Light Dark
April 27, 2017 By Mark Samuels 2 min read

Retail fraud continues to rise, and there is significant growth in online attacks across all sectors. Forter’s “2016 Fraud Attack Index” showed a 69.9 percent rise in attacks against apparel websites and goods. Luxury goods were also targeted, with an average fraud rate of $5.91 at risk out of $100 of sales.

The report, created in collaboration with the Merchant Risk Council, highlighted the continued presence of retail fraud as well as the shifted priorities and techniques of attackers. Retail IT decision-makers should pay attention to attack trends and consider ways to respond.

Understanding the Rise in Retail Fraud

Overall, 2016 saw a moderate increase of 8.9 percent for online fraud attacks from January to December. But there was also a 79 percent year-over-year increase in fraud risk for domestic holiday orders during Q4.

Forter suggested the rise in domestic online attacks and card-not-present (CNP) fraud is significant but unsurprising. U.S. fraudsters have moved online following the October 2015 adoption of Europay, MasterCard and Visa (EMV) cards, a move that made it harder to copy physical cards.

Michael Reitblat, CEO of Forter, suggested that the significant growth in fraud attack rates in the apparel industry might also be related to EMV adoption. Fraudsters who have recently joined the online criminal ranks might be sticking to a sector they understand, he said in a press release.

Detailing Other Report Trends

However, this rising trend doesn’t seem to be entirely universal: The fraud attack rate for international markets dropped by 13 percent compared to 2015. Forter researchers described this fall as a surprise, since international orders were found to be 62.4 percent riskier than domestic ones throughout 2016. They attributed the drop to a growth in genuine international orders rather a fall in fraud.

In the online service payment sector, researchers highlighted a 131 percent rise in account takeover (ATO). Specifically, there was a shift to online payment ATO, drawing away from attempts to break into accounts on retailers’ websites.

The research also provided statistics on the frequency of retail fraud attacks in a range of key verticals, including:

  • Travel and hospitality (33 percent decrease);
  • Luxury (8.4 percent decrease);
  • Electronics (1.8 percent decrease);
  • Digital goods (22.6 percent decrease); and
  • Food and beverages (49.8 percent increase).

Fraud prevention firm Verifi told CSO Online that every $1 stolen costs retailers an additional $3.08 in lost time, services or merchandise. The crime doesn’t just hit retailers financially, but throughout multiple departments in an organization.

Finding Ways to Respond Effectively

Retailers must find the right balance between fraud coverage and strong defense strategies that might be too restrictive and alienate customers. It is crucial for retail organizations to understand attack trends and make the necessary security investments.

These organizations should aim for a customizable technological platform that allows for the fine-tuning of fraud mitigation according to market and attack patterns. Merchants and issuers should also consider ways to share information that can help resolve fraud claims easily in the event that a breach does occur.

 |  |  |  |  |  | 
Mark Samuels
Tech Journalist

More from

April 29, 2024

The major hardware flaw in Apple M-series chips

3 min read - The “need for speed” is having a negative impact on many Mac users right now.The Apple M-series chips, which are designed to deliver more consistent and faster performance than the Intel processors used in the past, have a vulnerability that can expose cryptographic keys, leading an attacker to reveal encrypted data. This critical security flaw, known as GoFetch, exploits a vulnerability found in the M-chips data memory-dependent prefetcher (DMP).DMP’s benefits and vulnerabilitiesDMP predicts memory addresses that the code is most…

April 25, 2024

NIST’s role in the global tech race against AI

4 min read - Last year, the United States Secretary of Commerce announced that the National Institute of Standards and Technology (NIST) has been put in charge of launching a new public working group on artificial intelligence (AI) that will build on the success of the NIST AI Risk Management Framework to address this rapidly advancing technology.However, recent budget cuts at NIST, along with a lack of strategy implementation, have called into question the agency’s ability to lead this critical effort. Ultimately, the success…

April 24, 2024

Researchers develop malicious AI ‘worm’ targeting generative AI systems

2 min read - Researchers have created a new, never-seen-before kind of malware they call the "Morris II" worm, which uses popular AI services to spread itself, infect new systems and steal data. The name references the original Morris computer worm that wreaked havoc on the internet in 1988.The worm demonstrates the potential dangers of AI security threats and creates a new urgency around securing AI models.New worm utilizes adversarial self-replicating promptThe researchers from Cornell Tech, the Israel Institute of Technology and Intuit, used what’s…

Topic updates

 Get email updates and stay ahead of the latest threats to the security landscape, thought leadership and research.
Subscribe today
© 2024 IBM Contact Privacy Terms of use Accessibility Cookie Preferences
Sponsored by si-icon-eightbarfeature