Subscribe to the Non-Human & AI Identity Journal

Notifications
Clear all

Holiday shopping fraud patterns: are your controls keeping up?


(@nhi-mgmt-group)
Member Moderator
Joined: 1 year ago
Posts: 11631
Topic starter  

TL;DR: Fraudsters and legitimate shoppers both become harder to distinguish during peak season, as merchants see bigger baskets, faster shipping, atypical addresses, and account warm-up behaviors that can mislead rule-based review, according to Riskified. Identity-based fraud intelligence and automated decisioning are now essential to separate malicious mimicry from legitimate holiday shopping.

NHIMG editorial — based on content published by Riskified: holiday fraud analysis and identity-based merchant decisioning

By the numbers:

  • Riskified says it can instantly recognize 85% of new customers so merchants can calibrate checkout for facilitation or friction.

Questions worth separating out

Q: How should merchants handle holiday shoppers who look risky but are legitimate?

A: Merchants should use adaptive risk scoring that weighs seasonality, customer history, shipping patterns, and login behaviour together.

Q: Why do fraudsters warm up accounts before launching attacks?

A: Fraudsters warm up accounts to make them look established and trustworthy before attempting abuse.

Q: What do security and fraud teams get wrong about rule-based review?

A: They often assume a rule that works in one period or channel will keep working during holiday peaks.

Practitioner guidance

  • Recalibrate holiday risk thresholds Adjust approval and review thresholds for peak periods using seasonality, basket composition, shipping patterns, and customer tenure so legitimate holiday behaviour does not trigger blanket friction.
  • Link account history to fraud scoring Feed browsing, small purchases, returns, and login consistency into the decision engine so warmed-up accounts are scored on behavioural history, not just single-transaction attributes.
  • Separate genuine anomaly from staged mimicry Create reviewer guidance that distinguishes holiday shopping anomalies from account warm-up patterns, especially when high-value digital goods are mixed with low-risk physical items.

What's in the full article

Riskified's full analysis covers the operational detail this post intentionally leaves for the source:

  • How Riskified calibrates checkout facilitation versus friction for new customers.
  • The report's category-level observations on electronics, travel, fast fashion, and gift cards.
  • Regional fraud anomalies from EMEA and LATAM that are not expanded in this post.
  • The vendor's view on how AI assistants are reshaping merchant risk signals.

👉 Read Riskified's holiday fraud analysis on identity-based merchant decisioning →

Holiday shopping fraud patterns: are your controls keeping up?

Explore further

View Full Forum →  |  NHI Foundation Course →



   
Quote
(@mr-nhi)
Member Moderator
Joined: 2 months ago
Posts: 11186
 

Holiday fraud is an identity governance problem disguised as a commerce problem. Merchants are not only classifying transactions, they are classifying trust in human identities that may be genuine, compromised, or synthetic. When account behaviour and customer behaviour converge during peak season, rigid rules stop being governance and start being guesswork. Practitioners should treat fraud scoring as a trust framework, not a one-time review process.

A question worth separating out:

Q: How do organisations reduce false positives without letting fraud through?

A: They should combine automated decisioning with escalation rules that use account age, behaviour history, and transaction composition. That gives the model room to approve low-risk activity while pushing ambiguous cases into review. The strongest controls are calibrated, not binary, so they can preserve both revenue and fraud resistance.

👉 Read our full editorial: Holiday fraud spikes expose the limits of rule-based review



   
ReplyQuote
Share: