Fraudsters in the Marketplace: Fraud Prevention Basics for Ecommerce Marketplaces

written by

Tonya Boyer

January 30, 2024

When you start an ecommerce business, one of the first decisions you make is where to sell your products: on an ecommerce platform or on an ecommerce marketplace. A platform – an independent website or app – is owned and operated by a merchant to sell their products directly to customers. A marketplace, on the other hand, is a site or app owned and operated by a third party, where many merchants create storefronts to sell products to marketplace customers.

In retail marketplaces, payments are generally processed by the marketplace, with the customer paying in to the marketplace and the marketplace paying out to the merchant. For some service marketplaces, the marketplace also pays out fees to the service provider.

Marketplaces offer a number of advantages to merchants, especially new or small businesses or independent contractors. When a merchant is just starting out in the ecommerce business, they may not have the built-in customer base or technical skillset (website design, SEO, and marketing) needed to make an independent platform succeed.

online marketplace

The marketplace setup allows merchants to tap into the marketplace’s existing customer base, and (because the marketplace itself controls most of the infrastructure) merchants can begin selling without first having the experience or knowledge they’d need to run their own platform.

For these reasons, even many well-established brands choose to maintain a presence in the most popular marketplaces, even as they run their own independent sales platform.

Of course, there are stipulations. Every marketplace has specific policies that merchants must abide by, and many of them charge a fee (usually a percentage) for each sale the merchant makes through their site. Some marketplaces also require fixed subscription fees from merchants, especially those with large sales volumes. But merchants overall find these fees and requirements worth it, as evidenced by the MRC’s 2023 Global Ecommerce Payments and Fraud Report, which states that 77% of merchants in 2023 sold products through third-party marketplaces like Amazon, eBay, and Alibaba.

This is good news for those operating marketplace businesses! But with increased visibility and use comes an increased risk of fraud. Below we’ll talk about the three main types of fraud you may be experiencing while operating your marketplace business.

Payment Fraud

This is one of the most common types of ecommerce fraud because it’s the type of fraud also experienced by independent platforms and storefronts. With this type of fraud, a bad actor or criminal organization uses stolen payment instruments (PIs) to make purchases with the end goal of turning a profit.

In online retail marketplaces, this may be straightforward: a bad actor purchases a product from a merchant on the marketplace and pays with a stolen PI. The bad actor then resells the product for 100% profit, as the cost of goods is shouldered by the PI owner. When the PI owner discovers the unauthorized purchase on their PI statement, they’ll generally file a chargeback with the marketplace. Depending on their specific terms of use, the marketplace may be liable for the cost of a refund on top of the chargeback processing costs and fees.

Tackling marketplace payment fraud

As the operator of a marketplace, you’ll be responsible for providing fraud prevention strategies on behalf of the merchants who use your site. We suggest investing in both a machine learning risk scoring model and a human intelligence team. Your human intelligence team can provide manual review support for edge cases, as well as many other invaluable fraud prevention services.

Many of these bad actors will be using new accounts with generic setups, and they probably won’t be all that careful to mask their geolocations – at least not at first. As you start to crack down on this type of fraud, some bad actors may switch to targeting established good customers for account takeover. To detect and mitigate the ATO, your human intelligence team will need to pay close attention to customer purchase histories, especially for customers purchasing from multiple merchants on the marketplace.

Seller Fraud

The opposite of payment fraud is seller fraud, where the customer is legitimate, but the seller or merchant is not. In this scenario, a bad actor creates a legitimate-looking storefront in a marketplace and adds “inventory” – usually popular products priced lower than the competition.

If a good customer makes a purchase from this merchant, the payment will be processed normally through the marketplace, but the product will never be delivered to the customer. The bad actor will either send nothing, or (if the marketplace requires a shipment before merchant payout), the bad actor may ship an empty box or a box with something worthless or much cheaper than the product purchased (such as a brick, etc.).

Like with payment fraud, bad actors committing seller fraud must constantly be in the act of creating new accounts. Once a good customer realizes they did not receive the product they paid for, they will almost always file a complaint with the marketplace – and sometimes file a chargeback, as well. These actions may result in the marketplace charging the “merchant” for a refund, which the bad actor obviously doesn’t want. Bad actors committing seller fraud tend to close out their storefronts and accounts as quickly as they open them to avoid being charged.

Triangulation fraud

There’s an increasingly popular subset of seller fraud known as triangulation fraud, which has a few more moving parts than traditional seller fraud. In triangulation fraud, the bad actor sets up a store front – again with popular items for low prices – and a good customer makes a purchase. But in this case, the bad actor actually fulfills the order.

To do this, they place an order with a different, legitimate storefront which is selling the same product, and have it shipped to the original customer. The bad actor uses a stolen PI to complete this purchase. The original customer receives the product they tried to purchase and usually won’t even be aware they’ve interacted with a bad actor.

The bad actor makes money off the transaction by keeping the initial payment from the good customer and making the actual purchase with a stolen PI. Of course, when the owner of the stolen PI inevitably files a chargeback, the marketplace and merchant become liable for the refund and fees.

Tackling marketplace seller fraud

The best way to tackle seller fraud is to have checks in place throughout the merchant lifecycle. Because merchant accounts must be created so quickly, there may be tell-tale signs of fraud at sign-up such as generic email addresses and mismatching geolocation information. You should also put checks in place when the merchant adds products; stock images of products combined with unrealistically low prices may point to fraud. Once the merchant begins to make sales, a chargeback or customer complaint coming back right away should also be a red flag.

We also recommend putting payout delays in place, especially for merchants new to the marketplace. If possible, you should consider delaying initial payouts until after the customer has received the product – between 7 and 10 days should work for domestic shipments. However, you must be mindful that long payout delays will cause friction with legitimate merchants, so you should scale these delays down (to 1 to 3 business days) after the new merchant has made a certain number of transactions without customer complaints.

Of course, it’s not impossible for bad actors to wait out policies like that (making “good” sales via triangulation fraud, for example) and then begin more obvious fraudulent activity after the metaphorical training wheels have been taken off. Bad actors may also commit account takeover of legitimate established merchant accounts, which would put them beyond the scope of “new merchant” policies. This is why your human intelligence team should be constantly monitoring for anomalies on established merchants such as a sudden spike in complaints or a change to a new payout bank.

fraudsters in the marketplace


Collusion is the practice of two or more parties working together to benefit by cheating the system. Collusion takes many forms and expands far beyond the scope of ecommerce marketplaces, though that’s where we’ll continue to focus here.

One example of collusion takes place in ecommerce ride-hailing marketplaces. The ride-hailing industry often uses a surge pricing model, where if there are more people seeking rides than there are drivers clocked in, the price for rider fare will increase. At its surface, this is a way to incentivize more drivers to come online, thereby providing more rides for the people who need them.

But it’s well-documented that drivers can collude to take advantage of this system. In a highly publicized case several years ago, multiple Uber and Lyft drivers at an airport all made it a practice to log out of their driver accounts at the same time (just as rider traffic was increasing after flights landed) to trick the system into thinking drivers were scarce. Surge pricing would be initiated and, when the price became high enough, all the drivers would clock back in to claim the higher price for their fares.

The customers (riders, in this case) were at the losing end of this transaction, because they paid more than they would have without the collusion. The marketplace also may have suffered a loss of reputation as a result.

This is an example which involved multiple people, but collusion doesn’t require a large group. As counterintuitive as it may seem, collusion can actually happen with just one single person. The key here is that an individual person can represent multiple parties in a transaction, and those parties are colluding with one another. We’ll look at an ecommerce food delivery marketplace as an example.

A driver for UberEats or DoorDash may have both a driver account and a customer account. This is perfectly legitimate. But it may turn into collusion if the driver orders food on their customer account and then picks up and delivers their own order using their driver account. Because these service marketplaces pay out to their drivers for each delivery, the marketplace would essentially be paying the driver to pick up their own food. Many service marketplaces explicitly prohibit this sort of collusion in their driver terms of use agreement.

Bad actors and fraud rings also commit this type of collusion, though at a greater level. Some fraud rings will go so far as to set up fake driver accounts, fake customer accounts, and fake restaurant accounts. They then use stolen PIs to order from the fake restaurant (which gets a payout), and then have the fake driver account “deliver” the fake order to the customer (which also gets a payout). The food never existed, the restaurant never existed, and yet there are multiple payouts happening through the marketplace.

This also happens on retail marketplaces, when bad actors set up fake storefronts and make purchases from fake customer accounts. It’s the ultimate culmination of both payment fraud and seller fraud – the Megazord of marketplace fraud.

Tackling marketplace collusion

Because collusion uses both fraudulent customer accounts and fraudulent merchant accounts, having checks in place for sign-up flows and lifecycles on both sides can help keep collusion off your platform. Geolocation data also becomes very important when detecting collusion, because if the same individual or fraud ring is initiating both sides of the transaction, they’ll likely have login IP addresses in common. Device fingerprinting data can be useful for the same reason. Your human intelligence team should watch carefully for payout spikes and other anomalies as a red flag to dig deeper.

If your marketplace is experiencing any of these fraud types, our experienced fraud prevention team can help!

written by

Tonya Boyer

January 30, 2024

Table of Contents
    Add a header to begin generating the table of contents

    written by

    Tonya Boyer

    January 30, 2024

    Stay informed with industry-relevant emails curated by our team of experts.

    We send out emails once or twice a month relating to IP Services, industry news, and events we'll be attending so you can meet our experts in person.

    Tonya Boyer

    Tonya has been with IP Services since 2014. After several years serving as a Subject Matter Expert in the cloud computing space, she began managing the Fraud Protection team in 2017. She believes in creating a happy, casual but professional workspace where everyone can live their best lives while doing good work. She is dedicated to community outreach and helps coordinate the IPS Connects volunteer and donation committee.