The holiday season is not only a boon for retailers and shoppers, it also presents an enticing opportunity for fraudsters. The surge in online traffic and transactions during this time serves as a smokescreen for malicious behavior, allowing bad actors to capitalize on the frenzy and increase their revenue through fraudulent activities.
During the Black Friday and Cyber Monday week in 2022, the deals and offers available drew a surge of traffic, with LexisNexis® Digital Identity Network® recording a 36% increase globally in payment transactions compared to the rest of the year. Consumers showed a preference for making payments via mobile, with 78% of global payment transactions coming from mobile devices.
“When we look at the extended holiday period, we always see a significant increase in the number of daily ecommerce transactions during this period compared to a regular day earlier in the year. This increase is generally stronger in the US compared to Europe.” said Dr. Stephen Topliss, vice president of Fraud and Identity Market Planning at LexisNexis® Risk Solutions.
Indeed, consumers in North America were more willing to spend, driving a 62% increase in online ecommerce payment transactions observed in Digital Identity Network® throughout the holiday season starting from Thanksgiving and up to the 31st of December 2022 compared to the rest of the year. European consumers proved more restrained with their spending, increasing their online ecommerce payment transactions by 27% during the same period. Nevertheless, more than half of all UK adults (53%) said the rise in the cost of living makes them keener to seek a bargain, according to a 2022 study, which might make them more inclined to shop during the sales.
Fraudsters from across the world also take part in the holiday shopping spree. Notable increases in fraudulent activities during the 2022 holiday season originated from various locations, the top regions for fraudulent activities being the United States, Vietnam, Brazil, Germany and Mexico, according to data from Digital Identity Network. This surge in cross-border attacks underscores the increasingly international nature of ecommerce fraud, posing challenges and risks to both consumers and businesses across the globe during the holiday shopping season.
The most common types of fraud attacks against ecommerce businesses globally during the holiday season in 2022 were account takeover, bonus abuse, third-party chargeback fraud and synthetic identity theft, based on data from Digital Identity Network. Here are some patterns that can indicate fraudulent activity:
Spikes in Account Registrations: Fraudsters may create synthetic identities to open numerous accounts in a short span and use these for other fraudulent activities such as bonus abuse. Sudden spikes in account registrations, especially with disposable or suspicious email addresses, could indicate fraudster involvement. The highest ecommerce attack rate globally observed in Digital Identity Network during the 2022 holiday season was at new account opening (NAO), with an attack rate of 6.5%. For every 100 new accounts opened at a merchant globally, on average 6 or 7 were flagged as likely being fraudulent.
Multiple Failed Login Attempts: Fraudsters attempt to gain unauthorized access to customer accounts by repeatedly trying different login credentials. A sudden influx of failed login attempts within a short timeframe may indicate such activity. At login, the global ecommerce attack rate observed in Digital Identity Network during the 2022 holiday season was 1.8%. This relatively low attack rate represents a significant threat because of the outsized role logins play in the consumer journey. Furthermore, it is where account takeover attacks can start to happen.
Fraudulent Change of Details: Password reset events remain a high-risk consumer touch point. If a fraudster gains unauthorized access to an account, they might change the password to prevent the legitimate account holder from regaining control. The password reset attack rate was three times higher for ecommerce businesses during the 2022 holiday season compared to the rest of the year, according to data from Digital Identity Network. Fraudsters might also change email addresses and mobile numbers to ones they control to bypass security methods such as SMS one-time passwords.
High-Volume Transactions: Bots can conduct high-frequency transactions, making multiple purchases or inquiries in a short period. This could lead to an abnormal surge in transactions or unusually high volume in a short time. At the payments touchpoint, the global ecommerce attack rate observed in Digital Identity Network during the 2022 holiday season was 2%. More so, the average shopping cart transaction value rejected as high risk or fraudulent over the 2022 holiday season was 80% higher than legitimate transactions. Fraudsters load carts at higher amounts than legitimate consumers.
To help prevent ecommerce fraud during the holiday season, businesses need to be able to tie together a 360-degree view of consumers across digital, physical and behavioral dimensions. By leveraging the intelligence from all available channels, as well as from different industries using a global repository of intelligence, businesses can become better prepared to tackle both complex fraud and seasonal fraudulent events that could put legitimate consumers at risk.
Our consortium capabilities allow LexisNexis® Risk Solutions customers to share information to collectively fight fraud within the boundaries of data privacy regulations. This layer complements an organization’s local intelligence and the global shared intelligence harnessed through LexisNexis® Digital Identity Network®, allowing organizations to make more accurate risk decisions and enhancing protection against fraud.
Legitimate consumer behavior changes during the holiday season. Expect an increase in orders and higher transaction amounts too. Anticipate changes in shipping addresses and mismatches between billing and shipping addresses as more consumers send out gifts. Align risk engine rules and models to account for seasonal behavioral shifts to minimize friction for genuine customers changing their usual purchase habits.
The substantial surge in transaction volumes is likely to keep fraud management teams busier than usual, significantly reducing the available time for manual order reviews. Strengthen your back office team. As your order volume increases, you will likely need a solid team to check those risky orders without impacting your delivery timeline.
Retailers that elevate their fraud prevention strategy to account for seasonal fraud will be better prepared to tackle holiday-related fraudulent activities while ensuring a positive shopping experience for legitimate consumers.
Transform human interactions into actionable intelligence
Learn MoreGain the ability to recognize good, returning customers and weed out fraudsters, all in near real time
Learn MoreEmailage® is a proven risk scoring solution to verify consumer identities and protect against fraud
Learn MoreEnable cybersecurity and risk management through data science innovation and shared intelligence
Learn More