Fraud Is More Than 'Fraud'
Alexander Hall
Trust and Safety Architect - Sift | Fraud Strategy Expert | Consultant | Fraud Team Trainer | Public Speaker
Many think that fraud begins and ends with the illegal use of a credit card. The word "Fraud" paints a picture of a criminal, sitting alone in a dark room, the only light coming from the monitor on the desk. The criminal scouring the dark web for stolen information to use on the next lick for a dramatic "come-up". Smirking when he stumbles across something really juicy like the SSN of a doctor or the credit card information of a real estate company.
Although this is a certainly a scene that plays out in the world, rarely does someone associate the other ways that companies trade items of value and are exploited, ultimately losing more than they were prepared to. In my next series of posts, I will be outlining some examples and covering how merchants can defend themselves against these dishonest practices.
Customer Complaint / Reward Exploits:
What it is:
In this environment of remote customer relations (E-Commerce), there is a lot that is left up to trust. Customer satisfaction is paramount, but runs the risk of detrimental affects. A customer looking to use this exploit, might have received your quality item or service, but now wishes to post a BBB complaint, review, or customer service ticket, stating the opposite, with the goal of replacement, reimbursement, or other item of value, in an effort to get "more than they paid for".
How it affects the company:
Big name companies, like Amazon and Zappos, offer what is practically "No-question product / order replacements or refunds" when customers report their dissatisfaction. This works out well enough for them, but for privately-held, developing, companies, this exploit could wreak havoc. Every sale is critical, every chargeback is a knife-wound, and every BBB-complaint stands to damage the credibility of the establishment.
How to strengthen your defense:
First, ensure that your fulfillment process is accurate, efficient, and documented.
Second, take responsibility when your are at fault, but empower your team to ask questions via email and otherwise to reach a concrete conclusion of what is due. Third, document "Trouble customers" and determine when enough is enough. If a customer has spent $2,500 with your company, but you have continuously issued replacements and refunds on good, quality items. Black list the customer. This is business, and you are not Amazon or Zappos.
Marketing Exploits:
What it is:
Marketing exploits occur when a marketing campaign, promoting a new item or service, is exploited by the consumer, resulting in higher losses than originally planned by the company.
Example: a company pays for ad space on a website, promoting a discount of 20% off an order for $50 worth of "Item A", one time use per customer, with a limited stock on "Item A" .
The company tracks the data after the campaign ends and see great results in the form of 100's of new customers. Great news! During the following months, the marketing team is tracking these new accounts for spending habits and cart uses, to find that many have not been logged into. They discover that the same name was used for multiple accounts, along with the same billing address, and variables of the same email address.
A single customer made multiple accounts on their site, using this one-time use discount. This happened several times by several different customers.
5 orders, utilizing the discount code, equals at least $50 over the total of at least $250.00, and the stock for "Item A" is sold out! The ratio stays the same on a superficial level. The company didn't experience additional losses financially.... or did they?
How it affects the company:
The company intended to reach NEW customers, each customer with an unlimited potential for spending. When tracking the data regarding the campaign, they now have to work to exclude these false positives, which costs payroll for time processing, and the ROI was clearly lessened by the use of this exploit.
How to strengthen your defense:
Ensure that your marketing manager is aware of the weaknesses of the campaigns that they run. For example, with Shopify, E-Commerce stores can filter new customers by phone number. Use this feature to your advantage, and request that an account be verified via text message using any of the free third-party systems available. Emails are easy to find and create. Phone numbers are many times more difficult and will serve to limit your company's exposure to marketing exploits such as these.
Policy Exploits:
What it is:
After a decade of working with companies of all sizes, shapes, colors and industries, I have seen that the most exploited policies are Return Policies. Time and time again, companies are going to war regarding a loosely-termed policy or down right lying by the customer. I have seen vaping hardware be returned with a shipping label matching the weight of the product, only for the CS team to find dirt and rocks in a ziplock bag. I have seen wholesale orders, valued at $1,000s, returned on pallets, and upon review of their orders, the items were never even purchased from us. I have seen entire portions of warehouses, with packages from 3 years prior, with no order number, customer information and irrelevant info on the shipping label.
How it Affects the Company:
The most notable cost in processing all of these examples of Return Policy Exploits was the cost of manhours to attempt to process these returns, but with no end in sight. Hours and hours and hours searching for who these returns came from, why they were here, and if the reason justified a return in the first place.
The cost of materials for unjustified returns that were sent and CAN be processed is unquestionably high, and then you have to take into account all of the shipping costs that are absorbed by the company shipping around all of these items.
Over a short period of time, this can cost the company much more than they were prepared to spend, not to mention the obscene amount of chargebacks that can come from high-volume operations.
How to strengthen your defense:
Clearly state in your policies, both before and after purchase, along with the receipt or order confirmation email, EXACTLY what your specific return policy is. I'll lay out several guidelines here that I have seen applied in E-Commerce successfully over the years:
1. All requests for returns must be approved by a customer service agent
2. Approved returns must be sent in with a shipping label provided by
3. Order number must be visible on the box / container
4. Any unapproved returns that are received will be discarded.
We hope that you found this article useful. Whether your company has never considered a fraud prevention strategy or if you would like to consider an third-party analysis, contact us today and get started by scheduling a 30-minute strategy call with Dispute Defense Consulting.
https://calendly.com/alexander-ddc/30min