Refund Fraud-as-a-Service ads on Hacker Forums increase by 60 per cent

Cybercrime’s continued shift to a service-driven economy has enabled several new professionalised hacking services with Refund Fraud-as-a-Service being one of the latest to rise in popularity over the last few years. This is according to Netacea’s latest threat report which researched rising trends across a multitude of hacking forums.

Refund fraud is the abuse of refund policies for financial gain and costs eCommerce businesses more than US$25 billion every year. Those interested in committing refund fraud can outsource the process to professional social engineers offering Refund-as-a-Service. This poses a significant challenge to retailers, as previously legitimate customers can enlist highly experienced fraudsters to perpetrate this fraud on their behalf, making it difficult to identify fraudulent activity. As online shopping continues its upward trend, professional fraudsters will look to cash in on the opportunity. Netacea’s research also found:

• Over 540 new refund fraud service adverts were identified in the first three quarters of 2022
• Refund fraud services increased by almost 150 per cent from 2019 – 2021

Netacea’s report explores the current structure of the underground Refund-as-a-Service market, the changing tactics and methods used by adversarial groups to perform refund fraud and how threat intelligence and fraud teams can work collaboratively to effectively combat it.

“As shown in the rise of ransomware-as-a-service attacks, cybercriminals have shifted to a service-based economy — and refund fraud is no exception” said Cyril Noel-Tagoe, principal security researcher, Netacea. “As we approach Black Friday and the holiday season, eCommerce stores should take the necessary steps to reduce their risk of refund fraud including educating employees on the methods and tactics fraudsters take.”

Additional steps include:

1. Delivery carriers should replace or complement signatures with one-time passwords to prevent refund fraudsters from claiming that packages did not arrive.
2. eCommerce stores and delivery carriers should work together to look for patterns in their data sets that may indicate fraudulent activity.
3. Reputation is power in the underground market. In the instance that an eCommerce store identifies the claim to be fraudulent after a refund payment has been made, the store should rebill the customer’s account. An influx of rebill complaints from customers may cause the refund fraud service to drop the retailer from their store list, to avoid negative reviews.