Fraud target selection: How fraudsters choose ecommerce and mobile targets
Matt Vega and Will Megson
Today I am talking about fraud target selection and what happens when you stop looking only at the fraud event itself and start asking why a fraudster chose that merchant, that platform, that app, or that exact moment in the first place. Because that is really the issue here. Fraud is not random nearly as often as people want to believe. A lot of the time, attackers are making choices based on what looks easiest to exploit, hardest to detect, or most likely to pay off quickly.
In this episode of Fraudology, I sit down with Matt Vega and Will Megson, the hosts of The Fraud Technology Podcast, for a very fraud-nerd conversation about ecommerce fraud, mobile fraud, and the patterns we all keep seeing from different vantage points. We get into how online fraudsters are selecting their ecommerce and mobile targets, what kinds of fraud industry observations stand out when three people with different perspectives compare notes, and why fraud teams are so often labeled inside organizations as “sales prevention” or “sales fighters.”
And this matters. Because fraud target selection tells you a lot about the attacker, but it also tells you a lot about the weaknesses they think they see in your business. If fraudsters keep choosing certain merchants, channels, or workflows, that is useful intelligence. It means something in the environment is signaling opportunity. It also means fraud prevention culture, fraud team perception, and internal organization dynamics may matter more than a lot of companies realize.
Here is what that fraud lens means in practice:
- Fraud target selection often reflects attacker judgment about friction, visibility, and payoff
- Ecommerce fraud targeting and mobile fraud targets reveal where fraudsters think controls are weakest or easiest to bypass
- Fraudster behavior becomes easier to understand when teams study attack criteria, not just loss outcomes
- Fraud team perception inside a company can shape how well the business responds to online merchant fraud risk
What you’ll hear in this episode:
- How fraud target selection works across ecommerce fraud targeting and mobile fraud targets
- What fraudster behavior and online fraud patterns reveal about target selection in fraud
- Which fraud industry observations stand out when comparing different fraud technology insights
- Why sales prevention stigma and fraud team perception still create problems inside organizations
- What fraud prevention culture and fraud organization dynamics have to do with building stronger ecommerce fraud strategy
You should listen to this episode if you:
- Work in fraud, ecommerce, mobile risk, or payments and want to better understand fraud target selection
- Need insight into ecommerce fraud targeting, mobile fraud targets, and fraudster attack criteria
- Want a clearer view of fraudster behavior, online fraud patterns, and digital fraud trends
- Care about fraud team perception, fraud prevention culture, and the internal sales prevention stigma many teams face
- Are interested in fraud technology insights, fraud industry observations, and stronger online merchant fraud strategy
If you liked this episode, be sure to subscribe and review the podcast on iTunes, Spotify, YouTube, or wherever you listen to podcasts. It really helps with getting the word out.
Episode notes & key takeaways
Fraudsters usually pick targets for practical reasons, not random ones
Let’s break this down. One of the most useful shifts a fraud team can make is moving from “why did this fraud happen?” to “why did this fraud happen here?” That second question gets you much closer to fraud target selection.
Fraudsters are often choosing targets based on a simple mix of payoff, ease, repeatability, and low resistance. If a merchant looks easier to exploit, if a mobile flow looks easier to automate, or if a company seems slower to react, that can become part of the attacker’s decision process. That is why fraud target selection is such a valuable lens. It helps you understand what the attacker thinks your environment looks like.
This is exactly why studying fraudster behavior matters. The fraud event is the outcome. The target choice usually tells you more about the method.
- Fraud target selection often reflects practical attacker logic rather than random opportunity
- Fraudster attack criteria usually include friction, value, speed, and detection risk
- Ecommerce fraud targeting reveals where bad actors believe success is most likely
- Online fraud patterns become more useful when teams study why the target was chosen
Ecommerce and mobile targets can signal different kinds of weakness
This is where things get interesting. Ecommerce fraud targeting and mobile fraud targets are related, but they do not always point to the same exact attacker assumptions.
In ecommerce, fraudsters may be looking at checkout flows, account defenses, manual review practices, product resale value, or chargeback tolerance. In mobile, they may be looking at onboarding friction, device trust, app abuse opportunities, or authentication shortcuts. Same core goal, different attack surfaces.
That matters because teams sometimes talk about fraud as if all channels carry the same kind of risk. They do not. Target selection in fraud changes depending on what the attacker thinks each channel allows.
- Ecommerce fraud targeting often focuses on transaction value, product desirability, and checkout weakness
- Mobile fraud targets may attract attackers looking for easier device or identity abuse paths
- Fraudster behavior changes with the structure of the channel being attacked
- Ecommerce fraud strategy works better when web and mobile risk are evaluated differently
Shared industry observations matter because fraud patterns rarely stay isolated
Another strong theme in this episode is what happens when different fraud experts compare what they are seeing. That matters because fraud teams can get stuck inside their own data if they are not careful.
When multiple people across the industry start noticing similar online fraud patterns, that is useful signal. It means the issue may be bigger than one merchant, one vertical, or one fraud stack. Those moments are where fraud industry observations become especially valuable. They help teams separate internal anomalies from broader digital fraud trends.
This is one reason conversations like this are useful. Fraud technology insights get stronger when they are tested against what other experienced people are seeing too.
- Fraud industry observations help teams identify broader patterns beyond their own environment
- Digital fraud trends become clearer when multiple practitioners see the same changes
- Fraud technology insights are more useful when shared across different perspectives
- Online merchant fraud often makes more sense when viewed as part of a larger ecosystem pattern
Fraud teams still get mislabeled in ways that weaken the business response
The conversation also gets into something a lot of fraud teams know all too well: the sales prevention stigma. And yes, that matters more than people sometimes admit.
If the fraud team is viewed mainly as the group that blocks transactions, slows approvals, or gets in the way of growth, then the company is already misunderstanding the role. That kind of fraud team perception creates weaker alignment, less support, and more pressure to optimize for short-term conversion over long-term resilience.
This is exactly why fraud prevention culture matters. The way a company talks about fraud internally shapes how seriously it takes the work and how quickly it supports better decisions when risk starts rising.
- Sales prevention stigma can distort how leadership understands fraud work
- Fraud team perception affects whether prevention is treated as protection or obstruction
- Fraud organization dynamics influence how quickly teams can act on real risk
- Fraud prevention culture gets stronger when fraud teams are seen as business protectors, not growth blockers
The real lesson is that attacker choices and company culture both matter
The broader takeaway from this episode is that fraud target selection is not only about the attacker. It is also about the company being targeted. Fraudsters make choices based on what they see, but what they see is shaped by your controls, your channel design, your responsiveness, and sometimes your internal culture.
That means stronger fraud programs need both external awareness and internal alignment. You need to understand fraudster behavior, but you also need the kind of organization that is willing to respond to what that behavior is telling you.
That is really the point of this conversation. The attackers are making decisions. The question is whether the business is learning from them fast enough.
- Fraud target selection should be treated as intelligence about both attackers and internal weaknesses
- Fraud prevention culture influences how well businesses respond once attack patterns are recognized
- Ecommerce fraud strategy gets stronger when external threats and internal dynamics are both considered
- Fraud organization dynamics matter because strong prevention depends on support, clarity, and credibility
The bigger theme in this episode is that fraudsters usually choose their targets for reasons that are more rational and revealing than many teams assume. Matt, Will, and I unpack those patterns from different angles, and that is what makes the conversation useful. The real takeaway is that if you want to get better at prevention, you cannot just study the fraud after it lands. You have to study why your business looked worth attacking in the first place.
