Fraud Types
TL;DR
- By actor: First-party (customer abuses), Third-party (stolen card), Fake identity (fabricated persona)
- By method: Account fraud (fake signups), ATO (account hijack), Card testing (validation), Fraud rings (organized attacks)
- Post-transaction: Friendly fraud (chargeback abuse), Refund fraud (return exploitation), Promo abuse (discount abuse)
- Focus your resources on prevention—chargebacks from true fraud are hard to win
A taxonomy of fraud patterns for merchants.
Which Fraud Type Is YOUR Problem?
| If you see... | Start here |
|---|---|
| Chargebacks on legitimate orders | Friendly Fraud |
| Many small transactions, then fraud | Card Testing |
| Good customer suddenly acting strange | Account Takeover |
| New account, immediate high spending | Third-Party Fraud or Account Fraud |
| Coordinated attack across accounts | Fraud Rings |
| Return/refund abuse | Refund Fraud |
| Promotion/coupon exploitation | Promo Abuse |
Classification Framework
Fraud can be classified by who commits it:
| Type | Actor | Key Characteristic |
|---|---|---|
| First-Party | Your customer | Uses own identity to defraud you |
| Third-Party | External fraudster | Uses stolen card at your store |
| Fake Identity | Unknown | Fabricated persona, not a real person |
Quick Reference
By Method
| Fraud Type | Description | When You See It |
|---|---|---|
| Account Fraud | Fake account signups | Bot attacks, promo farming |
| Account Takeover | Hijacked customer accounts | Password breaches, phishing |
| Card Testing | Validating stolen cards | Small transaction bursts |
| Fraud Rings | Organized multi-account attacks | Coordinated patterns |
| Triangulation | Three-party resale scheme | Marketplace fraud |
Post-Transaction Fraud
| Fraud Type | Description | Your Defense |
|---|---|---|
| Friendly Fraud | Dispute legitimate purchase | Evidence collection, CE 3.0 |
| Refund Fraud | Exploit return policies | Policy enforcement |
| Promo Abuse | Game promotions/discounts | Device linking, limits |
Comparison at a Glance
| Type | Who Loses | Detection Difficulty | Can You Fight Chargebacks? | Primary Defense |
|---|---|---|---|---|
| Third-Party | You (without 3DS) | Medium | Rarely (unless 3DS) | 3D Secure |
| Friendly Fraud | You | High | Yes (with evidence) | Evidence collection, CE 3.0 |
| First-Party | You | Medium | Yes | Policy enforcement |
| Fake Identity | You | High | Sometimes | Identity verification |
| ATO | Customer + You | Medium | Yes | MFA, behavioral analytics |
| Card Testing | You | Low | N/A | Velocity rules, CAPTCHA |
| Fraud Rings | You | High | Sometimes | Device fingerprinting |
Prevention Priority
For most merchants, focus resources in this order:
1. High Impact, Easier to Prevent
| Type | Action |
|---|---|
| Third-Party Fraud | Enable 3D Secure for liability shift |
| Card Testing | Add velocity rules and CAPTCHA |
| Account Fraud | Require email/phone verification |
2. High Impact, Harder to Prevent
| Type | Action |
|---|---|
| Friendly Fraud | Collect evidence, implement CE 3.0 |
| Refund Fraud | Tighten policies, track patterns |
| Account Takeover | Require MFA, monitor logins |
3. Specialized Threats
| Type | Action |
|---|---|
| Fraud Rings | Device fingerprinting, consortium data |
| Promo Abuse | Device linking, redemption limits |
| Triangulation | Shipping address analysis |
Popular in This Section
- Third-Party Fraud - Stolen cards used at your store
- Friendly Fraud - Legitimate purchases disputed dishonestly
- Account Takeover - Hijacked customer accounts
- Card Testing - Small transactions to validate stolen cards
- Refund Fraud - Return and refund exploitation
Related Topics
- 3D Secure - Liability shift for fraud
- AVS & CVV - Payment verification
- Device Fingerprinting - Tracking fraudsters
- Velocity Rules - Pattern detection
- Risk Scoring - Combining signals
- Compelling Evidence - Fighting chargebacks
- Chargeback Prevention - Stop disputes