In 2021, e-commerce stores across the globe generated approximately $4.9 trillion in retail sales, and this figure is only expected to increase, reaching $7.4 trillion by 2025.
However, a booming e-commerce industry not only presents lucrative opportunities for digital merchants, but for criminal fraudsters and scammers as well.
Awareness of e-commerce fraud, why it happens, how it takes place, as well as how to identify and prevent e-commerce scams can thus help you protect your online business and responsibly use e-commerce to reach greater heights. Read on to learn more about e-commerce fraud protection below!
- What exactly is e-commerce fraud?
- What makes e-commerce fraud so common?
- 6 types of e-commerce fraud to watch out for
- 8 actionable tips for e-commerce fraud protection
- Some last words
What exactly is e-commerce fraud?
e-Commerce fraud refers to any deception designed by fraudsters to exploit or rob online stores and businesses. Fraudsters would criminally target online merchants in order to receive some sort of financial or personal gain, causing losses on the part of the merchant.
An e-tailer, for example, may fall victim to fraudsters who manipulate their online payment system. The business would then lose revenue, data and maybe even customers.
What makes e-commerce fraud so common?
Without having experienced e-commerce fraud first-hand, many digital merchants believe that the unfortunate event is unlikely to happen to them.
However, a study showed that online businesses worldwide lost an estimated total of $20 billion due to payment fraud in 2021, marking a 14% increase from $17.5 billion in the year before.
The threat of e-commerce scams occurring to your business is very real. To effectively defend your online business against fraudsters, let’s first take a look at the factors contributing to the prevalence of e-commerce fraud.
1. Ease of access to private information
To begin, advancements in technology and the general shift of activities online have made it far easier for fraudsters to obtain personal and financial information that they can use to commit fraud.
As of late 2021, some 4.5 million credit and debit card numbers were being traded on the dark web, where cyber criminals and scammers could buy and sell others’ private information to engage in illicit activities.
2. Anonymity in the online world
The anonymity associated with online accounts has likewise prompted the rise of e-commerce fraud.
For example, fake emails and dummy accounts can be created in a few clicks and with minimal verification. With anonymous accounts, fraudsters can easily create new identities and carry out illegal activities without anyone knowing who they really are, until they are actually caught.
3. Lack of prosecution
e-Commerce fraud can be carried out easily and anonymously, making it difficult to track down and punish the individuals responsible for the crime.
To illustrate this, someone from Europe could be purchasing stolen data from someone else in Tokyo in order to scam businesses across Asia, America and Africa. Local law enforcement agencies may accordingly find it difficult to catch and prosecute e-commerce fraudsters across borders.
Furthermore, the amount of money involved in each fraudulent transaction tends to be rather low. Many online sellers choose to let things slide and not pursue legal action on the matter. As a result, fraudsters get away with their crimes and continue to exploit other innocent merchants.
6 types of e-commerce fraud to watch out for
After knowing the “what” and “why” behind e-commerce fraud, knowing how it occurs would be of great benefit to those seeking to identify and avoid it in the future.As will be illustrated below, stolen credit card details play a key role in e-commerce scam. Let’s see how those numbers on your card are causing billions of dollars in losses for online sellers around the world.
1. Transaction fraud (also known as credit card fraud)
Credit and debit cards are among the top payment methods used by customers on e-commerce websites. The unauthorized use of credit cards in online purchases in what is called transaction fraud is nevertheless popular amongst fraudsters as well.
In its simplest form, transaction fraud involves the use of stolen credit card information to make online purchases. A case of e-commerce credit card fraud typically has four steps:
- The fraudster uses stolen credit card information to make an online purchase at a store.
- The store processes the payment and sends out the purchased products.
- The actual owner of the credit card notices the purchase and contacts their bank to get their money returned through a “chargeback” request.
- The real owner of the card receives a refund, and the online shop must pay the fees to process the refund, leaving the e-commerce merchant with considerable losses.
Due to the fraudster’s use of stolen credit card details, the online business will lose an entire sale, have to refund the whole payment, and pay an administration fee to the bank or card network for the processing of the refund.
The reputation of the business may likewise suffer. The real cardholder, for example, may view the online store as one linked to fraudulent activities and spread the news to others.
Card companies may even categorize the store as a “high fraud target” and raise payment processing fees for said site if too many chargeback requests are generated by the store.
2. Triangulation fraud
Triangulation fraud similarly involves stolen credit card details, but it’s deployed in a different way.
As evidenced by its name, triangulation fraud involves a trio of parties: the fraudster, innocent customers, and the online store victim.
A typical case of triangulation fraud involves the following situation:
- The fraudster sets up an apparently legitimate e-commerce store that offers high-quality goods or services at reasonable or bargain prices.
- Shoppers are enticed by the offers on the said online store, make purchases, and pay the fraudster.
- The fraudster uses the credit card information entered by customers to purchase the very same products from a legitimate merchant’s online shop, receives them, and sends them to purchasers.
This type of fraud therefore leaves the following victims: the online shop that lost business to the fraudster, and the credit card owner whose personal information was stolen. In fact, the unwitting shopper can potentially be prosecuted for abetting the fraudster as well.
The online store would suffer more losses if the legitimate cardholder decides to initiate a chargeback, akin to that which would occur in a transaction fraud situation.
In such a case, the digital merchant would again have to pay burdensome processing fees, while losing out on a sale as the fraudster walks free with the money.
3. Account takeover fraud
In line with posing as another person, business or entity, account takeover fraud refers to any case wherein a fraudster seizes control of a shopper’s account on an e-commerce site, and uses the said account to make potentially untold purchases unless they are stopped.
Account takeover fraud actually constitutes a form of identity theft, due to which millions of families suffer every year.
The reputation of your e-commerce site may also suffer if you fall victim to this type of fraud, as other customers may turn to your competitors, who seemingly offer safer and more secure transactions.
4. Friendly fraud (also known as chargeback fraud)
As hinted to by its name, friendly fraud (or chargeback fraud) can be initiated by both malicious fraudsters and innocent parties.
Friendly fraud occurs when a customer requests a chargeback to their credit card. The card owner, for example, could make an innocent request after having noticed a purchase that they didn’t make with their card.
That being said, more deceitful forms of friendly fraud do exist.
A fraudster, for instance, could request a chargeback despite having already used a purchased item. The business has to return the money, but doesn’t have the units they sold returned back to them for another sale.
5. Refund fraud
Refund fraud is another umbrella term for when a fraudster attempts to unjustifiably obtain a refund after using stolen credit card details to purchase something from an online store. They may return a similar looking but cheaper product as they get the refund.
They may even return the product in a dilapidated or used state, or falsify receipts while getting the refund. Ultimately though, the e-commerce store is left at a loss, ending up with a lost sale and broken returned items.
6. Interception fraud
Lastly, interception fraud occurs when a fraudster purchases something on an e-commerce site, once again using stolen credit card information, and attempts to intercept the products before they reach the billing or shipping address registered to the card.
Fraudulent individuals may then contact your store directly, posing as the legitimate cardholder and pretending as though they have moved houses so that they can have the products shipped to their own address instead.
Furthermore, fraudsters could go a step further and get in touch with the courier, be it DHL, FedEx or UPS, to have the order rerouted to their desired address.
If that all fails, they could camp out near the house of the legitimate cardholder and wait for the package to arrive, so that they can sign for it and spirit it away with the card owner none the wiser.
8 actionable tips for e-commerce fraud protection
e-Commerce scams are everywhere. Fortunately, an abundance of solutions are readily available to help online store owners identify, halt, and protect against present and future threats of e-commerce fraud.
Ranging from the basic but effective strategies to more sophisticated software and best practices, you can protect yourself in a variety of ways today.
1. Examine suspicious orders
Examining suspicious orders made on your online store is one of the first lines of defense you have against potential e-commerce fraudsters.
Though you may find numerous software companies that make reviewing such orders much swifter, manually going through orders that seem out of the norm can definitely help you determine which transactions are illegitimate.
A customer with a low-value order coming from a new and strange IP address, for example, could be contacted for verification, hence ensuring that they’re not using someone else’s credit card to make a purchase.
In another instance, if you observe that a usual customer based in Canada starts making orders from an unusual IP address in Korea, then contacting the customer to request verification may be an optimal route to ensure their account remains safe and uncompromised.
2. Verify customers’ information
Verification is evidently a must in your arsenal against e-commerce fraudsters. As such, emails to your customers requesting for verification could definitely work. In fact, 43% of merchants globally deployed email verification as an e-commerce fraud detection tool in 2021.
Tools for verification are nevertheless available to ensure that your customers’ billing, shipping and payment information all line up as well.
Adding a required field where customers can input the card verification number (CVN) on the back of their card can serve as an extra security measure, and using an address verification service (AVS) can help catch fraudsters using a stolen credit card not registered to their actual address.
3. Gather proof of delivery
Gathering proof of delivery can combat return fraud and establish that products cannot be legitimately returned and refunded.
For example, collecting signatures or even photos of a person as they receive the product package serves as a safeguard against fraudsters who would claim that they didn’t receive the products and are entitled to a full refund of the payment.
4. Limit purchasing power
Limiting the purchasing power or the number of units of product that a customer can purchase each day can be used to combat triangulation fraud and other fraudulent purchases.
In particular, referring to your normal sales data can help you determine whether a fraudster is purchasing massive amounts of your products to deceptively sell them off elsewhere or commit other types of fraud using your store.
5. Utilize IP fraud scoring
IP fraud scoring software identifies e-commerce fraudsters who repeatedly commit their treacherous acts on the same device or computer.
Providers like Scamalytics and SEON can use an IP address’ current location, VPN usage, and even Internet service provider to determine whether an IP address is linked to past fraud and is attempting to carry out fraudulent activities with you as a target.
6. Create a black or blocklist
If you’ve caught a fraudster, congratulations! You can create a blacklist or blocklist and list them there with all their connected details.
A blacklist essentially prevents a fraudster and any of their connected aliases, addresses, or card information from engaging in transactions on your store. About 1 in 4 e-commerce stores across the world utilized blacklists in 2021, though it’s advised to be extra careful with your own blacklists.
That being said, the true owner of a previously stolen credit card could in fact be trying to make an honest purchase at your store. Reviewing requests to be removed from a blacklist should accordingly be taken seriously as well.
7. Ensure PCI Compliance
The Payment Card Industry Data Security Standards, also known as PCI standards, are in place to ensure that credit card transactions around the globe are being conducted securely.
Encryption of cardholder data and the use of antivirus software to prevent malware attacks are amongst the many PCI standards that digital merchants must comply with.
Testing your payment systems, restricting access to cardholder data, and the most basic act of changing the default password of your platforms are other PCI Compliance standards you should uphold to protect payments and customer information at your online shop.
8. Exercise caution during peak seasons
Weekend or Christmas shopping on your e-commerce site can lead to huge sales and more customers, but you must exercise extra caution during such times to avoid any fraudulent incidents.
In 2021, online traffic during the Christmas season grew 57% compared to the previous year, and the sheer amount of online shoppers around provides much opportunity for fraudsters attempting to pass off as honest-to-goodness customers.
More customers also means more work and orders to attend to, so you must still be on constant lookout.
Some last words
Due to the threats that it poses to the operation, growth and reputation of an online business, e-commerce fraud can truly hold back your online store from success.
Fishing them out can therefore help you and your store excel, and you can now more easily do so with the knowledge you’ve read about thus far.
But if you’re troubled by how to securely process payments at your online store, Choco Payment could help.
As a secure online payment solution powered by Stripe, the world’s top-notch payment gateway, Choco Payment covers all your needs in processing online payments locally and globally.
It helps you accept customer payments made with cards and digital wallets, in 135+ currencies from any part of the world.
With Choco Payment, online payment and collection have never been easier. Check out more information here.
About Choco Up
Choco Up is a global technology and financial services platform, offering revenue-based financing and business growth solutions for digital merchants and startups.
With data analytics and machine learning at its core, Choco Up employs vast integrations to automate fund deployment, providing fast-growing companies with zero-equity funding in a quick and seamless manner.
We currently have offices in Singapore and Hong Kong and serve clients worldwide, providing smart-growth analytics and global payment solutions to fuel their growth.