What do you do when fraud comes from within?
But what if the fraudster works for a merchant (or was recently let go)? What then?
A former employee of a Brazilian retailer decided to "go over to the other side" and was able to take with him the details of an entire batch of cards. At first glance, one might say this is just another case of fraud.
A person intending to commit fraud working inside a retail organization has a good idea of how the fraud area works and the weaknesses he or she can exploit.
In this particular case, the person was aware that several orders with the same delivery address would raise suspicion (even if made under different identities), so he started inserting symbols and abbreviations to thwart the visual checking tools.
ClearSale helped the merchant solve this problem (creating a system to standardize addresses). But then, the fraudster switched strategies (at least in Brazil people who commit fraud are very, very smart)... He started to switch the fields around, knowing that the data would make sense for whoever was delivering the package.
Some perpetrators are insistent and must be stopped numerous times before they actually give up. Our device fingerprint technology and our dynamic, easily updated statistical model, together with a team of experts in quickly and efficiently detecting online attacks allowed us to stop the fraudster's efforts and the merchant avoided losses of around US$ 5 million (in this particular case almost 1% of the annual revenue).
It will never be enough to deploy a single tool to stop an attack of this level. What makes the difference is having the right set of tools available and, even more important, knowing how to use them in the best possible way so that fraudsters know that your business is protected.
When the issue is Account Takeover, cases such as this one merely reinforce the importance of keeping security policies constantly up-to-date and an open mind, as fraud comes in many shapes and forms.