Fraud as a Service StatisticsThe Billion-Dollar FaaS Black Market

Fraud as a Service: Statistics & Financial Impact

Fraud as a Service isn’t talked about much… which can make it seem like an isolated problem. Due to its scale and scope, however, FaaS has become an illegal global “industry” that siphons billions of dollars out of the economy every year.

Unfortunately for merchants, the impact of FaaS can be felt far beyond the dollars and data gone down the drain from the initial attack. Between lost merchandise, added operational overhead, and a deluge of chargeback fees, a FaaS attack can dent your bottom line and lead to additional complications down the road.

It’s important to understand how big of a threat FaaS really is, so in this post, we take a look at some of the hard data around this type of fraudulent attack.

The Global Financial Impact of FaaS Attacks

Because FaaS is scalable, its effects can be wide-reaching. In 2024, a single Faas-enabled, large-scale attack spanning 4,800+ incidents disrupted businesses in three verticals (social media, crypto, and payments) on every continent except for Australia and Antarctica.

No longer are fraudsters working alone to exploit vulnerabilities and steal from clients. With the help of the dark web and anonymous payment methods like cryptocurrencies, scammers are working together, sharing knowledge, and transacting with each other.

No geographic location is immune from FaaS attacks. I mentioned a second ago that Australia was exempted from one high-profile attack. But, according to a 2023 survey by Ravelin, two-thirds of businesses in Australia said they have been victims of FaaS schemes at some point. This is compared to the global average of 56% of businesses.

Like legitimate business ecosystems, which magnify supply-side activity, the underground platforms that allow FaaS providers to thrive are lowering the cost of scamming, increasing the prevalence of fraud, and lowering the barrier to entry for aspiring cybercriminals.

Forecast

$107 Billion

Projected annual value of eCommerce fraud by 2029. Source: Juniper Research

Prevalence

56%

Percentage of companies hit by FaaS attacks, with rates as high as 67% in Canada and 66% in Australia. Source: Ravelin Technology

Demographic Shift

47%

Percentage of cybercrime cases involving someone 21 or younger. Source: Reuters

Automation Rate

80%

Percentage of login attempts across eCommerce platforms that are now attributed to automated bot traffic. Source: Neuro-ID by Experian

Annual Impact

$16 Billion

Total fraud losses from internet crimes in 2024, a 33% increase from the previous year. Source: FBI’s 2024 Internet Crime Report

Cost Multiplier

$4.61 Billion

The average cost to a US merchant for every single dollar lost to fraud. Source: LexisNexis Risk Solutions

Attack Scale

8,000

Number of incidents in the average detected FaaS attack in 2024. Source: AU10TIX 2024 The Year of FaaS Report

Acceleration

2X

Growth in the size of the average detected FaaS attack between 2023 and 2024. Source: AU10TIX 2024 The Year of FaaS Report

Fraud as a Service & Chargebacks

Fraud as a Service is a persistent threat faced by eCommerce merchants. Arguably the most damaging aspect, however, is the almost inevitable wave of chargebacks that follow.

A bad actor who manually commits fraud may get away with a small handful of unauthorized transactions at once. FaaS operators, on the other hand, can use botnets or other automations to place absurd numbers of fraudulent purchases in an hour. This serves as a force multiplier for chargeback volume when those charges are subsequently involuntarily reversed. 

Impacts include:

Next Chapter

Fraud as a Service Examples

Read More