Skip to content

Twitter protests can create a whole new fraud threat for online brands 

Read the State of Commerce Report for 2021

Read the State of Commerce Report for 2021

Cover of the State of Commerce 2021 by Signifyd

Ecommerce retailers and brands are accustomed to facing innovative and ever-changing threats from fraudsters looking to profit by buying products with stolen credit cards and co-opted online accounts.

But increasingly now, they also need to steel themselves for a relatively new and distinct threat: Political activists who release credit card information on social media as a form of protest. The posts are a variation of doxxing, or using the internet to broadcast the personal information of a particular target.

Last week, for instance, political activists in Colombia aligned with those protesting poverty and inequality in the country, posted credit card information that appeared to belong to a dozen of the country’s top political leaders with the message, “Credit cards of the high rulers of COLOMBIA. Let the games begin!”

And the games did begin. 

What you need to know
  • Online activists sympathetic to protesters in Colombia tweeted out credit card information they said belongs to government officials.
  • Some of the activists’ millions of followers attempted to take advantage of what looked like free money by making fraudulent online purchases.
  • Signifyd saw more than $4 million in bad orders on its network of thousands of merchants. Nearly all the orders were declined.

In an instant, 6.8 million Twitter followers of the group that posted the information — and then countless more followers of the 6.8 million followers — had in their hands credit card numbers, expiration dates and card verification codes for Colombia’s top officials. 

The Twittersphere placed $4.3 million in bad orders

In the hours and days after the tweet, which resulted in a wide-ranging Twitter discussion, Signifyd’s Commerce Protection Platform identified a dramatic spike in orders placed with the tweeted card numbers. In short order, Signifyd detected 4,400 orders worth $4.3 million on its network of merchants — including an order placed by a shopper who gave their name as “Presidente de Colombia.”

Signifyd, which uses big data and machine learning to sort legitimate from fraudulent orders, declined nearly all the fraudulent orders and reimbursed its merchant customers for any bad orders that were actually shipped. 

For merchants, the sort of fraud attack brought on by the Colombian protests presents particular challenges. The wave of bad orders does not come with a fraud ring’s typical MO, meaning stymieing the attack calls for a constantly learning, automated solution like Signifyd.

“This was not a coordinated fraud attack,” says Signifyd Manager of Risk Intelligence Ben Davidson. “These were just normal people who suddenly had access to credit card information. They are not your everyday fraudsters.” 

The mobile phones, game consoles and laptops that won’t be going anywhere

The shoppers attempted purchases reflected that. High on their shopping lists were items you might expect, including mobile phones, video game consoles, consumer electronics — including laptops, desktops, tablets and high-end cameras. But there was also noticeable interest in footwear, musical instruments and even cologne and perfume.

“Pretty much anything they could get their hands on,” Davidson says. 

And while the fraudulent transactions came fast and furious initially, those visible on Signifyd’s Commerce Network faded just as quickly. The combination of Signifyd’s defense of its customers and the cancellations of the credit card accounts themselves meant an end to the malicious transactions.

Some of those who attempted purchases reported back on Twitter in what was generally a light exchange of tweets asking for buying tips and sharing stories about declined orders and suspended payment accounts.

“They canceled my Amazon account HA HA HA HA,” one person tweeted.

But not everyone was laughing. There was also this from a shopper who reported his payment form was blocked and then asked: “Is there something we should be afraid of? I mean go(ing) to jail or (something) like that?”

Photo by Getting Images


Working to better protect your enterprise from fraud — wherever it comes from? Let’s talk.

Let's talk about protection from payments fraud and consumer abuse

Mike Cassidy

Mike Cassidy

Mike is lead storyteller at Signifyd. A former journalist and a retail geek, he covers ecommerce and the way technology is transforming digital commerce. Contact him at mike.cassidy@signifyd.com; follow him on Twitter at @mikecassidy.