Skip to content

Why Merchant Clusters Are a Threat to Your Merchant Portfolio

three hooded figures

LegitScript increasingly encounters groups of related merchants whose websites are nearly exact duplicates of each other. We refer to these merchant groups as clusters, and they pose a variety of threats to merchant portfolios. Keep reading to understand what they are, why they appear, and how you can spot them.

What are merchant clusters?

Cluster merchants will typically share similar merchant application details or characteristics that, under scrutiny, appear to be falsified or randomly generated. These shared details or characteristics may indicate that these accounts are controlled by a single entity. Oftentimes, merchants in a cluster appear innocuous at first glance; however, LegitScript analysts who investigate merchant clusters by identifying patterns or similarities across merchant application data, website templates, metadata, registrar information, and product offerings, often find them engaged in fraud, transaction laundering, or other problematic behavior.

Why watch out for merchant clusters?

Identifying clusters is increasingly important as merchants engaged in problematic activity often create accounts en masse as a way of load balancing. Clusters of merchant accounts can be highly profitable for fraudsters, who can use them for transaction laundering, card testing, card cashing, and other forms of fraud.

Merchant Clusters and Synthetic Identity Fraud

Merchant clusters often engage in synthetic identity fraud — a combination of genuine and fabricated details to make account applications appear genuine. Synthetic identity fraud differs from traditional identity fraud in a few key ways. With traditional identity fraud, a criminal pretends to be another person — using all of the victim’s stolen information — to gain access to his or her credit. With synthetic identity fraud, a criminal uses a blend of real and falsified information to establish a credit record under a new synthetic identity. Read more about this tactic in our Synthetic Identity Fraud Guide.

 

two laptops showing a car website

An example of two websites that were part of the same merchant cluster

Merchant Cluster Case Study

The two websites featured above appear nearly identical, save for a slight variation in their names (Car Kalama and Car Kalema, respectively). Because of their striking similarities, LegitScript analysts researched these websites and discovered that they had similar authoritative domains, merchant names, website titles, and merchant email addresses. Analysts also identified additional websites that appeared to be part of the same cluster. Further analysis suggested that the accounts were being used for transaction laundering.

Want to learn about other high-risk trends?

The payments risk and compliance space is dynamic — it must constantly adapt to advancing technologies, changing regulations, criminal innovation, and new products. Navigating this ever-shifting landscape can be both difficult and time- consuming. In our fully updated guide, LegitScript shares new high-risk trends in card-not-present transactions that all payment service providers should avoid. Click the image below to get yours.

cover of high-risk trends guide

Recent Blog Articles

merchant risk

The Challenges and Opportunities of Quantifying Merchant Risk

Merchant risk management is a dynamic and ever-evolving field with challenges ranging from fraud prevention to regulatory compliance. LegitScript hosted a webinar featuring industry experts Chiat Fitzgerald, former Head of Global Ecosystem Security & Integrity at Visa, and Caroline Hometh, Manag...
weight loss drugs

LegitScript Gives You the Skinny on New Weight Loss Drugs

GLP-1 receptor agonists are revolutionizing treatments for weight-related illnesses like diabetes and obesity. Originally developed to mimic the GLP-1 hormone that regulates blood sugar and appetite, drugs like semaglutide (Ozempic, Wegovy) and tirzepatide (Mounjaro) have gained widespread acclaim f...
LegitScript Enterprise Certification

LegitScript Enterprise Certification is a Premium Service—Here’s Why

LegitScript certification services represent a recognized seal of approval that enables businesses to showcase their compliance, unlock opportunities to advertise, and accept digital payments. Certification also helps businesses demonstrate that they adhere to the highest standards of care-building...
LegitScript Addiction Treatment Advisory Committee

LegitScript’s Second Addiction Treatment Advisory Committee Meeting

Addressing Challenges: Highlights from LegitScript's Second Addiction Treatment Advisory Committee Meeting Last year, LegitScript relaunched its Addiction Treatment Certification Advisory Committee in an effort to strengthen avenues of communication and identify opportunities for optimizing the clie...