--- title: Supply chain fraud: Why online fraud keeps getting bigger and harder to stop source_page: https://www.sardine.ai/media/fraudology/episodes/supply-chain-fraud canonical: https://www.sardine.ai/media/fraudology/episodes/supply-chain-fraud format: text/markdown date: 2023-09-28T00:00:00Z description: Supply chain fraud is expanding through identity theft, ATOs, and third-party risk, making online fraud harder to contain for merchants and platforms --- **Quick links:** [Human page](https://www.sardine.ai/media/fraudology/episodes/supply-chain-fraud) · [Home](https://www.sardine.ai) · [Customers](https://www.sardine.ai/customers) · [Blog](https://www.sardine.ai/blog) · [Demo](https://www.sardine.ai/demo) --- # Supply chain fraud: Why online fraud keeps getting bigger and harder to stop **Published:** 2023-09-28T00:00:00Z Supply chain fraud is expanding through identity theft, ATOs, and third-party risk, making online fraud harder to contain for merchants and platforms Today I’m answering a question I’ve been hearing a lot from fraud fighters lately. Is it just us, or is fraud actually getting worse? It is getting worse. And not just in volume. In reach. In coordination. In sophistication. In how many different parts of a business it can hit at once. In this solo episode, I break down why that is happening, what has created this perfect storm, and why teams across ecommerce, banking, fintech, and retail are feeling more pressure than they were even a few years ago. At first glance, this can sound like a broad conversation about online fraud trends. But when you look closer, a lot of the same root causes show up again and again. Identity theft. Account takeovers. Refund abuse. Reshipping. Third-party vulnerabilities. And yes, supply chain fraud too. Because when the broader environment gets more complex, criminals get more ways to exploit the seams between systems, vendors, processes, and people. That is the part that matters. Because fraud is not just increasing because criminals suddenly got smarter. It is increasing because businesses got more connected, more dependent on third parties, more digital, and in some cases more fragmented than their controls were built to handle. So if you want to understand why fraud keeps growing, you have to understand why complexity keeps helping it. Here is what that means in practice: Supply chain fraud is part of a larger shift where criminals exploit interconnected systems, vendors, and operational gaps Third-party risk management matters more when fraud can move through vendors, integrations, and shared processes Fraud detection needs to evolve as identity abuse, reshipping, internal fraud, and online scams start overlapping more often Companies that understand the root causes of this shift are in a much better position to justify investment and improve outcomes What you’ll hear in this episode: Why online fraud has grown in both size and sophistication across multiple industries How supply chain fraud, vendor fraud, and broader third-party risk management fit into the bigger fraud picture What identity theft, account takeovers, refund claims abuse, and reshipping schemes reveal about today’s fraud environment Why evaluating your risk stack and solution providers matters more than ever What I think is the most important thing companies can do right now to prepare for this new reality You should listen to this episode if you: Work in fraud, risk, ecommerce, fintech, or operations and want a clearer explanation for why fraud keeps getting worse Need to understand how supply chain risk management and third-party risk management connect to modern fraud exposure Are responsible for fraud detection, vendor oversight, or internal planning and need stronger context for executive conversations Want to better understand how fraud trends are changing across identity, payments, logistics, and operations Need a more practical way to prepare your company for higher fraud pressure before losses escalate further If you liked this episode, be sure to subscribe and review the podcast on iTunes, Spotify, YouTube, or wherever you listen to podcasts. It really helps with getting the word out. Episode notes & key takeaways Why fraud is getting worse across the board Let’s break this down. One of the biggest points I wanted to make in this episode is that if your company feels like fraud is getting worse, you are not imagining it. It is not just your queue. It is not just your market. And it is not just one tactic getting louder than the others. The environment really has changed. That is the issue. Fraud is increasing because more systems are connected, more transactions happen digitally, more customer behavior happens across multiple channels, and more criminals have access to tools, data, and tactics that used to require a lot more effort. The barrier to entry has dropped in some places, while the upside has gone up in others. And that matters. Because once businesses become more complex than their controls, fraud starts scaling through the complexity. That is true for account abuse. It is true for reshipping. It is true for refund fraud. And it is true for supply chain fraud too, where attackers do not need to attack the most obvious target if a weaker vendor, process, or logistics point gives them a better opening. Here is what stands out: Fraud is growing because digital complexity is growing faster than many controls Criminals can exploit more attack surfaces across payments, identity, logistics, and vendors Fraud detection has to account for a more connected and more adaptive fraud environment Supply chain fraud fits into this broader pattern of exploiting operational weak points How supply chain fraud and third-party risk make everything messier This is where things get especially important. A lot of fraud teams still think of fraud in narrow lanes. Payments. Identity. Account takeover. Chargebacks. Refunds. But the reality is that a lot of modern fraud risk now runs through third parties, supplier relationships, and operational dependencies that may sit outside the core fraud team’s day-to-day visibility. That usually does not end well. Supply chain fraud is a good example of that. Whether it shows up as procurement fraud, vendor fraud, invoice fraud, cargo theft, inventory theft, counterfeit goods, or internal manipulation connected to suppliers, the common issue is that trust and process are being exploited somewhere along the chain. And once that happens, the damage does not stay neatly contained. A weak vendor process can create payment exposure. A logistics weakness can create inventory loss. Poor supplier risk management can create openings for fraud, bribery and corruption, or hidden internal abuse. This is exactly why third-party risk management and supply chain risk management need to be taken more seriously in fraud conversations. A few practical takeaways: Supply chain fraud often succeeds where trust is assumed and verification is weak Vendor fraud and invoice fraud can create large losses without looking like classic ecommerce fraud Supplier risk management matters because third parties can become the easiest path into a business Internal fraud and third-party abuse often overlap more than companies want to admit Why fraud tactics are getting more sophisticated and more accessible Here’s what’s actually happening. One of the hardest parts of today’s fraud environment is that sophistication and accessibility are both increasing at the same time. Attackers have better tools. Better data. Better coordination. But they also do not always need to be especially sophisticated themselves to get results. That is a problem. Because some of the technology is getting better faster than teams expect. Automation is stronger. Bots are better. Attack paths are easier to copy. Credentials and scam kits are more available. And when one group figures out something that works, the tactic spreads quickly. We have seen this playbook before. That is part of why fraud can feel like it is getting bigger from every direction at once. It is not just that one company is being targeted. It is that the ecosystem is changing in a way that makes successful tactics easier to repeat across companies, industries, and channels. What good teams should pay attention to: Fraud tactics spread faster when tools and methods become easier to access Fraud detection has to adapt to both higher sophistication and higher attack volume Third-party risk management matters more when attack methods can move across ecosystems quickly Supply chain risk management should account for the possibility that outside partners face the same evolving threats Why your risk stack and vendor choices matter more now This is one of the most practical parts of the conversation. If fraud is getting bigger and more sophisticated, then companies cannot afford to treat their controls, vendors, and decisioning stack like set-it-and-forget-it systems. That is a mistake. What worked two years ago may not be enough now. What looked good in a sales pitch may not hold up against how fraud is actually evolving inside your business today. Right. That is why I talk about continually evaluating third-party solution providers and your broader risk stack. Not because every company should keep swapping tools constantly. But because teams need to know whether their current environment still matches the actual fraud they are facing. And honestly, a lot of companies are behind on that. This is especially true when fraud is crossing categories. A company might have something for payments, something for identity, something for manual review, something for supplier oversight, and something for fraud detection, but if those systems are not working together well enough, the criminals may still be seeing a lot more continuity than the defenders are. A few things worth reviewing: Are your current fraud controls actually aligned with the fraud patterns you are seeing now? Are third-party vendors helping reduce complexity or adding more of it? Is your supply chain risk management program connected enough to fraud oversight? Are you evaluating vendors based on current fraud reality, not past assumptions? Why the most important thing you can do right now is tell the story clearly Honestly, this is the part I think matters most. Fraud teams can see the pressure building long before the rest of the company does. They see the losses, the complexity, the operational strain, the near misses, and the trend lines. But if they cannot explain what is changing and why it matters, it becomes much harder to get the support, staffing, budget, and urgency needed to respond well. That is the part that holds up. The number one thing companies need right now is a clear way to communicate the reality of this new fraud environment internally. Not vague fear. Not general frustration. Clear evidence. Clear patterns. Clear business impact. Clear explanation of why this is different from what came before. Because once leadership understands that fraud is not just “a little worse” but structurally more complex, the conversation changes. Then it becomes easier to make the case for stronger fraud detection, better third-party risk management, deeper supply chain risk management, and the kind of investment teams actually need to keep up. The big takeaway from this episode is pretty straightforward. Fraud keeps increasing because the environment around it keeps getting more connected, more digital, and more vulnerable to exploitation at the seams. Supply chain fraud, vendor fraud, internal fraud, and broader third-party risk are all part of that story, not side notes to it. If companies want to keep up, they need better visibility, better tools, stronger communication, and a much more realistic understanding of what this new normal actually looks like. That is the part I would pay attention to.