Security Magazine logo
  • Sign In
  • Create Account
  • Sign Out
  • My Account
  • NEWS
  • MANAGEMENT
  • PHYSICAL
  • CYBER
  • BLOG
  • COLUMNS
  • EXCLUSIVES
  • SECTORS
  • EVENTS
  • MEDIA
  • MORE
  • EMAG
  • SIGN UP!
cart
facebook twitter linkedin youtube
  • NEWS
  • Security Newswire
  • Technologies & Solutions
  • MANAGEMENT
  • Leadership Management
  • Enterprise Services
  • Security Education & Training
  • Logical Security
  • Security & Business Resilience
  • Profiles in Excellence
  • PHYSICAL
  • Access Management
  • Fire & Life Safety
  • Identity Management
  • Physical Security
  • Video Surveillance
  • Case Studies (Physical)
  • CYBER
  • Cybersecurity News
  • More
  • COLUMNS
  • Cyber Tactics
  • Leadership & Management
  • Security Talk
  • Career Intelligence
  • Leader to Leader
  • Cybersecurity Education & Training
  • EXCLUSIVES
  • Annual Guarding Report
  • Most Influential People in Security
  • The Security Benchmark Report
  • Top Guard and Security Officer Companies
  • Top Cybersecurity Leaders
  • Women in Security
  • SECTORS
  • Arenas / Stadiums / Leagues / Entertainment
  • Banking/Finance/Insurance
  • Construction, Real Estate, Property Management
  • Education: K-12
  • Education: University
  • Government: Federal, State and Local
  • Hospitality & Casinos
  • Hospitals & Medical Centers
  • Infrastructure:Electric,Gas & Water
  • Ports: Sea, Land, & Air
  • Retail/Restaurants/Convenience
  • Transportation/Logistics/Supply Chain/Distribution/ Warehousing
  • EVENTS
  • Industry Events
  • Webinars
  • Solutions by Sector
  • Security 500 Conference
  • MEDIA
  • Videos
  • Podcasts
  • Polls
  • Photo Galleries
  • Videos
  • Cybersecurity & Geopolitical Discussion
  • Ask Me Anything (AMA) Series
  • MORE
  • Call for Entries
  • Classifieds & Job Listings
  • Continuing Education
  • Newsletter
  • Sponsor Insights
  • Store
  • White Papers
  • EMAG
  • eMagazine
  • This Month's Content
  • Advertise
Security Magazine logo
search
cart
facebook twitter linkedin youtube
  • Sign In
  • Create Account
  • Sign Out
  • My Account
Security Magazine logo
  • NEWS
    • Security Newswire
    • Technologies & Solutions
  • MANAGEMENT
    • Leadership Management
    • Enterprise Services
    • Security Education & Training
    • Logical Security
    • Security & Business Resilience
    • Profiles in Excellence
  • PHYSICAL
    • Access Management
    • Fire & Life Safety
    • Identity Management
    • Physical Security
    • Video Surveillance
    • Case Studies (Physical)
  • CYBER
    • Cybersecurity News
    • More
  • BLOG
  • COLUMNS
    • Cyber Tactics
    • Leadership & Management
    • Security Talk
    • Career Intelligence
    • Leader to Leader
    • Cybersecurity Education & Training
  • EXCLUSIVES
    • Annual Guarding Report
    • Most Influential People in Security
    • The Security Benchmark Report
    • Top Guard and Security Officer Companies
    • Top Cybersecurity Leaders
    • Women in Security
  • SECTORS
    • Arenas / Stadiums / Leagues / Entertainment
    • Banking/Finance/Insurance
    • Construction, Real Estate, Property Management
    • Education: K-12
    • Education: University
    • Government: Federal, State and Local
    • Hospitality & Casinos
    • Hospitals & Medical Centers
    • Infrastructure:Electric,Gas & Water
    • Ports: Sea, Land, & Air
    • Retail/Restaurants/Convenience
    • Transportation/Logistics/Supply Chain/Distribution/ Warehousing
  • EVENTS
    • Industry Events
    • Webinars
    • Solutions by Sector
    • Security 500 Conference
  • MEDIA
    • Videos
      • Cybersecurity & Geopolitical Discussion
      • Ask Me Anything (AMA) Series
    • Podcasts
    • Polls
    • Photo Galleries
  • MORE
    • Call for Entries
    • Classifieds & Job Listings
    • Continuing Education
    • Newsletter
    • Sponsor Insights
    • Store
    • White Papers
  • EMAG
    • eMagazine
    • This Month's Content
    • Advertise
  • SIGN UP!
CybersecurityManagementTechnologies & SolutionsSecurity Enterprise ServicesSecurity Leadership and ManagementLogical SecuritySecurity & Business ResilienceCybersecurity News

5 minutes with Jane Lee - The fraud supply chain, cyberattacks and more

By Maria Henriquez
5 mins with Jane Lee
March 31, 2021

How can consumers and retailers protect themselves in the coming months? Here, Jane Lee, Trust and Safety Architect at Sift, speaks to Security  magazine about this critical issue.

 

Security: What is your title and background?

Lee: I’m currently a Trust and Safety Architect at Sift, a leading Digital Trust & Safety company that helps protect hundreds of companies like AirBnb, Twitter, and Doordash, from fraud and abuse, so that they can focus on providing frictionless customer experiences and growth. My passion for designing and operationalizing fraud prevention systems is what led me to my current role at Sift. I was introduced to the fraud prevention space during a stint as a private investigator. I then joined the disputes team at Square where I focused on chargeback operations. Following that role, I spent over five years on Facebook’s Site Integrity Operations team where I built scalable solutions to protect the Facebook community from nefarious activity.

Security: What are the unexpected ways fraudsters are leveraging the new shopping norm - such as social media, and buy online pickup in-store (BOPIS) fraud?

Lee: With the pandemic significantly impacting in-store shopping, fraudsters have changed their tactics to take advantage of the new shopping norm. In many ways, fraudsters’ activities act as a barometer of economic trends because they always follow the flow of money.

Knowing that traditional retail merchants have been forced to shift to e-commerce during the pandemic, bad actors are quickly adapting their methods as well. For example, buy online pickup in-store (BOPIS) has become an attractive option for consumers during the pandemic. However, the rush to establish curbside or in-store pickup with quick turnaround has unfortunately made retailers more vulnerable to fraudsters. A part of why BOPIS fraud is so successful is because merchants are no longer able to leverage the buffer time between an order being placed to when it is shipped, to validate a transaction. Additionally, many traditional indicators such as a mismatch between billing and shipping addresses no longer exist. To mitigate this challenge, retailers need to look to other forms of data to understand their customers’ usual behaviors and spot telltale deviations.

A key driver of BOPIS fraud – and one that has skyrocketed during the pandemic – is account takeovers (ATO). Our global network found that the rate of ATO jumped nearly 400% in physical ecommerce businesses since the start of the pandemic. The increase in ATO is largely due to the data breaches in which consumer credentials are stolen, combined with the fact that over 65% of users recycle the same password across multiple platforms. Additionally, bad actors have exploited pandemic fears by deploying phishing campaigns related to COVID (e.g.: stimulus check scams, contact tracing scams, and more) to deceive consumers into providing personally identifiable information. To add insult to injury, the overwhelming volume of new accounts, credit cards and transactions, provides a larger shroud of cover for bad actors to hide under as they hack into user accounts, illicitly purchase products via stored payment details, which are then easily picked up curbside.

 

Security: How do cyberattacks, like phishing and account takeover attacks, and data breaches accelerate the fraud supply chain?

Lee: Fraud doesn’t happen in a vacuum. Cybercriminals use different attack vectors to steal from consumers and businesses, often through more complex ways than merely buying stolen credit cards to make large purchases. This system makes up the fraud supply chain and many times it starts with data breaches.

Data breaches are almost always a means to an end. Information like usernames or passwords can arm fraudsters with enough to execute more sophisticated attacks. An email address is all a bad actor needs to launch a phishing scheme to try and convince consumers to share further personal data such as credit card information, passwords, etc. While most people may think it's easy to recognize a phishing scheme, sophisticated fraudsters will use additional information garnered through previous data breaches to personalize content that demonstrates potential legitimacy.
 

Data breaches often serve as the primary “link” in the fraud supply chain which can fuel different types of attacks such as phishing scams and account takeovers ultimately leading to payment fraud. This fraud supply chain is interconnected and self-supporting and the only way to effectively combat the fraud supply chain is to accurately analyze thousands of patterns and signals to effectively protect against fraud without compromising growth. This is the essence of a Digital Trust & Safety strategy.
 

Security: How has COVID outdated retailers’ fraud identification processes?

Lee: Consumer behavior has changed significantly during the pandemic and the rules-based fraud prevention strategies that have been used for years must adapt as well. Traditionally, fraud prevention teams rely on creating manual rules to make educated guesses on how bad actors behave. However, it’s important to remember that bad actors are adversaries and they will figure out ways to skirt the threshold of outdated rules-based systems.

With caps on order volumes and values, rules-based strategies don’t account for the changes in consumer behaviors. As shelter-in-place orders continue to cause consumers to make higher-volume purchases, some fraud prevention systems are stopping these legitimate transactions completely or creating friction within the customer journey. To adapt to the shifts caused by the pandemic, merchants need to implement machine learning. By analyzing thousands of different signals in real-time, machine learning can help fraud teams change their parameters dynamically, so they’re not stopping real customers from making a purchase. 
 

Security: How can machine learning help identify consumers new behavior to recognize new types of fraud?

Lee: 2020 was an exponential year for e-commerce sales. According to our global network, the average daily transaction volumes from April - November 2020 have been equal to 88% of a typical Black Friday. It’s basically been Black Friday every day for online merchants. The consistently higher volume has likewise made fraud prevention more of a marathon filled with different patterns than usual and less of a sprint.

Fraud prevention teams can no longer rely on their traditional methods to keep up with higher order volumes, pandemic-induced shopping behavior changes, and new strategies implemented by fraudsters. Machine learning is essential to not only identifying new trends but changing risk thresholds. In a typical year, anyone trying to buy multiple cases of vodka from a merchant would have been an obvious fraud signal. But now? That’s a regular Covid coping purchase. A machine learning system ingests these purchases and can quickly adapt to look at other signals in order to detect suspicious activity. Now is the time to leverage machine learning and automation to fight fraud.

The only way for businesses to effectively balance fraud prevention with the customer experience is with automated and adaptive defenses built with machine learning. Advanced velocity checks, for example, can detect changes in typical user behavior, whether through purchase volume, changes in device, or payment method. These checks account for natural changes in customer behavior, providing that seamless shopping experience all while preventing fraud.

With the increased transaction volumes, real-time alerts and automated responses will play a critical role in helping fraud prevention teams identify and block fraudulent orders while providing a frictionless shopping experience for consumers.

 

Security: What are other best practices retailers/consumers can implement to ensure a safe shopping season?

Lee: First, create standard operating procedures (SOPs), and invest in training and quality control. A simple tactic such as verifying identification before loading a BOPIS order into someone’s car can prevent an order from getting into the hands of the wrong person.

Consumers can protect themselves by practicing good password hygiene and staying vigilant knowing that hackers are actively trying to steal personal information. Not using the same password across different accounts and double-checking the validity of websites before entering credentials are online shopping best practices

Retailers and consumers alike should leverage multi-factor authentication (MFA) and/or security notifications. MFA requires a user to confirm their online activity via other trusted channels like email or text, adding another layer of security that is challenging for fraudsters to compromise. Similarly, security notifications offer a less invasive way to notify users of suspicious activity on their accounts.

KEYWORDS: cyber security fraud prevention retailers risk management supply chain

Share This Story

Looking for a reprint of this article?
From high-res PDFs to custom plaques, order your copy today!

Maria Henriquez is a former Associate Editor of Security. She covered topics including cybersecurity and physical security, risk management and more.

Recommended Content

JOIN TODAY
To unlock your recommendations.

Already have an account? Sign In

  • Security's Top Cybersecurity Leaders 2024

    Security's Top Cybersecurity Leaders 2024

    Security magazine's Top Cybersecurity Leaders 2024 award...
    Cybersecurity
    By: Security Staff
  • cyber brain

    The intersection of cybersecurity and artificial intelligence

    Artificial intelligence (AI) is a valuable cybersecurity...
    Security Leadership and Management
    By: Pam Nigro
  • artificial intelligence AI graphic

    Assessing the pros and cons of AI for cybersecurity

    Artificial intelligence (AI) has significant implications...
    Logical Security
    By: Charles Denyer
close

1 COMPLIMENTARY ARTICLE(S) LEFT

Loader

Already Registered? Sign in now.

Manage My Account
  • Security eNewsletter & Other eNews Alerts
  • eMagazine Subscriptions
  • Manage My Preferences
  • Online Registration
  • Mobile App
  • Subscription Customer Service

Middle East Escalation, Humanitarian Law and Disinformation – Episode 25

Middle East Escalation, Humanitarian Law and Disinformation – Episode 25

The Money Laundering Machine: Inside the global crime epidemic - Episode 24

The Money Laundering Machine: Inside the global crime epidemic - Episode 24

Security’s Top 5 – 2024 Year in Review

Security’s Top 5 – 2024 Year in Review

More Videos

Sponsored Content

Sponsored Content is a special paid section where industry companies provide high quality, objective, non-commercial content around topics of interest to the Security audience. All Sponsored Content is supplied by the advertising company and any opinions expressed in this article are those of the author and not necessarily reflect the views of Security or its parent company, BNP Media. Interested in participating in our Sponsored Content section? Contact your local rep!

close
  • Sureview screen
    Sponsored bySureView Systems

    The Evolution of Automation in the Command Center

  • Crisis Response Team
    Sponsored byEverbridge

    Automate or Fall Behind – Crisis Response at the Speed of Risk

  • Perimeter security
    Sponsored byAMAROK

    Why Property Security is the New Competitive Advantage

Popular Stories

Rendered computer with keyboard

16B Login Credentials Exposed in World’s Largest Data Breach

Verizon on phone screen

61M Records Listed for Sale Online, Allegedly Belong to Verizon

Security’s 2025 Women in Security

Security’s 2025 Women in Security

Red spiderweb

From Retail to Insurance, Scattered Spider Changes Targets

blurry multicolored text on black screen

PowerSchool Education Technology Company Announces Data Breach

Events

August 7, 2025

Threats to the Energy Sector: Implications for Corporate and National Security

The energy sector has found itself in the crosshairs of virtually every bad actor on the global stage.

August 27, 2025

Risk Mitigation as a Competitive Edge

In today’s volatile environment, a robust risk management strategy isn’t just a requirement—it’s a foundation for organizational resilience. From cyber threats to climate disruptions, the ability to anticipate, withstand, and adapt to disruption is becoming a hallmark of industry leaders.

View All Submit An Event

Products

Security Culture: A How-to Guide for Improving Security Culture and Dealing with People Risk in Your Organisation

Security Culture: A How-to Guide for Improving Security Culture and Dealing with People Risk in Your Organisation

See More Products

Related Articles

  • 5mw Bai Cortese

    5 minutes with Tony Bai and Joe Cortese - The future of supply chain security

    See More
  • 5mw Gardner

    5 minutes with Dr. Tommy Gardner - How to accelerate U.S. supply chain and security innovation

    See More
  • 5 mins with Omri Kletter

    5 minutes with Omri Kletter – COVID-19, cybersecurity, crime, and fraud management

    See More

Related Products

See More Products
  • Risk-Analysis.gif

    Risk Analysis and the Security Survey, 4th Edition

  • security culture.webp

    Security Culture: A How-to Guide for Improving Security Culture and Dealing with People Risk in Your Organisation

  • 9780367030407.jpg

    National Security, Personal Privacy and the Law

See More Products
×

Sign-up to receive top management & result-driven techniques in the industry.

Join over 20,000+ industry leaders who receive our premium content.

SIGN UP TODAY!
  • RESOURCES
    • Advertise
    • Contact Us
    • Store
    • Want More
  • SIGN UP TODAY
    • Create Account
    • eMagazine
    • eNewsletter
    • Customer Service
    • Manage Preferences
  • SERVICES
    • Marketing Services
    • Reprints
    • Market Research
    • List Rental
    • Survey/Respondent Access
  • STAY CONNECTED
    • LinkedIn
    • Facebook
    • YouTube
    • X (Twitter)
  • PRIVACY
    • PRIVACY POLICY
    • TERMS & CONDITIONS
    • DO NOT SELL MY PERSONAL INFORMATION
    • PRIVACY REQUEST
    • ACCESSIBILITY

Copyright ©2025. All Rights Reserved BNP Media.

Design, CMS, Hosting & Web Development :: ePublishing

Security Magazine logo
search
cart
facebook twitter linkedin youtube
  • Sign In
  • Create Account
  • Sign Out
  • My Account
Security Magazine logo
  • NEWS
    • Security Newswire
    • Technologies & Solutions
  • MANAGEMENT
    • Leadership Management
    • Enterprise Services
    • Security Education & Training
    • Logical Security
    • Security & Business Resilience
    • Profiles in Excellence
  • PHYSICAL
    • Access Management
    • Fire & Life Safety
    • Identity Management
    • Physical Security
    • Video Surveillance
    • Case Studies (Physical)
  • CYBER
    • Cybersecurity News
    • More
  • BLOG
  • COLUMNS
    • Cyber Tactics
    • Leadership & Management
    • Security Talk
    • Career Intelligence
    • Leader to Leader
    • Cybersecurity Education & Training
  • EXCLUSIVES
    • Annual Guarding Report
    • Most Influential People in Security
    • The Security Benchmark Report
    • Top Guard and Security Officer Companies
    • Top Cybersecurity Leaders
    • Women in Security
  • SECTORS
    • Arenas / Stadiums / Leagues / Entertainment
    • Banking/Finance/Insurance
    • Construction, Real Estate, Property Management
    • Education: K-12
    • Education: University
    • Government: Federal, State and Local
    • Hospitality & Casinos
    • Hospitals & Medical Centers
    • Infrastructure:Electric,Gas & Water
    • Ports: Sea, Land, & Air
    • Retail/Restaurants/Convenience
    • Transportation/Logistics/Supply Chain/Distribution/ Warehousing
  • EVENTS
    • Industry Events
    • Webinars
    • Solutions by Sector
    • Security 500 Conference
  • MEDIA
    • Videos
      • Cybersecurity & Geopolitical Discussion
      • Ask Me Anything (AMA) Series
    • Podcasts
    • Polls
    • Photo Galleries
  • MORE
    • Call for Entries
    • Classifieds & Job Listings
    • Continuing Education
    • Newsletter
    • Sponsor Insights
    • Store
    • White Papers
  • EMAG
    • eMagazine
    • This Month's Content
    • Advertise
  • SIGN UP!