Published: November 6, 2023
Reading time: 7 minute read
Written by: Forter Team

Online marketplaces lose billions every year to fraud, and in recent months, an increasingly larger portion of those losses have been due to identity-based fraud. Fraudsters love targeting online marketplaces because they have two types of accounts to play with: buyer and seller. Fraudsters can target buyer and seller accounts individually or leverage both accounts simultaneously for more complex fraud and significant potential profit.

Identity-Based Fraud Trends in Online Marketplaces

Online marketplaces have seen a rapid rise in fraud attempts focusing on accounts. Bad actors target marketplace accounts in several ways:

Account Takeover (ATO)

If you work in the trust and safety team for an online marketplace, you’ve likely noticed a dramatic increase in account takeover (ATO) attempts. ATO attempts targeting digital commerce sites have become more frequent:

  • ATO attempts as a portion of fraud increased 79% YoY from 2021-2022.
  • ATO-driven fraud pressure remained steady at about 4-5%, but new bursts of ATO attempts led to a 3X jump in normal fraud levels in Q2FY22.

Another interesting trend is fraudsters increasing their use of bots for ATO. In the first quarter of 2022, 7% of ATO attempts involved bots and scripts. By the end of Q2 2022, however, fraudsters increased their use of bots to almost 11% (a more than 50% increase!)

Most bad actors will use bots for two primary purposes. One is to rapidly test stolen credit card numbers (more about this shortly). The second is hoarding items from drop sales by buying up limited stock. 40% of fraudulent activity related to ATO occurs within 24 hours, so marketplace trust and safety teams must act fast if they discover a compromised account. 

What do fraudsters do after taking over accounts?

Bad actors use buyer and seller accounts in different ways:

Buyer accounts

  • Card testing: Card testing is where a bad actor makes small purchases to see if stolen credit card numbers work. Many use bots and scripts to speed up the testing process. These small purchases often fly under the radar because many traditional fraud prevention systems assess them as low risk.
  • Access account balances: Fraudsters use bots and scripts to take over accounts with balances that have the same value as cash, like gift cards and loyalty rewards. Most fraudsters will cash the funds or sell the points through a dark web marketplace.

Seller accounts

  • Withdraw seller funds: Marketplace sellers get paid when the marketplace transfers funds to their bank accounts. Fraudsters use ATO to access those funds, draining them before they get transferred to sellers’ bank accounts.
  • Change bank information: Once a bad actor takes over a seller’s account, they could change the seller’s bank information so that deposits from future sales go to a different bank account. This is also a place where personally identifiable information (PII) can be stolen for use in other places.

While ATO attacks against marketplaces have increased significantly, many fraudsters skip ATO, creating fake accounts instead.  

Fake Account Creation

Fake marketplace accounts can happen in two ways:

  • A fraudster uses a fake name and credentials, posing as a legitimate buyer or seller, to create a new account. Most fraudsters create many fake identities to create new fake accounts.
  • An existing user already in a retailer ’s customer base creates additional accounts.

The number of fake online marketplace accounts continues to rise:

  • About 4% of account signups were attempts to create duplicate accounts. A small group of bad actors perpetuates most of this type of fraud.

What do fraudsters do with fake accounts?

Bad actors create fake buyer accounts and fake seller accounts for different purposes.

Buyer accounts

  • Various fraud: Fraudsters use fake buyer accounts for various fraudulent activities, such as card testing and triangulation fraud. Triangulation fraud is complicated and typically involves three parties and stolen credit card numbers. We explain this fraud in more detail in this blog post
  • Policy abuses: Policy abusers create fake buyer accounts to exploit discount offers like coupons and promotions. They abuse these offers in different ways, and may have been blocked before with another account. For example, they might stack coupons to get items for free or at a considerable discount or reuse single-use coupons.

Seller accounts

  • Fake storefronts: Some fraudsters create phony accounts to set up fake storefronts. A bad actor creates the storefront, accepts orders, and doesn’t fulfill them. The online marketplace usually sees an increase in “item not received” (INR) chargebacks because of these fake stores.
  • Regain marketplace access: Some sellers get blocked from online marketplaces for various reasons. A blocked seller might create a fake account to regain access to the marketplace.

Fake Account Reviews

Bad actors who have created fake storefronts will use fake reviews to make their storefronts appear more legitimate. Also, online marketplace sellers face intense competition, so some turn to fake reviews to gain a competitive advantage. Recent surveys show that 95% of consumers look at reviews before they purchase a product, and 58% say they would pay more for the products of brands with good reviews.

Typically, the seller will pay individuals or groups not affiliated with the marketplace to create fake positive reviews for their store. The persons or groups will create multiple accounts to make low-dollar transactions with the seller, leaving good reviews for each one. 

A recent analysis of a marketplace in Forter’s network found that: 

  • 9.2% of all accounts were duplicate accounts. 
  • Of those opening multiple accounts, 8% had four or more accounts.

Most types of identity-based fraud target buyer or seller accounts individually. But some fraudsters leverage buyer and seller accounts simultaneously to commit more complex types of fraud.

Buyer-Seller Collusion

Buyer-seller collusion is where a seller and buyer conspire to create fake transactions on the online marketplace for money laundering or monetary theft. The buyer and seller either know each other or are the same person. For example, to launder money, the seller would list an item at a high price, and then the buyer would purchase it with illegally obtained funds. Once the transaction goes through, the seller would cash out the available funds, which are now safe to use.

Our primary research found that:

  • Buyer-seller collusion ranges from 3.6% to 24% of all fraud pressure, depending on the marketplace.
  • Marketplaces which don’t have physical goods/services may be more prone to buyer-seller collusion.

Other digital commerce businesses like quick-serve restaurants (QSRs) don’t have to worry about this type of identity-based fraud because they only have one type of account (buyer/customer).

The Impact of Identity-Based Fraud on Online Marketplaces

Do you know how identity-based fraud impacts your business? To figure that out, you need to understand the associated costs, which go beyond the fraud or abuse losses:

  • Cost of Abuse: Consider the cost of abuse. If your online marketplace offers a $10.00 coupon when new buyers create an account, you can quickly determine how much money you’ll lose for every new fake account. 
  • Cost of Friction: Many online marketplaces rely heavily on multi-factor authentication (MFA) to prevent bad actors from accessing existing buyer and seller accounts. However, a blanket approach leads to more buyers abandoning their carts. You should think about how friction impacts marketplace buyers.
  • Cost of Fraud: Fraudsters target buyer accounts because they store things of value, like gift card balances and payment methods. Consider the monetary value of items stored on these accounts and the total cost if fraudsters successfully take over many accounts through multiple ATO attacks.
    • Operational Cost: How many people do you need to manage fraud and abuse effectively? Do you still use a rules-based fraud prevention system that requires many manual reviews? You should look at the number of people involved in trust and safety and how you could free them up so they could work on solving other critical business problems.
    • Trust and Churn: What happens if your online marketplace platform gets hacked? A data breach will hurt your business in many ways. It damages your company’s reputation, causes some buyers and sellers to move to another marketplace, and hurts your bottom line. 
    • Regulatory Fines: Consider how much you stand to lose if your company has a severe data breach. You could face hefty fines from regulatory agencies like the SEC or FTC.

How You Can Fight Identity-Based Fraud Effectively in Real Time

Online marketplaces face more types of identity-based fraud than other digital commerce businesses because they have two types of accounts bad actors can exploit. Marketplaces need to identify bad actors at sign-in before they take over an account or create a new fake one — preventing them from financially damaging your users and your business.

By partnering with Forter, you get our Trust Platform, which includes our Identity Protection solution. Our solution:

  • Stops Account Takeovers: Forter Identity Protection detects ATO attempts in real-time at sign-in and other critical points before a transaction is initiated – including account profile modifications, loyalty point withdrawals, and transfers.
  • Blocks Fake Account Creation: Our solution understands the “who” behind a transaction and helps keep your platform secure by ensuring bad actors are blocked, and legitimate customers honor your account creation limits.
Forter Team on Fraud Prevention
7 minute read