The ‘courier scam’ is a global issue that intensified late last year and presented another worrying trend in the new world of digital payments and card scams.
Courier scams have long been a problem, but the threat has gathered momentum in recent months as fraudsters have found a lot of success and they will continue the ‘winning’ formula while they still can find a victim that will fall to their schemes.
But why is this same attack repeated with such frequency and what can we do to be more resilient to the threat?
What is the courier scam?
The attack is simple – an SMS or email comes out of the blue from an unknown number or address, notifying the target that they have missed a delivery and that it will need to be re-arranged.
These typically reference the largest of the local delivery companies or even the central mailing services within the attack region. When the victim follows the link to re-arrange their fake delivery, they are asked for a host of information along with a fee for re-delivery.
How do courier scams work?
These scams are very successful — here’s how they work:
1. company imitation
A fraudster will always imitate a company to generate maximum potential to find a victim.
This is why tax entities and home utilities are always a popular target for fraudsters, but during COVID-19 lockdowns, our lives were forced to be remote – which brought with it an increase in the use of courier services to meet the exploding demand of customers purchasing from e-commerce channels.
Mix this increase in consumer demand with the fact that most customers purchase from a vendor they know, but they do not know who will be delivering the item, and you have a rich and varied target set for the fraudster.
2. Data gathering
Like many modern card and e-commerce frauds, the scam itself contains a range of attack vectors in a single place. This includes phishing of personal and account-level information as well as compromising the PAN / CVV for use in a fast- following fraud attack.
It is also becoming more common that these attacks are part of a unified scam whereby high-value fraudulent goods are being ordered in the background, with the customer then tricked into completing the authentication steps prompted by their ‘re-delivery’.
3. Phoney web page
Creating a multi-layered and extremely convincing web page to mimic genuine services is easier than ever before.
Mass communication methods by SMS or email are commonplace and often incredibly low cost – a service that is enjoyed by fraudsters and genuine companies alike. It is also quicker and easier than ever to purchase and design a high-quality web domain and even more troublesome is that in many instances, the
design includes an offering for fraudulent mobile applications.
All these schemes are low-cost, but highly effective.
4. Make money
The final point is the financial success to the fraudster. They can build and publish these scam web pages and send mass communications incredibly quickly with little to no checks completed prior to their onboarding.
These fraudulent services run as legitimate businesses until the point a customer reports the illegitimate service to law enforcement and industry groups in attempt to stop the unlawful service. The enforcement activity is then to block access to those web domains, which requires a collaboration between ISPs to prevent more victims falling for the scam.
All of this takes time, often several weeks, all the while the fraudsters continue to defraud more and more victims. Once they’re stopped, they can create a new attack at lightning speed.
How to beat the fraudsters
To get ahead of these attacks, we must encourage more reporting and better collaboration in the fight against such frauds along with continuing to strengthen controls around data compromise detection which forms the basis of targeting these threats. As with all types of fraud, combining intelligence and fraud prevention efforts will always win out against the fraudster.
This approach has underpinned the best-in-class performance of FICO for over 30 years. FICO ® is investing heavily in the global fight against fraud scams and has recently laundered the first scams segmented models to profile and identify this type of fraud, built on the global community of Falcon ® customers, the FICO Falcon Intelligence Network.
This is the first model of its kind globally and represents an exciting development in beating back the ever-increasing threat of cross-channel scams with best-in-class FICO proven performance.
Customers must be warned and given the appropriate routes in which to easily report such scams to ensure enforcement activity happens quicker. Services such as Action Fraud in the UK, and each individual delivery company are great examples of such reporting.
But it is also incumbent on the banks to do more to remove silos and offer a more complete and holistic view of emerging fraud across their entire enterprise. Taking advantage of consortium data sets for all fraud types and scams is also essential to deal with this modern threat.
