New Info-Stealers Highlight Rising Fraud Risk For Retailers This Cyber Monday

Global fraud is the enemy of the digital retailer. It eats into margins, slashes profits and threatens to undermine hard-won customer loyalty. As online merchants gear up for the crucial holiday season sales period, there is reason to be concerned. Bad guys are adapting their tools and techniques all the time. Increasingly they may be relying not simply on identity information culled from large data breaches, but details stolen secretly from individual consumers. 

This mounting threat will require a more sophisticated response, via machine learning-powered fraud tools which can provide a holistic view of each customer. 

Under The Radar 

Data breaches are commonplace today. A brief look at some of the biggest breaches over recent years shows that billions of records have been compromised, often ending up for sale on dark web marketplaces.1 Fraudsters typically trawl these sites for crucial identity data and login credentials in order to carry out follow-on scams. But major breaches can set off alarm bells, especially if large numbers of users are involved. Another, more covert way to source identity information comes from info-stealing malware.

Researchers recently discovered a new strain dubbed “Raccoon.” It sells for as little as $175 and can be delivered via exploit kits and booby-trapped phishing emails to install secretly onto victims’ machines, where it hoovers up banking, card and other personal data. Most importantly, it’s offered “as-a-service,” meaning even fraudsters with little tech know-how can leverage the malware to monetize their efforts and cash out quickly. 

Armed And Ready 

From the fraudsters perspective this is ideal. It means that they’ve been able to cash in before the victim even realizes they’ve been hit. The bad news for the rest of us is that these kinds of tools are increasingly popular on the dark web. And the forthcoming holiday season offers the perfect cover for fraudulent transactions and account openings leveraging this stolen data.   

Retailers during this busy period may tweak fraud rules to prioritize sales over friction, and could also increase transaction limits to maximize profits. This offers more opportunities for malicious behavior. And with instant digital purchases, there’s no opportunity to pause and check transactions before delivery. Retailers may also encourage new account sign-ups with special promotions in the run-up to Black Friday and Cyber Monday – and fraudsters will be ready to capitalize.  

The Quest For Better 

So how can online merchants better prepare themselves for the coming deluge? After all, the sudden increase in customers over the coming weeks will provide the perfect cover for fraudulent transactions. The answer is to focus on data-centric tools like Simility’s Adaptive Decisioning Platform, that provide a holistic view of each customer to help support automated, accurate decision-making.  

We do this by taking in various data sources then allow your in-house analysts to write rules in plain English and test and deploy them within minutes. Machine learning models complete the picture, picking out hard-to-spot fraud patterns and evolving over time as scam techniques change.  

The Black Friday/Cyber Monday weekend heralds the start of a sales bonanza for online retailers. Don’t let it also be the most profitable time of the year for fraudsters. 

To learn more about how Simility’s Adaptive Decisioning Platform can help your business improve fraud detection accuracy to reduce customer friction this holiday season, schedule a demo now. 


1. Statista, https://www.statista.com/statistics/290525/cyber-crime-biggest-online-data-breaches-worldwide/

Michelle Strmiska

Michelle Strmiska

Michelle brings her wide expertise of online fraud prevention, digital identity management, device intelligence, machine learning and big data to the North America sales team at Simility. She protects enterprise organizations and combats fraud by tailoring offerings according to specific business needs.
Michelle Strmiska

Latest posts by Michelle Strmiska (see all)