Almost every loss prevention circle I’m part of lately has been buzzing about the same thing: external fraud and organized retail crime (ORC). The amount of retail fraud driven by external players is ever on the rise and we need new, more advanced solutions to stop it.
I tend to leverage analytics technology to identify unlikely consumer behavior. It’s the quickest, easiest way to flag suspicious activity, and, with the right solution, you can alert the right people to investigate and stop it. Here are a few examples of anomalous data behavior that my customers have leveraged to uncover fraud:
Refund and Exchanges Across Multiple Stores
Refund fraud is a major concern across all retailers. It is a favorite methodology of organized retail crime rings, whether via returning items they just plucked off the shelf, buying a premium item and returning a cheap knockoff for a full refund, or one of many other schemes.
Thus, one of my most common requests from customers is algorithms that employ different means of identifying refund fraud. My customers have had overwhelming success with one particular set of simple but effective logic: it flags customers who conduct refunds or exchanges across multiple stores.
How does this indicate fraud? Well, think about the last time you had to return two items from the same store. Did you go back to the same store of purchase and return them both at the same time? Or did you skip the store of purchase (presumably the most convenient location for you) altogether, and return one item at a different store, and then drive all the way to yet another store to return the second item?
Unless you just bought your dream car and are trying to break it in, probably the former option.
This logic has flagged more than $225,000 worth of suspicious refunds and exchanges across multiple stores at a single customer of mine, and investigations and appropriate discipline are ongoing.
Unexpected Item Purchased at Self-Checkout
First, a question: Have you ever gone to a hardware store to buy something? Of course you have. Well, here’s another question: Have you ever gone to a hardware store to buy just soda and candy? That’s a lot less common.
Unless there are no convenience stores, grocery stores, pharmacies, or vending machines within a 10-mile radius of your house, probably not.
That’s exactly why some eyebrows were raised when one of my hardware customers noticed many transactions containing only soda and/or candy.
Could they be legitimate transactions, perhaps by a customer who couldn’t find what they needed and had a junk food craving on their way out? Theoretically, yes. But more likely, those soda and candy transactions were hiding other suspicious behaviors at self-checkouts.
Consider: a fraudster enters the hardware store looking to steal. He grabs a typical high-theft item, like a cordless impact driver and a drill kit, all high-theft items. Now, what’s his next move?
Walk straight out with his cartload of items? Sometimes, for those who are bold enough, yes.
But some clever bad actors will attempt to make their trip look more legitimate. Perhaps this person grabs a Snickers bar and a bottle of Dr. Pepper, and then heads to self-checkout to buy those two items.
JUST those two items. Not the power tools.
Now that the customer bought something, he has a receipt. He clutches it in his hand as he walks out, making sure everyone around him can clearly see it. This gives the illusion that he did in fact pay for his order, especially since he made certain to conduct all of this activity when the attention of the self-checkout attendant was elsewhere. And just like that, the customer gets away with nearly $200-$300 in easily resold power tools—all for the price of a candy bar and a bottle of soda (less than $3). This logic has been a smashing success, flagging hundreds of suspicious orders transactions for investigation.
We’ve all seen our own examples of customers stealing product by entering that infamous PLU code for bananas (4011) at self checkout. Luckily, even this seemingly undetectable scheme always leaves a breadcrumb trail—it’s just a matter of identifying it within your data. Some examples of logic my customers have used to catch banana schemes include:
Frequency of purchase. Unless they have a potassium deficiency, a customer buying bananas every day is almost certainly an instance of fraud.
Excessive quantities. Ever bought 20 pounds of bananas in one visit? Probably not—so if this appears in your data, the customer more than likely weighed up something else that weighed 20 pounds… perhaps a jug of Tide, or a large beef roast, or a mega pack of energy drinks.
Multiple line items. Most customers weigh all their bananas at once, so if an order appears to have bananas rung up in multiple increments throughout, it’s a good bet there were no bananas in that order at all.
An advanced analytics solution can quickly flag any of the above occurrences and alert LP investigators to respond.
For more information on advanced analytics for retail loss prevention, visit www.zebra.com/zpa.