The Rise of the “Dry Ice” Method in Retail Fraud
COVID-19 eCommerce Trends Coincide with Soaring Retail Fraud
The scale and scope of shipping and return fraud scams have risen sharply since the global COVID-19 coronavirus pandemic first took off last year. Some major retailers have gone so far as to implement more lenient return policies, scrapping requirements to return less expensive items due to the increased costs associated with these items’ return.
Meanwhile, cybercriminals appear to be increasingly turning to these tactics due to their relatively high efficacy rates compared to other retail scam methods. Countermeasures are often operationally inefficient or prove ineffective to curtail associated fraud losses meaningfully.
Shipping and Return Fraud Schemes: A Pain Point for Retailers
Flashpoint closely follows retail fraud and cybercrime trends. When it comes to refund fraud schemes, they tend to consist of actors purchasing products online and exploiting the return and refund process. In these scams, actors legitimately buy products from online stores and ship them either to actors’ home addresses or to other predesignated drop sites of their choosing.
After delivery, actors make false claims about issues with the purchases occurring during or as part of their delivery, thus prompting the retailers to issue refunds. In some instances, the actors use fake tracking IDs (FTIDs) associated with their orders to substantiate their claims further. They also often use PayPal as a payment method to add complexity to their refund claims and to obfuscate their real identities.
Cybercriminals Latch On to the “Dry Ice” Return Fraud Tactic
Cybercriminals often employ more entailed and strategic methods to scale and improve their scam success rates. Some of the more elaborate and well-known shipping and refund methods include the “did not arrive” (DNA) and “double-dipping” techniques. Over the past several months, Flashpoint has observed a significant uptick in the “Dry Ice” variation of shipping and return fraud scams.
What is the “Dry Ice” Return Fraud Method?
With the Dry Ice return fraud method, the actors replace the legitimate products in their return packages with actual blocks of dry ice. Dry ice is an ideal substance for scammers to use as product substitutes due to the form factor’s relatively inexpensive and malleable constitution. Retailers increasingly deploy weight scales as an efficient initial fraud countermeasure to check for weight-based anomalies based on the product and package’s known specs. However, with dry ice, scammers can imitate the product’s size and composition, effectively circumventing any weight-based fraud checks without incurring major added costs.
Active Fraud Forum Engagement on Dry Ice Tactics
As the Dry Ice method continues to prove fruitful for cybercriminals, they increasingly discuss the technique on dark web scam forums and explore other ways to take advantage of the refund process. Many discussions also turn to the possibility of alternative items and materials that mimic the advantages of dry ice in size and weight malleability, and its cheap price point. In other instances, actors bring up the limitations of dry ice and how they can resolve difficulties in calculating the form factor’s sublimation rate as it transforms from a solid into a gas.
Actor on Forum “Sinister” Discusses Dry Ice Fraud Method for Guitar Refund
“The guitars usually weight from 2.5kg up to 5kg it depends on the guitar and the wood. Even 2 same specifications guitars can have quite a weight difference because of the variations of the wood.
I could try DNA method but is probably much harder to do so dry ice could be safe option.
Does anyone have any experience with EU stores?”
New Dry Ice Fraud Permutations Likely on the Way
Fraud forum users continue to discuss possible issues and workarounds associated with manipulating shipping labels to carry out refund fraud. For instance, some threat actors posed the idea of disappearing ink to send fraudulent returns with the package (allegedly containing a product return) to never make its final return destination due to the increasing illegibility of the shipping label.
See Flashpoint Fraud Intelligence in Action
Sign up for your risk-free 90-day trial and see how Flashpoint can provide you with the actionable intelligence you and your entire team need to identify and respond to fraud events. When equipped with the Flashpoint Intelligence Platform, you move a step ahead of threat actors and the cybercriminal fraud groups impacting your business and bottom line.