Part IV. Marketplace Fraud

Online marketplaces are naturally subject to many of the same sorts of attacks as other online businesses: stolen credit cards, phishing, account takeover (ATO), address manipulation, friendly fraud, and so on.

Sometimes slightly different flavors of these sorts of attacks are available on marketplaces specifically, but from the fraud identification and prevention perspective, there’s little difference. Readers working within marketplace ecosystems should turn to the earlier chapters for discussion of these fraud attacks, which are as relevant to marketplaces as to other businesses.

However, certain attacks are unique to marketplaces, made possible by their nature and structure. Because of this unique dynamic, we’ve set marketplace-specific attacks aside in their own part, albeit a short one. There are some vulnerabilities that only exist when you have a buyer and a seller dynamic in play, with users able to play either or both roles. It’s these sorts of attacks that we focus on in Chapter 17, where we look at collusion and exit, and in Chapter 18, which deals with seller fraud.

Note that we use the terms buyer and seller to apply to the appropriate parties in the transaction as catchall terms, regardless of the nature of the marketplace, whether it’s ride sharing, apartment rentals, physical goods, digital goods, payments, or other kinds. A driver and rider, renter and landlord, and so on can all fit into the buyer or seller category, and ...