also have brand reputation impacted negatively, and customers lost. If not treated correctly and promptly, customer loss leads to an even bigger revenue loss. At the same time, refund fraud also puts a toll on customer service and internal fraud investigation teams, as they may face an increased workload and even operational disruption.
Finally, merchants that face high fraudulent return rates will be less inclined to offer promotions or discounts in the future, which may negatively impact customers, especially during the current global economic climate.
The main struggle of fraud departments is to accurately distinguish between cases of first-party misuse (unintentional purchases), casual refunders (also known as wardrobers), and professional refunders (usually part of a fraud ring or a criminal organisation). Fraud analysts must pay attention to several behavioural patterns from online consumers, including former orders, and analyse previous purchases to identify fraudsters.
Usually, the process follows three steps:
Data analysis: during this stage, fraud analysts track purchase patterns, refund requests, and customer behaviour to identify potential fraud;
Verification processes: in this stage, fraud teams implement verification measures to confirm a customer’s identity and prevent the creation of multi-accounts;
Fraud detection software: Utilising advanced software which integrates machine learning (ML) and artificial intelligence (AI), fraud teams can detect unusual activities and identify potential fraudsters.
For merchants to stop the cycle of abuse and deter fraudsters at their door, they must first identify the type of customer they are handling. Based on the characteristics above, opportunistic fraudsters, wardrobers, and serial fraudsters who are part of fraud rings have different modus operandi. Therefore, a deep dive into their client history may reveal several red flags.
In the case of opportunistic fraudsters, setting clear policies and consequences (i.e. sending reminders via email or app notifications) will mainly make customers follow rules about refunds, and lower the rate of returns. At the same time, making unlimited returns an earned benefit could not only drive customer loyalty but also keep potential opportunistic fraudsters away.
Some merchants also require an affidavit of non-receipt or make a client sign a document claiming they did not receive the package/ do not want a certain item from their order. Finally, implementing stronger ‘know your customer’ (KYC) requirements in the return flow will make it harder for opportunistic fraudsters to ask for refunds, which, most likely, will keep them away from your business.
Keeping up with the current cost of living and things isn’t easy for many of us, but some take it to another level, wearing expensive clothing once and then returning it for a full refund. Merchants must allow this if tags are untouched, but this practice puts a toll on their business, costing them millions of dollars per year in shipping, cleaning, and restocking warehouses.
The first step in deterring wardrobers is to send email warnings and notifications to seize their actions. This is a clever way of saying your fraud team has detected a pattern and that customer is flagged. Repeated offences can lead to banning the customer from your platform.
Another way to fight against wardrobers is to limit them from requesting a refund for some reasons if you notice those are heavily used in their purchase history. Similarly, you could choose to block certain payment methods (usually abused to pay for expensive items that will most likely be returned), such as BNPL. This will force bad-intentioned customers to pay for the product upfront, which will at least make them think twice. Finally, offering store credit instead of cash refunds will keep many wardrobers off your platform since their end goal is to wear an item without paying for it.
Fighting organised fraud rings and criminal organisations looking to prey on lax merchant policies is a long-lasting process that involves deploying high-end anti-fraud solutions and technologies. However, relying solely on AI and ML for automation and identifying fraud might not always catch the bad guys. Thus, manual reviews are preferred whenever certain accounts are being flagged.
Another tip is to look for the reason for one’s return and identify patterns that might be associated with fraudulent activities in the long run (lost packages, missing items from order, empty boxes, etc.). At the same time, fraudsters are known for using multiple, connecting accounts to benefit from promotional codes/discounts/free shipping, so due diligence and stricter KYC policies must be implemented.
Finally, professional fraudsters spend plenty of time perfecting their attacks and social engineering techniques to identify weak links in the customer service department, including using ChatGPT prompts to make their texts and reasons for return more plausible. Constantly training your fraud experts and customer care teams will make your brand less vulnerable against organised fraud rings and fraudsters.
Balancing a customer-oriented internal policy regarding returns and refunds while also staying ahead of fraudsters is a struggle for most merchants. Forced by the current economic situation or not, most customers are looking into ways to work around refund policies or to receive several perks when shopping online. Thus, merchants must ensure they constantly train their fraud teams to detect suspicious shopping behaviour and prevent fraud at the door. By accurately disseminating between opportunistic fraudsters and those who make a living out of scamming and deploying state-of-the-art technologies fuelled by ML and AI, merchants can prevent refund fraud and minimise their return rates without impacting their reputation or business.
This editorial piece was first published in The Paypers' Fraud Prevention in Ecommerce Report 2024-2025, the ultimate source of knowledge that taps into the ever-evolving fraud realm and helps ecommerce specialists protect their businesses with the latest fraud prevention strategies.
Irina is a Senior Editor at The Paypers, specialising in fraud and online payments. Leveraging her Ph. D. in Economics and a strong economic academic background, she constantly observes new developments in tech, innovation, and regulation, educating the audience about trends in fraud prevention, chargebacks, scams, social engineering, digital identity, GenAI, and ecommerce. You can reach out to her via LinkedIn or email at irina@thepaypers.com.
Every day we send out a free e-mail with the most important headlines of the last 24 hours.
Subscribe now