How Fraudsters Misuse and Abuse Marketplaces
Online marketplaces have experienced rapid growth throughout the COVID-19 pandemic and subsequent digital acceleration, offering both buyers and sellers a more convenient way to transact. But these two-sided marketplaces have their own unique risks and are known to be especially vulnerable to organized, multi-leveled content fraud.
During a recent webinar, Brittany Allen, Trust and Safety Architect at Sift, sat down with Alan Moss, Managing Director, Western Europe at Newland Payment Technology, and Merchant Payments Ecosystem to discuss the tactics fraudsters use to misuse and abuse marketplaces and how businesses can stay proactive.
Understanding two-sided fraud
Fraud is prevalent across nearly every business model, but each industry has its own distinct challenges and risks. Whereas one-sided businesses, such as traditional retailers, only experience fraud on the buyer side, two-sided models, such as marketplaces like Etsy and eBay, can encounter fraud from both buyer and seller accounts. This makes the challenge of fighting fraud on marketplaces even more complex—these businesses can face multiple forms of new account fraud, account takeover, and merchant impersonation. To help understand the various methods fraudsters enact to manipulate marketplaces, Allen breaks it down into three scenarios:
Fraudulent buyer: In this scenario, the fraudulent buyer could commit new account fraud using stolen credit card credentials, take over an existing trustworthy account through unauthorized access, or impersonate a merchant through a phishing scam via on-platform messaging or email.
Fraudulent seller: In the case of a fraudulent seller scenario, this could take the form of fake listings (also known as merchant fraud), misrepresented merchandise, or closed-loop fraud where a criminal controls both the buyer and seller accounts to avoid detection.
Everyone is trusted: The third scheme involves a trusted buyer and seller, who represent good business for the merchant, but a fraudulent third party. Depending on the industry, this could include a dubious driver or delivery person, an imposter website looking to bait customers from a trusted brand, identity theft scams hidden as employment ads, or triangulation fraud through a third-party marketplace.
Marketplace metrics
As marketplaces look to combat these varying types of fraud coming from multiple touchpoints, there are certain metrics that can help aid their defense and improve the trusted-user experience. It’s a good first step to monitor how many scam listings have been removed and spam messages have been hidden, but it’s even better to also reduce the visibility of this content abuse for trustworthy users as much as possible. These scammy fraud encounters are more pervasive and damaging than ever—data from our global network reveals that scams made up nearly 60% of the content abuse blocked by Sift during the first quarter of 2021.
When it comes to spam, marketplaces should not only aim to reduce the number of spam messages successfully sent, but to also reduce the amount of spam received by the most active users. These active users are oftentimes the most valuable for marketplaces, and thus some of the most important to retain.
“I was able to argue at one point for more attention and resources to stop spam on a marketplace platform when I proved the spammers were specifically messaging the most active sellers by sorting the listings on the marketplace by most recent and then starting their spam bot from there,” said Allen. “So if you were one of the best sellers and were posting the most items, you got the most spam and you were therefore punished for being the best revenue generator.”
Allen’s example illustrates just how critical it is to prioritize reducing spam and scams on marketplaces—not only to reduce fraud, but to also create a better experience for valuable, trusted users. In fact, according to a Sift consumer survey, more than half of consumers would stop shopping at a business and leave for a competing merchant if they discovered malicious content on a brand’s website.
Proactive vs. reactive approaches
While some businesses react to fraud once it’s already happened, taking the whack-a-mole approach, this strategy can lead to financial losses, resource-strapped teams, and failure to prevent the same type of fraud from occurring again. Allen emphasizes why businesses must take proactive approaches to combat fraud, explaining that “the damage is impossible to recall or reverse if your system is not set up to handle it.”
For example, phishing emails cannot be unsent, fraudulent charges to a trusted user’s account may not be reversible, and large-scale, closed-loop attacks orchestrated by click farms could cause irreparable damage. This is where a holistic solution comes into play—leveraging the power of machine learning to digest high volumes of data and pinpoint patterns that can accurately detect fraudulent behavior.
At Sift, our Digital Trust & Safety approach strategically aligns risk and revenue decisions. It powers Dynamic Friction—the ability to optimize user experiences based on risk—so you can stop suspicious actions across the user journey and deliver seamless experiences for trusted users. Verification by Sift gives businesses an easy way to add multi-factor authentication for highest-risk logins, as well as no-code security notifications, so you can prevent fraud, delight trusted users, and improve trust in your brand.
To get more insights on two-sided marketplace fraud and how a Digital Trust & Safety approach can help, check out the full webinar.
