Triangle Fraud: A Crime with Triple the Number of Victims

Triangle fraud involves a unique twist on the sale of stolen goods. This fraud gets its name from the crime resulting in three different parties falling victims to the scheme: a cardholder, a merchant, and a buyer. The maneuver is made deliberately complex to obscure the criminal’s identity and make it difficult to follow the flow of funds. To understand why triangle fraud exists, one must think like a criminal. Tangible goods purchased online must get shipped to a physical location where someone has to retrieve the merchandise. The inherent risk for theft is being caught as the receiver of stolen property. Criminals attempt to sidestep this issue by shipping stolen goods to a third party.

Triangle fraud emerged when criminals began taking advantage of developments in the retail sector. Person to person e-commerce initially began with websites that facilitated product sales between individuals. In an effort to compete in the online marketplace, some large retailers expanded their product lines by allowing individuals to sell privately-owned inventory through large retailer websites. The upside is that a partnership between retailers and legitimate third party sellers encourages entrepreneurship and facilitates competition among retailers. The unfortunate downside is that criminals exploit the third party aspect of the transaction to perpetrate fraud.

Triangle fraud starts with criminals acting as a third party vendor on the website of a trustworthy retailer. With stolen card information in hand, criminals select what goods will be sold, create an account, and advertise the items for sale on a retailer’s e-commerce website. The seller’s account is typically registered under a false identity. When a buyer purchases a product, the criminal then buys that exact product from a legitimate online retailer with the stolen credit card. The twist in this fraud is that the product is shipped directly to the buyer, who is presumably unaware of having received stolen property.

Most merchants utilize a system where purchases are charged to a credit card immediately prior to shipping the item, rather than at the moment of purchase. This is a customer-friendly safeguard that prevents a buyer from being charged if the retailer is not able to fulfill an order. The criminal exploits this processing delay, which often results in merchandise being shipped to the buyer before the cardholder realizes that an unauthorized purchase has been made using their account. U.S. law provides strict limits on consumer liability when a card is reported as lost or stolen, and in general consumers are not liable to pay for most unauthorized purchases. In some cases, the merchant may get notified that a purchase was made using a stolen credit card and can halt shipments, but this situation is quite rare. Merchants often discover the theft after the product has already been shipped, and take a financial loss on products purchased with stolen cards. By using stolen credit card information to sell goods on third party e-commerce websites, criminals receive payments from customers but never take physical possession of the stolen goods.

Triangle fraud can be hard to detect, so knowing the red flags for this scheme can help alert law enforcement when triangle fraud is suspected. The most accurate indicator of triangle fraud is when a cardholder reports a fraudulent purchase to the credit card company, and the credit card company is able to contact the merchant before the stolen merchandise gets delivered. Occasionally, a merchant is able to recall the shipment and alert law enforcement. However this perfect series of events would need to occur within a very brief timeframe, and thus it is the least likely situation to occur.

In most cases, investigators should look for a unique combination of traits to help uncover triangle fraud. The traits to analyze include volume of sales, sale price, product brand name, and location of the warehouses from which items are being shipped to customers. Criminals tend to deal in premium brand-name merchandise such as electronics, tools, and wearable luxury items. The merchandise is sold below retail value, in an effort to quickly generate a large volume of sales before compromised cards are terminated after being reported as lost or stolen. It is important to note that the merchandise is sold below current retail value, but not so low that buyers would become suspicious of the seller. The criminal also takes advantage of the buyer’s trust in the well-known retailer. Delivery tracking numbers are viewable online and offer substantial clues to the operation. Large retailers typically have multiple distribution centers spread out across the U.S., so merchandise normally gets shipped from within a few hundred miles of delivery addresses that are within the 48 states. Internet searches can often pinpoint the locations of distribution centers for major retailers, which can be compared to the buyer’s address. Looking at the overall picture, it would not make sense that a slightly under priced popular item was shipped to a buyer from a distribution center located across the country. Identifying that the card used to make the purchase was subsequently suspended or terminated would provide further evidence to suspect that triangle fraud may have taken place.

The signs of triangle fraud may be subtle. It takes effort to compare sales prices, determine the distance the merchandise traveled from the distribution center to the product buyer, and to find out if the card has been deactivated. However given that the fraud scheme involves three separate victims for each transaction, this is a crime that is worth the effort to document the red flags and report signs of triangle fraud to law enforcement. The skilled investigators at AML RightSource are adept at detecting complex fraud scenarios and stopping bad actors from further perpetrating this and other types of financial crime. 

Posted in
Diane Dylinski

Diane Dylinski

Diane Dylinski is an Associate Analyst II with AML RightSource. She has been with the company since February 2017 and has experience with AML and fraud in the financial technology environment. Her experience includes know your customer, risk assessment, and transaction monitoring at the level of alerts, case investigations, and 90-day SAR reviews. Ms. Dylinski has assisted financial technology companies and online payment processing companies with assets ranging from $1 billion to $43 billion, including significant SAR writing experience. Examples of her case experience include tech support scams, pyramid schemes, shell companies, credit card fraud, copyright and trademark infringement, and others. Ms. Dylinski holds a Bachelor of Arts in Business Administration from Baker College.

Leave a Comment