an isometric illustration of a phone with a cloud and a speedometer

Refund Fraud as a Service (RFaaS)

a man in a suit and glasses is talking on a cell phone .
Amanda Martin

Refund Fraud-as-a-Service (RFaaS) refers to a model where fraud rings offer services to help individuals exploit refund processes. Typical methods used by RFaaS groups to engineer refunds are Fake Tracking ID (FTID) fraud, Item Not Received (INR) fraud, and chargeback fraud. Brands can protect themselves by implementing stringent return policies, monitoring suspicious activity, and using advanced fraud detection systems.

What is Refund Fraud as a Service (RFaaS)?

RFaaS refers to a growing trend in organized crime where fraud rings provide specialized services to help customers exploit loopholes in return and chargeback systems to obtain fraudulent refunds. The methods commonly used include Fake Tracking ID (FTID) fraud, Item Not Received (INR) fraud, and chargeback fraud. RFaaS groups are found on dark web forums or encrypted communication channels, and enable individuals who have no prior experience committing fraud to enlist the help of seasoned cybercriminals to assist in obtaining refunds. By enabling more people to commit fraud, RFaaS has grown into a multi-billion dollar problem, with no sign of slowing.

Common RFaaS Techniques

RFaaS groups take a fee, typically 10-25% of the refund value once the refund is successfully completed. Here are the techniques they employ.

Fake Tracking ID (FTID) Fraud

FTID fraud is the most popular method used by RFaaS groups. It relies on the manipulation of return shipping labels to make returned packages appear delivered to the warehouse when it was not. The false tracking information alone can trigger refunds for brands that automatically process refunds upon tracking events, or it can be used as evidence to convince customer service agents to issue refunds. This tactic has gained popularity because of it’s difficulty for retailers to detect and a relative lack of existing solutions to combat it.

Item Not Received (INR) Fraud

In this scam, fraudsters falsely claim that part or all of their order was not delivered. This tactic saw a surge during the COVID-19 pandemic as physical storefronts were shuttered, increasing eCommerce volume and overwhelming delivery systems. In response, carriers like UPS and FedEx began requiring proof-of-delivery photos and signature confirmations, especially for high-value goods. These measures have helped reduced INR fraud.

Chargeback Fraud

Chargeback fraud occurs when a customer disputes a legitimate transaction with their bank or credit card issuer to receive a refund, often by falsely claiming the transaction was unauthorized or that they never received the goods. This allows the customer to keep the product while also getting their money back, leaving the retailer to absorb the financial loss. It exploits consumer protection systems designed to guard against genuine unauthorized charges.

Signs Your Brand is Being Targeted by RFaaS

RFaaS groups are often large, with some communities consisting of tens of thousands of members. If your brand is being targeted, there are several telltale signs:

  1. Increase in High-Value Order Returns: A sudden uptick in high-value orders being returned, especially when those returns are processed using automated systems or involve customers pressuring your customer service for immediate refunds, could indicate FTID fraud.
  2. Frequent Non-Receipt or Empty Box Claims: If many customers suddenly start claiming they never received their orders or received empty packages, this could be a sign that RFaaS groups are exploiting your refund policy for INR fraud.
  3. High-Pressure Customer Service Interactions: Scammers often employ social engineering tactics to pressure customer service teams into issuing refunds. These customers may use aggressive or scripted language to bypass standard return procedures.
  4. Repeat Refund Requests from Certain Customers: A high number of refund requests from the same accounts or IP addresses may signal RFaaS activity. These fraudsters often exploit lenient policies repeatedly until they are caught.

If you're concerned that your brand might be a target, email us at contact@tailed.ai for a free audit of over 100 RFaaS channels to assess your exposure.

How to Protect Your Brand from RFaaS

Combating Return Fraud as a Service (RFaaS) requires a proactive approach to refining refund and return policies, detecting fraudulent patterns, and minimizing chargeback risks. Here are actionable steps to prevent against the three major tactics used by RFaaS groups.

Preventing FTID Fraud

  • Change Refund Policies: Only issue refunds after physically receiving and inspecting returned items. While this can slow down the refund process, it creates friction for fraudsters and helps prevent fraudulent returns.
  • Enforce Return Conditions: Include clear return conditions in your terms and conditions, such as “refunds will only be issued after the item is received and inspected.” This can deter scammers from exploiting lenient return processes.
  • Use Advanced Fraud Detection Software: Tools like Tailed offer specialized protection against FTID fraud, monitoring for inconsistencies in tracking information and flagging suspicious activity.

Combatting INR Fraud

  • Proof of Delivery: Work with shipping carriers that offer proof-of-delivery services, including photo verification or signature requirements for high-value orders. While some fraudsters may attempt to fake signatures, these methods still provide an added layer of protection.
  • Offer Store Credit Instead of Refunds: For suspicious transactions, offering store credit rather than cash refunds may deter fraudsters. Since many fraudsters are looking for quick monetary gain, they will often abandon their efforts if the reward is limited to store credit.
  • Clearly Defined Return Policies: Ensure that your return policies are straightforward and include specific steps for reporting lost or missing packages. This makes it harder for scammers to exploit loopholes.

Protecting Against Chargeback Fraud

  • Accessible Customer Service: Provide clear and easy-to-access customer service channels to resolve issues before they escalate into chargebacks. Many chargebacks are the result of unresolved disputes, and effective communication can reduce this.
  • Keep Detailed Transaction Records: Maintaining comprehensive records, including proof of delivery and customer communications, can help you dispute chargeback claims. Be prepared to submit this documentation during the chargeback resolution process.
  • Use Strong Authentication: Implement 3D Secure authentication (like Verified by Visa) and require Card Verification Value (CVV) codes for all online transactions. This helps ensure that the person making the purchase is authorized to use the card.
  • Respond Quickly: Chargeback alerts allow you to intervene before a claim is processed, improving your chances of resolving the issue directly with the customer.
  • Track Repeat Offenders: Use tracking tools to flag customers who frequently file chargebacks or return large numbers of orders. Be aware, though, that fraudsters involved in RFaaS often use multiple accounts or identities to bypass detection.

Conclusion

Refund Fraud-as-a-Service (RFaaS) is an evolving threat to online retailers. By staying vigilant, using fraud detection tools, and implementing strong policies, brands can protect themselves from these scams. Whether it's safeguarding against INR fraud, FTID fraud, or chargeback fraud, taking proactive steps is key to minimizing your exposure to RFaaS schemes.

Fraudsters are profiting
while you wait

Let's Talk