Share the article
Subscribe for updates
Sardine needs the contact information you provide to us to contact you about our products and services.
Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.

How to Detect Marketplace Fraud: Key Strategies

Marketplaces have unique fraud nuances compared to traditional e-commerce. They bring together buyers and sellers and often offer incentives to create this double-sided market. Hiding in the cracks between buyer, seller, or both is how fraudsters have turned marketplaces into one of the most complex fraud challenges to manage.

Marketplace fraud creates losses in the form of revenue leakage, customer churn, and skyrocketing chargeback volume. One study found that up to 1/3rd of Facebook marketplace ads could be scams. Marketplaces must find new ways to drive fraudsters off their platform without driving good users away.

This tackling series discusses the key types of fraud and how best to manage them.

Buyer vs. Seller Fraud in the Marketplace

Marketplace fraud can be boiled down into three main types: seller fraud, buyer fraud, and buyer-seller collusion.

  • Seller fraud example: A scammer creates a fake listing, sells a counterfeit product, lists a product, collects funds, and never ships the goods. 
  • Buyer fraud example: A deceitful shopper might try to buy items with a stolen credit card or gift card number, engage in chargeback fraud, or abuse promotional offers. 
  • Buyer-seller collusion example: Both parties work together to add fake reviews or buy goods with stolen cards. Collusion fraud is often also a form of money laundering. 

The buyer and seller can technically be two different people working together or the same person working both accounts. 

These types of fraud erode trust in online marketplaces and highlight the ongoing need for vigilant security measures and consumer awareness.

8 types of marketplace fraud

Here are 8 common examples of marketplace fraud that fraud prevention professionals need to have on their radar:

#1. Account takeovers (ATOs)

In marketplaces, one of the many reasons fraudsters seek personal information is to successfully engineer an account takeover. They can then use this information to open new accounts under a victim’s name or buy items with their credit card. 

ATO attempts have skyrocketed in recent years. According to one study, ATO attempts as a portion of fraud increased 79% between 2021 and 2022. Fraudsters are increasingly using bots to initiate ATO attempts, which speeds up this process. 

In our Tackling Account Takeovers guide we listed several techniques for detecting ATOs such as

  1. Monitoring unusual login activity, account changes, and anomalous user behavior. Utilize direct bot detection tools to identify logins originating from automated programs like Selenium or emulators like BlueStacks. Leverage network-based detection to monitor for suspicious login attempts originating from known proxies, VPNs, or IPs with a poor reputation.
  • Monitor for risky referral URLs: These could lead to phishing sites designed to steal login information. Invest in device intelligence solutions that can detect and block such attempts.

#2. New account fraud (onboarding fraud) 

Creating a new account is simple with stolen identities from the dark web, or privacy centric email domains such as protonmail. Attackers may even simply use fake names to pretend they are legitimate buyers or sellers so they can create a new account, if upfront identity checks are limited.

Sham accounts can be used to test credit card numbers, develop fake listings, or sell counterfeit products. This can increase the rate of “item not received” (INR) chargebacks. To scale the process, scammers might use bots.

  • Data reputation: Check the reputation of the email or phone number supplied. If it was created recently, this can be a high-risk indicator. 
  • Device reputation: Identify if the device shows high-risk indicators such as using VPNs, proxies or has emulators running. 
  • Add risk-based user screening: If any high-risk indicators come from more passive detection (like data and device), request further customer documentation to ensure they are legitimate buyers or sellers.

#3. Chargeback fraud (friendly fraud) 

When a buyer engages in chargeback fraud, they use their valid payment information to make a purchase. After receiving the product or service, they then contest the transaction with their credit card company to obtain a refund. 

While many legitimate chargebacks serve as a standard consumer protection measure, many buyers exploit this system for free merchandise. The scale of this type of fraud can be astounding: In one example, 4,000 users created 137,000 fake accounts to abuse a discount code, which led to $14 million in annual losses.

In Tackling First Party fraud we discuss warning signs such as Customers frequently dispute charges across retailers or a high volume of chargebacks from the same customer. 

  • Card or account reputation: Use data consortia to identify any previous bad reputation at other financial institutions or merchants with this card.
  • Velocity checks: look out for disputes raised soon after delivery confirmation or disputing multiple transactions over a short period

#4. Non-delivery scams

This form of seller fraud emerged as a big problem during the pandemic when people reported record levels of unreceived goods for items they desperately needed, like facemasks, hand sanitizer, toilet paper, thermometers, and gloves. 

In non-delivery scams, the buyer pays for an item that never arrives at their doorstep. This continues to be a major problem today, particularly as generative AI makes it easier for scammers to develop convincing fake product descriptions that are free of spelling errors.

Key warning signs to look out for include high-value items with a lack of photos or images, a sudden spike in review activity, and long delivery time frames (e.g., 2 weeks), or high-demand items with unusually low prices.

  • Device data: A single device is creating multiple goods with similar characteristics across multiple accounts.
  • Behavior data: The user is showing a pattern of quickly creating listings with limited information or often copying and pasting.

#5. Fake listings

When a listing is too good to be true, it often is. If a high-value item is unusually cheap, this is a key warning sign. Fake listings are a major problem. In fact, they doubled on Facebook Marketplace in 2022. 

One example is apartment deposits. A fraudster posts pictures of high-value items like apartments, and if a potential renter expresses interest, the scammer requests money to secure the property with a partial deposit. Once the deposit is given, the listing (and the scammer) vanish.

  • Risk-based user screening: Sellers who display any high-risk indicator such as recently created accounts, that use recently created emails listing high-value items below market value can be key indicators
  • Monitor item reviews activity: A spike in reviews from the same devices with multiple user names can be a sign of fake reviews for a fake item.

#6. Fake reviews

Fraudsters create fake positive reviews to boost ratings or fake negative reviews to mislead people into visiting malware sites for counterfeit products. They use bots to commit product listing fraud by automatically generating a large number of fake product reviews from templates. These reviews enhance the visibility of fake product listings in online marketplaces.

  • Bot detection: Look for non-human behavior, scripts or emulators running on the user device 
  • Same user identification: Look for signals that a reviewer may be trying to hide their tracks and is actually the same user, such as proxy and VPN detection or similar device behavior patterns.

#7. Triangulation fraud

Triangulation fraud is where a customer makes a genuine purchase on a marketplace), but the product they receive was fraudulently purchased from a different retailer's website. The scammer acts as a secret middleman between purchases

  1. The buyer purchases an item from a fraudulent seller using a real credit card. 
  2. The fraudulent seller then uses a stolen card to make a purchase via a legitimate website. 
  3. The buyer receives their goods but the fraudster now has the money from the marketplace user, despite goods never having been shipped by the marketplace “seller”

Look for

  • Device, email, and mobile reputation: Many of the bad seller signals apply here. Also look for things like the same email being used for different accounts. Scammers often recycle data points.
  • Seller step-up verification: Where sellers demonstrate high-risk signals, require further information about the legitimacy of their business before allowing listings.

#8. Phishing scams

Phishing scams are common in online marketplaces and take a variety of forms. They not only impact buyers but sellers as well. For example, one freelance writer from Australia lost $1,000 because she gave away sensitive information via a phishing link while trying to sell a pair of boots. 

  • Monitor for risky referral URLs: These could lead to phishing sites designed to steal login information. Invest in device intelligence solutions that can detect and block such attempts.

Evolving fraud threats

Fraudsters can access cheap, increasingly sophisticated technology tools to steal identities and resources. 

  • Advanced bots: For example, APBs (advanced persistent bots) enable fraudsters to mask coordinated fraudulent activities as legitimate user transactions by copying human behavior and dispersing attacks across multiple IP addresses.
  • Generative AI: Fraudsters are also using generative AI to create authentic-looking and professional-looking ads on social media sites. Deep fakes are bound to become a major headache for fraud prevention professionals in the future. 
  • New Payment types: Innovations in Faster Payments, which generate the expectation that money will be available instantly, creates more opportunities for scammers to cheat people out of funds undetected. 

Marketplace fraud professionals need to detect activities like ATO at login  before the transaction starts. But all too often, they spend time battling false positives with manual processes, standard rules, and batch processes. 

They need a holistic view of behavior to proactively manage risks and stop scammers in their tracks. With the right insights into scammer behavior, mitigating risks and safeguarding online marketplaces from fraud is possible.

How Sardine can help stop fraud

  1. Device and Behavior risk screening: Sardine integrates device intelligence and behavior biometrics into a single, easy-to-integrate SDK, enabling the analysis of multiple touchpoints and interaction for suspicious activity to catch more fraud and prevent scams in progress. It helps identify who is creating accounts, logging in, and transacting on your platform, allowing you to recognize and protect your most trusted users while identifying stolen cards and compromised accounts to stop fraudulent payments and suspicious transactions without blocking legitimate ones.

  2. Identity Verification: During user onboarding, our tools authenticate users with document verification, biometric checks, real-time data validation, and deeper KYC if needed. We use a progressive approach to identity verification where we start with friction-less checks to provide a better experience to your good users, and only introduce step up verifications when a higher risk pattern or anomaly is detected.

  3. Transaction Monitoring: We continuously analyze transactions using rule-based systems, custom machine learning models, and real-time anomaly detection to detect suspicious activities. This allows for immediate action when potential fraud is detected. However, we also support traditional batch monitoring and queues to help compliance officers manage their AML program requirements.

  4. Data Enrichment: Sardine comes fully integrated with 40+ leading data providers for phone, email, network, geolocation, bank, card, credit bureau, and more. This saves significant development and integration resources, makes investigations easier because all your data is in one dashboard, and provides you with the most comprehensive view of user and transaction risk.

With deep customer due diligence incorporating device and behavior signals alongside identity verification, Sardine stops fraudulent users during onboarding and monitors those attempting to exploit the deep web. Real-time data across interactions is crucial for risk management, reducing fraud with automation. 

The end result? A decrease in false positives, fewer faster fraud investigations, and a reduction in the number of cases needing review. This allows more legitimate customers to open accounts – and bring more value to your organization.

Share the article
About the author
Simon Taylor
Head of Strategy and Content