How Fraudsters Exploit Popular Interest-free Payment Plans

<p><span lang=\"EN-US\">On the Dark Web, we already observe proposals to sell compromised accounts on various buy-now-pay-later platforms. Cyber threat actors also started advertising malware toolkits specifically tailored to steal such accounts via watering holes and phishing attacks. Other groups leverage credential stuffing attacks with previously stolen credentials. Being fairly simple, credential stuffing attacks may be pretty efficient and lead to breaches of hundreds of accounts at once. Successful account compromise may seriously jeopardize the financial situation of the victims and negatively impact their credit history. Worse, most likely, the victims will be civilly liable to pay for the orders they never made plus interests and possible penalties. </span></p>
<p><span lang=\"EN-US\">Providers of buy-now-pay-later platforms should implement multilayer anomaly detection systems to spot unusual or unexpected behavior, logins and transactions. Actions like change of delivery address should be always vetted by humans. Providers usually have enough big data to build data sets, train machine learning model and spot fraud on the early stage. Users of buy-now-pay-later platforms should enable 2FA, keep their mobile devices and computers up2date, and stay vigilant when receiving unusual messages or emails. Buying individual cyber fraud insurance may also be a good idea, however, the insurees should carefully read the terms of service for the incidents covered and possible limits.</span></p>