Skip to content
Home » News » Fraud as a service: Scammers are using encrypted messaging to undercut BNPL revenue

Fraud as a service: Scammers are using encrypted messaging to undercut BNPL revenue

Buy now, pay later (BNPL) is booming in popularity, particularly among the traditional credit-wary millennial and Gen Z consumer populations. With $680 billion in transaction volume by 2025 up for grabs, fintech startups and long-standing financial institutions alike are jumping into the mix with their own offerings.

But, as we’ve seen with other emerging tech trends, rapid growth leads to new challenges.

While many industry pundits would point to the recent Consumer Financial Protection Bureau (CFPB) probe into BNPL vendors as the sector’s biggest headwind, there’s another area that regulators and industry players should be concerned about: fraud. Cybercrime often acts as a barometer of economic trends, and as the BNPL market continues to soar, fraudsters are cashing in.

Rather than relegating their activities to dark web marketplaces, scammers are hiding in plain sight on encrypted messaging apps. They collaborate through publicly available forums on these platforms to target BNPL providers with new tactics.

The only way to get ahead of these scams is for BNPL vendors to ensure they have the right defense strategy in place to combat fraud on their own platforms and networks.

Payment fraud is going mainstream, and anyone with an internet connection can join in. Yet, rather than hoping that platforms remove these fraud forums from their services, BNPL providers and the merchants who use them can shore up their own properties by understanding exactly how they are at risk.

So, what do these new fraud methods look like, and how can providers protect against them? Let’s dive in.

The dark web versus the deep web: The rise of fraud as a service

The dark web has, for years, been home to cybercrime and has become an oasis for scammers looking to obtain compromised information. However, with the recent crackdown on dark web marketplaces, cybercriminals have turned to new and under-the-radar hubs to commit illegal activity.

Malign actors have set their sights on secure messaging apps, such as Telegram, to conduct their illegal activity. As a part of the deep web, which isn’t indexed by search engines, secure messaging apps are a haven for professional criminals hoping to remain anonymous.

Within these forums, fraudsters have evolved their attack strategies. Instead of solely buying and selling access to information, cybercriminals have begun to promote fraud as a service.

One example is a Telegram scheme in which cybercriminals steal from restaurants and food delivery services. By advertising their ability to purchase food and beverage orders with stolen information (e.g., log-in credentials or credit card numbers), they offer opportunistic diners a meal at a heavily discounted rate.