As the summer ends merchants worldwide start preparing for the biggest event of online commerce – Black Friday and Cyber Monday.
Black Friday & Cyber Monday Trends
The two shopping events broke all previous records last year – partly due to the lockdowns – with $14.13 billion in sales in the US, an increase of 19% over the previous year (according to Adobe Analytics).
While it’s hard to say how much it will increase this year, merchants still have to compete with better and better deals for consumers who are now accustomed to buying things online in a frictionless manner.
Unfortunately, the fraudsters also know this with Sift reporting a staggering 385% increase in fraud attempts in their network last year.
From the viewpoint of a cybercriminal, Black Friday (and Cyber Monday) are the perfect opportunities to hide in the crowd and defraud businesses, or to phish unsuspecting consumers out of their details.
A heavy increase in transaction volumes will mean that your customer service and fraud management teams will be swamped, leaving less time to manually review orders.
With that in mind, here are some essential survival tips you can use to brace for impact – and make it out safe on the other end.
Ways to Protect Your Business on Black Friday & Cyber Monday in 2021
Notify your teams of upcoming deals and projected volume increase
Too often the operations teams are left out of the loop. Deals and bonuses will attract more customers, so give a heads up to your risk team, giving them time to think in advance.
What are the risks involved? How will someone try to abuse this? The people on the frontline are best qualified to come up with ideas.
Similarly, if you have a ballpark estimation of the increased traffic, workforce management can calculate whether they need extra hands on a given shift. If the load is looking to be extreme, it might be a good idea to hire temporary help to cover certain parts of the job process to minimize the number of errors while balancing the workload.
Check your Queries Per Second limits with your providers
While you are busy strengthening your backend, it’s worth contacting both your payment processing partners as well as your anti-fraud providers to make sure your query limits are expanded.
Most systems have some sort of rate limit in place which can be raised to cope with the load, and many will be mindful of the fact that this period is super busy.
However, it’s better to be safe than sorry so it’s in your best interest to proactively communicate about your increased needs.
Sanity checking your velocity rules
Crazy good deals make customers go wild – this is true not just for traditional retail but online as well.
Make sure that your velocity rules and spend limits are adequately lax, as even the most timid shoppers are prepared to open their wallets for big-ticket items.
Expect some ‘abnormal’ shopping behavior and adjust your risk appetite (and risk scores) accordingly, as customer insults are especially painful during this time of the year. Blocking a good customer will mean they’ll just go straight to the competition!
Feed your machine learning engine with last year’s fraud cases
Hindsight is 20/20 as the saying goes, and that applies to fraud prevention. If you still have last year’s data at hand, you can check the transactions made on Black Friday and Cyber Monday that turned out to be chargebacks as fraud, then label them accordingly into your machine learning system.
If you use a whitebox solution, it still makes sense to go over the suggested rules to catch if something’s too odd. If you’re a SEON customer, you can even use the rule tester to have an idea of the expected false positive rate.
It is worth having the ML work for you in times of increased load. It’s greatest advantage is that it can spot patterns that might escape analysts who are being spread thin.
Prepare for an increase in Account Takeovers
As mentioned above, fraudsters will jump on the opportunity offered by increased transactions and Black Friday deals by phishing your customers. A common type of attack is setting up fake websites and fake deals to get customer data, but you might be targeted by cybersquatters masquerading as your store to get your customer’s login details.
Your cybersecurity team should be proactively monitoring for these kinds of attacks anyway, but on the transaction management end, you should block suspicious logins and raise alerts with behaviour that’s associated with ATO’s, such as sudden password changes or changing of shipping details.
Drill in your counter social engineering policies
Your customer service will be overloaded. That’s a prime weak spot for an increasing vector of attacks: social engineering attacks against your agents. Typically this will be aimed at acquiring customer details or committing refund fraud, but ambitious fraudsters will try to avoid blocks using this method as well.
You should have verification policies and scripts in place to make sure that the person on the phone or in email communication is in fact who they say they are, but a quick social media lookup can help you verify their identity via checking their digital footprint.
It’s worth popping in a couple of extra training sessions ahead of the events to act as a refresher for your team.
Enhance your manual reviews with a SEON trial account
We offer a 14 day free trial for our manual data enrichment – all you need to do is sign up for an account. You can either download a chrome extension or use the manual lookup page (which supports batch lookups) and you’re ready to quickly establish user identity via social media lookup at a click of a button. We found that this is especially useful for our customers who are experiencing bursts in their workload.
As it requires no integration or upfront fees, analysts themselves can take charge and tell suspicious cases apart from fraudulent ones quickly and efficiently.
Batch uploads are also available, should you plan on doing tiered analysis, wherein the real-time checks are assisted by a second layer of analysts to “catch” what got through the more-lax-than-normal ruleset typical of the season.
And that’s it from our end. Feel free to share this article – and add your best tips in the comments to help other merchants surviving Black Friday and Cyber Monday.