By Xavier Sheikrojan, Director, Risk Intelligence at Signifyd
Ecommerce continues to be one of the fastest growing sectors with sales expected to hit $6.4 trillion in 2025. This growth offers huge potential for merchants to tap into evolving consumer trends, but it also presents them with numerous challenges posed by cyber criminals. While we’ve seen a multitude of data breaches impacting retail operations this year alone, fraudsters are capitalising on all fronts to eat into merchants’ profits.
A significant development in Europe has been the resurgence of mule fraud, supercharged by the raise in AI usage. This evolving threat allows fraudsters to sidestep security measures mandated in the region, such as 3DS and SCA, and enable unauthorised resale of high-value items. Beyond the immediate financial impact felt by merchants, such fraud also endangers individuals who are unknowingly drawn into these schemes, making mule fraud an increasingly urgent issue.
A significant development in Europe has been the resurgence of mule fraud. This form of fraud involves criminals recruiting individuals to use their own payment details to purchase goods that are then forwarded for resale. Because the mule provides genuine credentials and completes the authentication process, measures such as 3DS and SCA are rendered ineffective. Increasingly, fraudsters are turning to AI to create convincing job offers, professional recruitment approaches and highly targeted communications, making it easier to draw individuals into these schemes. For merchants, the result is rising chargebacks, the loss of valuable stock and significant pressure on already thin margins.
Mule fraud in today’s world
AI has equipped fraudsters with sophisticated tools to reinvent old tactics. They are now able to lure victims through convincing job listings, phishing emails, and social media scams, which are often disguised as remote work opportunities. Alarmingly, data shows that nearly 60% of mules are under 30, with university and sixth form students being prime targets due to their financial vulnerability.
Once recruited, mules are instructed to purchase goods and forward them for resale to avoid authorisation. Many only realise they’ve been duped when payments fail to materialise, leading to chargebacks. In some cases, fraudsters even encourage mules to dispute legitimate transactions after receiving the goods, causing even more headache for merchants.
The scale of the issue is significant. The European Money Mule Actions say that over 90% of mule-related transactions are tied to cybercrime and the organised nature of these operations is hitting merchants hard, especially those selling luxury items like watches, wallets, smartphones, and laptops.
Spotting fraudulent behaviour
One of the challenges in identifying mule fraud is that perpetrators often manipulate victims into making purchases using their own credit cards and personal devices. This tactic allows them to sidestep regional security protocols since the transactions involve legitimate payment methods, accurate billing details, and real shipping addresses. As a result, mule fraud can closely resemble authentic orders, making it harder to detect.
Another factor that complicates detection is the extended duration of these schemes. When fraudulent activity is spread out over time, it reduces the likelihood of being caught. Mule fraud is frequently intertwined with other scams, including romance or refund fraud, where cybercriminals use various strategies to recruit and deploy mules.
A key strategy for uncovering mule fraud is recognising behavioural patterns. Like all types of fraud, mule fraud leaves behind telltale signs that can help track it down. These may include irregular purchasing behaviour, excessive returns, chargebacks for undelivered items, mismatched geographic data, and multiple accounts sharing similar information. These indicators should not be overlooked, as fraudsters often probe a brand’s defences before launching more aggressive attacks.
Fortunately, merchants have access to extensive data for each transaction. Nowadays, AI-powered tools are equally instrumental in spotting these patterns, however, relying solely on technology isn’t enough. The most effective approach combines machine learning with human expertise in risk analysis. This hybrid method is proven to be the best way to expose fraud networks and protect brands.
While merchants’ first thought is about potential financial losses, reputational damage is also an important consideration. Unauthorised reselling can disrupt customer experience and post-purchase journey, both critical factors that influence whether a shopper returns to a brand.
Taking mule fraud under control
The pressure is on. Cybercriminals are smarter than ever and so are the tools they are using. Merchants must adopt a forward-thinking approach to fraud management that is rooted in regular reviews of internal processes, investing in training for fraud prevention teams, and fostering collaboration across departments. By doing so, fraud prevention becomes a collective effort rather than a siloed responsibility.
When it comes to mule fraud more specifically, success depends on a deep understanding of how it operates, the ability to spot behavioural patterns, the development of tailored alert systems, and partnering with organisations that have access to global fraud intelligence networks. Combining human expertise with machine learning will empower merchants to tackle mule fraud at scale.
