NewKerala.com

Fraudsters Target e-Commerce with Jamtara-Style Scams: Report

Organized fraud networks are now systematically targeting online marketplaces, mirroring patterns seen in the Jamtara banking scams, according to a new report. An analysis of 70 million marketplace users revealed coordinated groups exploiting features like return policies, referral incentives, and cash-on-delivery options. The report mapped 256 fraud clusters comprising approximately 45,000 accounts linked to just 9,000 devices, indicating large-scale device farming operations. Beyond promo abuse, fraudsters also target accounts with saved credit cards for direct financial exploitation.

Key Points: e-Commerce Fraud Surge Like Jamtara Banking Scams

  • Organized fraud networks target e-commerce platforms using device farms
  • 1 in 6 risky devices linked to 10+ accounts signals 'farm' activity
  • 256 fraud clusters with 45,000 accounts tied to 9,000 devices
  • Return abuse and promo fraud drive systematic platform exploitation
3 min read

Fraudsters now exploiting e-Commerce sector at a scale similar to Jamtara banking scams: Report

AI report reveals organized fraud networks exploiting e-commerce platforms via device farms, promo abuse, and return scams, mirroring Jamtara banking fraud patterns.

"Promo abuse isn't petty theft. It's industrialized. - Ranjan Reddy, Founder & CEO, Bureau"

New Delhi, April 30

Organised fraud networks are now systematically targeting online marketplaces, with coordinated groups exploiting platform systems at scale, mirroring patterns once seen in banking fraud, according to a new study.

An analysis of 70 million marketplace users by AI- powered risk decisioning platform Bureau, revealed that coordinated groups are now exploiting online systems at a scale similar to the Jamtara banking scams.

The report showed that features intended to drive growth, such as return policies, referral incentives, and cash-on-delivery (COD) options, are being misused by structured networks.

The report identified that marketplace fraud today operates through highly coordinated clusters. It highlighted that "an average of 1 in 6 risky devices having more than 10+ accounts associated with the same device, which is typically a sign of a 'farm'...At the core of these patterns is device farming."

A device farm is where multiple phones are operated together, acting as the operational backbone of these fraud networks. It allows fraudsters to run and control dozens, sometimes hundreds, of accounts simultaneously, switching between them at speeds no individual user can match.

In total, the report mapped 256 fraud clusters comprising approximately 45,000 accounts linked to just 9,000 devices. This infrastructure allowed automated scripts to perform high-frequency activities, with some individual accounts recording more than 50 instances of activity within a single hour.

Ranjan Reddy, Founder & CEO, Bureau, said, "Promo abuse isn't petty theft. It's industrialized. Fraud has evolved beyond stolen cards into coordinated, cross-platform operations. We have found device farms running thousands of fake accounts simultaneously across multiple platforms. Bureau's network intelligence sees these operations cross-platform because a fraud ring doesn't attack one app at a time."

While these farms initially focus on promo and referral abuse, the Bureau report noted that this is often a secondary objective. The primary function involves scanning large volumes of accounts to identify those with saved credit cards or linked digital wallets. These accounts then become high-value targets for direct financial exploitation.

The scale of automation is further evidenced by significant location anomalies. The report highlighted instances where a single account logs in from Gujarat and Bengaluru within a 30-minute window.

In another case, one account appears active across 70 different locations.

Such patterns indicated automated account cycling rather than standard human behavior. As per the report, these activities are particularly concentrated in major hubs including Delhi, Bengaluru, and Noida. Some platforms recorded up to 15 times the typical share of users operating multiple accounts, indicating that incentive structures can directly influence fraud volume.

"With 99% of users being genuine, blunt controls hurt growth. Platforms need continuous, device- and network-level intelligence to act on the risky 1% without disrupting the rest." Reddy added.

Beyond incentive fraud, the report detailed how return abuse has become systematic. It explaied that fraudsters frequently order high-value items only to return empty packages or counterfeit goods.

Although only 0.95 per cent of users exhibited such anomalous behavior, this small group drove a disproportionate amount of platform abuse.

Bureau currently uses device and network intelligence to protect nearly 300 million devices across various sectors, including banking, fintech, and gaming, to detect these fraud rings before they can initiate significant financial damage.

- ANI

Share this article:

Reader Comments

P
Priya S
Ye device farming concept toh bahut scary hai. Ek device par 10 accounts? Aur woh bhi automated scripts se? Mera toh ek account manage karna mushkil hai. Par honestly, companies ko bhi apne systems ko harden karna hoga. Agar 99% users genuine hain toh unko protect karna zaroori hai, par jo 1% fraudsters hain unko bhi pakadna hoga. Vaise report bahut eye-opening hai. đź‘Ź
J
James A
It's unfortunate but not surprising. The same patterns exist globally. In India, with the rapid digitization, these fraud rings are becoming more sophisticated. The problem is systemic—they're using legitimate features like return policies and referral bonuses as attack vectors. The 70 location anomaly example is wild! Companies need to invest in AI and cross-platform intelligence, but also in basic things like stronger KYC and device fingerprinting.
V
Vikram M
Main toh aajkal Flipkart aur Amazon dono se careful ho gaya hoon. Pichle month ek phone order kiya tha toh delivery boy ne empty box diya. Platform bol rahe hai "investigation", lekin kuch nahi hota. Ye report toh batata hai ki ye organized hai. Par agar platforms apne hi features ko secure nahi kar rahe toh hum kya karein? Ek suggestion hai: COD orders ke liye OTP aur photo verification hona chahiye delivery time pe.
S
Sarah B
The scale of this is alarming—45,000 accounts from just 9,000 devices? That's industrial-level fraud. I appreciate that the report also calls out the need for smarter controls that don't harm genuine users (the 99%). But I'm curious—how does Bureau differentiate between a real user and a fake one if they use the same device for multiple accounts? Also, the return abuse point is critical—e-commerce companies need to tighten return policies without becoming anti-customer. 🤔

We welcome thoughtful discussions from our readers. Please keep comments respectful and on-topic.

Leave a Comment

Minimum 50 characters 0/50