Three’s a Crowd: Breaking Down Triangulation Fraud

We’ve seen cybercriminals get more savvy in their techniques to defraud people and businesses. From ATO to malware, their tactics are not only getting more sophisticated and sneaky, they’re also causing significant financial impact, with losses due to ecommerce fraud reaching an estimated $6.4 billion last year.

Lately, we’ve seen an increase in a different approach fraudsters are taking: triangulation fraud. While triangulation fraud isn’t new, it is something both retailers and consumers should be aware of as online shopping continues to boom. Let’s dig into this tactic, how it works, and how you (and your business) can avoid getting caught up in this activity.

Identifying the Main Players

There are three key players in the triangulation fraud scenario:
  1. The criminal who posts merchandise well below market value on a secondary marketplace such as an auction site.
  2. A customer who purchases the merchandise.
  3. The retailer who receives an order from the criminal paying with a stolen credit card.

How Triangulation Fraud Works

Let’s explore a common example of triangulation fraud.

A legitimate customer wants to buy a product – let’s say an insulated tumbler. They go online and find the item they want for sale on the typical retail site they use, but they decide to look for the product on other sites to see if there is a better price. The customer finds the tumbler on a trusted marketplace site for a cheaper price with free shipping – what a deal! They click ‘buy now’ and place the order, paying via PayPal.

Unbeknownst to the customer, they have actually purchased the product from a cybercriminal running a fake storefront. The fraudster receives their order through the marketplace, then goes to the legitimate retail site and places the order using the customer’s name and shipping address, along with stolen credit card information to pay for the item. The retailer fulfills the order, sending the tumbler to the customer.

In the end, the customer gets their tumbler, and the fraudster banks the money, but this is far from a win-win situation. 

Who Are the Victims?

When it comes to triangulation fraud, there are a few victims involved. First, the customer may seem like an innocent bystander in this situation, but ultimately they were unknowingly involved in fraudulent activity. So while they’re not necessarily to blame, they still got taken advantage of.

But we have to consider another victim and player in this scenario: the owner of the compromised credit card credentials. Their information is being used without their knowledge or consent, and is potentially available on the criminal underground. When they dispute the fraudulent charges made on their account, the retailer will be responsible for that chargeback.

That said, the retailers take on most of the loss in this situation. While the cybercriminal reaps the benefits of making money off these deals, the retailers are left “holding the bag” so to speak, with the financial burden of chargebacks as well as the loss of merchandise.

Tips to Mitigate Triangulation Fraud

If you are a consumer, consider the age-old saying, “If it’s too good to be true, it probably is!” If you come across an item for sale online that you think is a “steal,” it more than likely is. Be wary of goods that could potentially be counterfeit or stolen.

Also, when perusing marketplace sites, be sure to take into account the seller information before making a purchase – is this a seasoned seller with stellar reviews, or is this a new seller with little to no ratings? If it’s the latter, there’s a possibility you could be buying from a fraudster rather than a legitimate seller.

Merchants’ fraud monitoring can identify potential triangulation fraud by identifying:

    • Differences between bill-to and ship-to addresses
    • Device IDs and IP addresses that are not reputable
    • Velocity of orders from one bill-to address to various shipping addresses

The truth is that not all anti-fraud solutions will help mitigate triangulation fraud. The ability to distinguish between legitimate customers versus cybercriminals is the #1 need I hear when talking to my colleagues in ecommerce. 

That’s why we developed SpyCloud Identity Risk Engine. SpyCloud now provides ecommerce companies what no other anti-fraud and identity verification solutions can: actionable, predictive fraud risk assessments based on breach data and malware-stolen credentials, recaptured from the criminal underground – getting us closer to a true 360° view of consumers’ risk.

The ecommerce industry has seen a 140% increase in the volume of fraud attacks last year compared to pre-pandemic levels, and needs a new framework to get ahead of schemes such as triangulation fraud. With the ability to make fast, accurate fraud decisions with a higher degree of confidence using Identity Risk Engine, merchants can better discern legitimate customers from fraudsters, which reduces chargebacks, improves accuracy, and decreases manual reviews.

For more insights on how ecommerce companies can proactively address fraud, download Reducing Identity Fraud in Ecommerce.

Transforming recaptured data to protect your business.