The secret tactic fraudsters are using to attack your business

Fraud is often described by the specific abuse type or tactic used by fraudsters – account takeover, payment fraud, malicious content – contributing to the notion that fraud vectors are siloed. But we now know that bad actors rarely stick to a single abuse type and, more often than not, employ a variety of tactics and commit varying types of fraud as both a springboard for, and a bridge between, other fraud types. We call this the Fraud Economy – the interconnected web of fraud and abuse types that fuel one another.

In analysing data from the Sift global network of more than 34,000 sites and applications for our most recent Digital Trust & Safety Index report, we discovered that a primary driver of the Fraud Economy is content abuse. Fraudsters are using digital content as a disguise for fake information, financial fraud, and phishing attacks. Taking place on forums, marketplaces, social media channels, and all across the web, cybercriminals launch spam and scam attacks to trick consumers into sharing sensitive information – later sold or used to steal rewards, store credit, or cash

Content abuse fuels the Fraud Economy

The egalitarian nature of the web and the lack of oversight on many platforms leaves consumers and businesses susceptible to attack. In fact, data from our global network reveals that scams made up nearly 60% of the abuse content blocked by Sift during the first quarter of 2021. And the average rate of fraudulent content blocked by Sift spiked dramatically between Q1 2019 and Q1 2020, increasing by 77% and then by another 18% in just the first quarter of 2021.

It pays to shut down content abuse

Content abuse may, at first glance, seem like less of an issue than payment fraud, but because of how it feeds all abuse types, it absolutely should be a priority for businesses. Many merchants depend on users to flag risky content, but that approach may not be enough to deter fraudsters. Businesses that fail to deploy safeguards against fraudulent content are contributing to their own financial losses. We surveyed 1,200+ consumers in May 2021 and found more than half of respondents would stop shopping at a business and leave for a competing merchant if they discovered malicious content on a brand’s website. Additionally, bad actors will continue exploiting vulnerabilities against a platform until the merchant takes a more proactive stance at detecting fraud.

Over one-third of respondents (34%) might still come around, but say they’d visit a scam-tainted site much less frequently. To put that in perspective: a single, successful scam on a merchant site could cost the potential profits of any immediate lost sales combined with those spurned shoppers’ CAC (customer acquisition costs), LTV (lifetime value), and chargebacks resulting from any payment fraud that occurs using information exposed by the scam.

Examine the entire customer journey

Fraudsters continue to adapt to changing market conditions and buying behaviour, rendering static and reactive approaches to fraud prevention unfit to support growing ecommerce businesses. To stay ahead, businesses need to look at the entire customer journey and get into the mindset that fraud isn’t siloed – it’s connected. Just because you get a handle on payment fraud doesn’t mean you have a handle on your entire fraud problem. Trust and safety teams need an end-to-end solution that considers all types of abuse – including spam and scams – that can surface incidents and stop attacks in real time, without gutting growth. 

About Jane Lee

Jane Lee is a Trust & Safety Architect at Sift, who specializes in spam, account/content abuse, and payments risk. Prior to joining Sift, she was on fraud teams at Facebook and Square, and also spent some time as a Private Investigator. She is passionate about designing and operationalising systems for detection and enforcement of fraud at scale. 

About Sift

Sift is the leader in Digital Trust & Safety, empowering digital disruptors to Fortune 500 companies to unlock new revenue without risk. Sift dynamically prevents fraud and abuse through industry-leading technology and expertise, an unrivaled global data network of 35 billion events per month, and a commitment to long-term customer partnerships.