The 11 Most Frequent Forms of Retail Employee Fraud in 2023

Written by:



Let’s be honest – when it comes to retail fraud, the online world grabs all the attention – and probably justifiably so. In 2022, losses stemming from internet shopping scams and duplicity approached $400 million, according to statistics from the Better Business Bureau. The web’s anonymity coupled with the transmission of sensitive personal information and credit card data – albeit usually encrypted – and aided by a complex logistics and delivery system has all proven to be a boon for those born with a certain technological swagger and a proclivity for felonious activity. From so-called friendly fraud schemes like “Chargebacks” to more sophisticated schemes like “Smishing,” there is seemingly no end to the creative ways in which online fraudsters can attempt to steal.

But that doesn’t mean brick-and-mortar fraud is a thing of the past.

Theft In-Store

The world of traditional physical retail continues to be highly susceptible to graft and deceit. Granted, anti-theft technology, inventory management systems, and overall security capabilities in the traditional retail environment have improved dramatically over the past 25 years, but that doesn’t mean that all the sundry fraudsters, scammers, swindlers, tricksters, and bilkers that have historically preyed on stores have simply thrown their hands up in dismay. Quite the contrary. They are still around – in fact, many of them actually might be wearing your store uniform.

Although the beefed up security protocols and new technology put in place in recent years have thrown a wrench in many of the more subtle forms of shoplifting, the more brutish forms of programmatic theft – the kind where thieves come in and rob stores by using violence appears to be on the rise.

Although the beefed up security protocols and new technology put in place in recent years have thrown a wrench in many of the more subtle forms of shoplifting, the more brutish forms of programmatic theft – the kind where thieves come in and rob stores by using violence appears to be on the rise. And this phenomenon is not a regional issue nor sector specific; from the Midwest to the Southwest to New York City, retailers both large and small are noticing more and more brazen attacks from robbers – many times armed.

But aside from these headline-grabbing stories, there is another trend in retail loss prevention that often gets far less attention – employee-assisted fraud. When the staff is in on the hustle, there is almost no limit to the scams that can be pulled off.

Inside Deal

In talking to retail executives, security professionals, loss prevention and asset protection specialists, and others who follow the contours of the dark corners of in-store theft, embezzlement, and fraud, it is clear that there is a decidedly worrisome trend developing in the world of retail subterfuge: Employees, together with complicit outsiders, are teaming up to dupe stores in ways that are increasingly hard to detect. These insiders know best how to identify and exploit the weaknesses of a given retail environment. They employ markedly sophisticated techniques that take advantage of vague store policies, lax managerial oversight, and gaps in security protocols. Many of these tactics are becoming so common that they have even been adorned with their own colorful sobriquets among those who often wade in the murky waters of loss prevention.

What is driving this uptick in employee-enabled retail crime is still very much open to debate. Some see it as simply a function of the economy and a reaction to low wages and inflationary pressures. while others chalk up to an emboldened sense of payback that traces its roots back to the pandemic when physical retail suffered disproportionately during the lockdowns. Others have opined that the high rate of churn has forced many retailers to hire just about whoever they can without conducting the usual degree of vetting. Whatever the reasons, the trend is growing and is vexing even retail’s most seasoned and stalwart loss prevention and retail security executives.

Fraud Lexicon

Here are some of the employee-assisted types of fraud schemes that retail security specialists have identified as being on the rise in 2023:

  1. “Sliding”
    Sliding takes place when an employee purposefully obstructs the barcode of an item, making it appear as if it were scanned. This scam has always been difficult to detect, but with mobile POS systems, it’s become increasingly harder for managers to assess whether several items in a large purchase were purposefully left unscanned or whether it was human or technological error.

  2. “Sweethearting”
    This is one of the most widely seen forms of employee fraud — and it’s anything but sweet. The practice generally refers to the abuse of the standard employee discount benefits merchants offer to their employees. In its most basic form, Sweethearting is nothing more than leveraging one’s position as an employee to extend inappropriate discounts to friends and family. Since the end of the pandemic, retail security specialists have noticed increasingly more sophisticated forms of this flavor of collaborative theft such as the aforementioned Sliding.

  3. “Stripping”
    In this scheme, the employee or an outsider surreptitiously brings a handheld barcode scanner into the store that is not connected to the retailer’s POS system, but its physical appearance is exactly the same as the scanners used by the store. Accomplices posing as customers purchase gift cards that are displayed on grab-and-go racks, such as those frequently used in grocery and department stores. However, as they check out the corrupt employee uses the outside scanner to read the code behind the magnetic or scratch-off strip on the back of the card, which combined with the card number on the front, gives them everything needed to steal the value of the card. The cards are later returned by the end of the day to the rack, obfuscating any routine inventory control. Of course, at some point, an unsuspecting buyer will eventually purchase the stripped and worthless gift cards on the rack, but by then it’s nearly impossible to find out when or how the value of the card was stripped. 


  4. “Empty Stripping”
    Similar to traditional “Stripping,” there is a second variation to this scheme that works for gift cards that are not preloaded with a dollar value. Similar to traditional “Card Stripping,” the employee and thief posing as a customer go through the motions of capturing the card number and security code and then return the unloaded cards to the rack. Once the card is sold to a legitimate customer, the corrupt employee alerts the accomplices and call the card’s 1-800 number every few days to check the balance so that once the shopper has loaded the card with a dollar amount, the thieves can spend it before the purchaser does. 

  5. “Thimbelrigging”
    “Thimbelrigging”– which takes its name from Thimbelrig, a popular street shell game – takes the friend and family scheme up a notch from run-of-the-mill “Sweethearting.” It is most common in smaller or mid-sized clothing and apparel stores with limited checkout lines. 

    Here’s how it works: Two or more outsiders enter a store, and one of them purports to be a good friend or acquaintance of an employee. The “friend” immediately seeks out the complicit employee and they proceed to ham it up, purposefully letting all the other employees know that the employee and the customer are good friends.

    To avoid suspicion and any allegation of “Sweethearting,” the complicit employee asks another cashier to ring up his or her friend’s purchase. While the cashier who is not in on the scam is busy counting inventory and ringing up the charges, the employee who is in on the graft finds a way to play an ancillary role in the checkout process like helping fold clothes once they have been rung up and offering lively commentary on his or her friend’s selections – suggesting that certain items be swapped out or traded for different sizes, colors or styles.

    At this point, the second accomplice that is playing the role of the random store customer, appears at the checkout, signaling that he or she is about to make a fairly large purchase and has a high degree of impatience. If there are multiple checkouts, and the second accomplice is directed to another checkout line, he or she goes about creating something of a mishegoss that diverts the attention of the entire checkout staff. At some point, with all the commotion and pressure created by the second accomplice, the honest cashier loses track of what has been rung up, what has been swapped out, and which items have had their security tags removed. In this mise en scène the deceitful employee is able to layer unpaid inventory into the bags among paid articles of clothing. If, by some stroke of luck, a store security guard identifies that there is inventory in the bags that doesn’t match the receipt, everyone simply chalks it up to the stress of the moment and is unaware that this was an attempt at orchestrated theft.

  6. “Wardrobing”
    It’s like Rent the Runway, but without paying. A classic example of small-time fraud that is on the rise is when a customer purchases an item for a one-time event (such as for a wedding or prom), wears it, and then returns it afterward, alleging that the item didn’t fit or didn’t match the rest of the outfit, or any other number of mundane excuses. With a single use making it hard to detect any “wear and tear” and an open-door return policy, retailers are forced to accept the return. 

  7. The “False Void Fraud”
    Cash register tampering can take many forms. One trend that is on the rise is fairly simple: A complicit employee registers a false void. A complicit employee keeps a copy of an accomplice’s customer’s receipt at the time of sale and later, a day or more after the accomplice has left, the employee uses it to create a fictitious void, as if the customer had returned the merchandise, returning the cash to the customer’s credit card, although the inventory purchase already on eBay or some other online marketplace where it can be easily sold at a slight discount to retail. By the time inventory management catches the discrepancy, it’s almost impossible to find out what really happened.

  8. “Pinning”
    Many retailers require a manager or supervisor to enter a personal identification number (PIN) to unlock various activities that are susceptible to fraud. Unfortunately, lax protocols mean that these PINs can easily be abused if a cashier memorizes a manager’s number or if a manager shares the PIN with cashiers to save time.

  9. “Loyalty Points Fraud”
    At most retailers, customers are often simply asked for their phone number at checkout to earn loyalty rewards or points. Unscrupulous cashiers can exploit this service by entering their own phone numbers instead of the customer’s, thereby stealing the customer’s rewards. Unless customers are particularly diligent about tracking their loyalty points, this behavior typically goes unnoticed.

  10. “Stock Room Manipulation”
    Employees with access to the store’s inventory management system can steal merchandise and delete it from the system so that nothing appears to be missing. Without regular counts and reconciliations, this kind of fraud can go unnoticed for a very long time. New deliveries are a particularly vulnerable moment for this type of fraud, as any discrepancies can be excused as shortages from the supplier. And finally…

  11. The “Everything but The Girl” Fraud
    Named after the popular 1980s English musical duo best for known for the timeless hit “Missing” which has been sampled in scores of techno remixes, the “Everything but the Girl” fraud preys on retailers’ biggest Achille’s heal: everything in the store except the actual inventory. Whereas most large retailers have fairly sophisticated inventory management software and security systems that double and triple-protect against the theft or discrepancies in inventory, usually the systems safeguarding the other assets – from cleaning supplies to IT equipment – is often surprisingly lax. Here the employees play a hand in stealing everything but the inventory.

The Solution Is Tech

So, what can retailers do to combat all these devilish new employee-assisted schemes? Largely, it all comes down to two main areas: better data analytics and increased automation.

If they haven’t already, all mid-to large-sized retailers need to begin hiring data scientists to manage increasingly sophisticated AI that is capable of detecting – ideally in real time – unusual or abnormal behavior in consumer purchasing, cash register inputs, bar code scanning activity, inventory management, and other areas where anomalies might occur. This general area of study is referred to as EBR, or “exception-based reporting” which uses advanced data analytics to review large volumes of transactions to understand what constitutes normalized behavior and patterns across scores of data points in a given retail location to detect irregularities when they occur.

Automation is another area that, over time, will likely grow not only in response to theft but to sheer store economics. The promise is that better automation will take the human employee out of the equation. Of course, whereas automation such as the much-maligned self-checkouts are already fairly common in supermarkets and DIY stores, it’s harder to imagine higher-end retail brands doing away with human salespeople and cashiers anytime soon



Scroll to Top
the Daily Report

Insights + Interviews right to your inbox.