If you're part of an ecommerce business, it’s vitally important to protect your online store from fraud. From data breaches to spam emails, fraudulent activity takes many forms – so how can you recognise and put a stop to it? Find out more about ecommerce fraud prevention in this guide.
How does ecommerce fraud work?
Ecommerce fraud refers to any form of criminal deception specifically targeting online merchants and commercial transactions. In the past, this type of fraud was riskier as it involved stealing physical credit cards, using stolen numbers to order merchandise over the phone, or breaking into brick-and-mortar premises. Now, fraudsters can access millions of stolen credit card details on the dark web or submit mass phishing emails. A cybercriminal might set up hundreds of false email accounts with the fake online personas to match.What are some common types of ecommerce fraud?
Some types of fraud involve stolen credit card numbers, while others focus on stolen bank details or other sensitive financial data. Here are a few of the most common types of ecommerce fraud any merchant should be aware of.1. Card-not-present fraudThe fraudster uses stolen card details to purchase products or services online. While initially this type of fraud targets the cardholder, the cost ends up being passed on to the merchant through chargeback fees. Card-not-present fraud cost UK businesses £452.6 million in 2020, accounting for 79% of total card fraud value that year.2. Fake chargebacks / friendly fraudWhen an online shopper makes a purchase, receives their items, and then requests a chargeback anyway, this is called a fake chargeback or ‘friendly fraud’. The shopper might wait several weeks or months after receiving the item, making it more difficult to investigate. They may claim they never received the goods or that they never authorised the transaction. As a result, the business must pay a chargeback fee on top of the refund cost, unless they can prove to the bank that it was indeed a fraudulent chargeback request. It’s estimated that one third of all chargeback requests are fraudulent, with merchants losing £1.70 for each £1 taken by a fraudster.3. Affiliate fraudCriminals can scam the merchant by using fake online activity to generate unearned commissions through affiliate links. They might send spam emails, use pop-ups, or refresh the webpage from multiple locations to generate false traffic. The merchant then pays a commission for false traffic. It’s estimated that up to 10% of digital ad spending is lost to this type of fraud.4. Account takeover fraudWith an account takeover, the criminal uses phishing techniques, bots, and hacked social media accounts to trick customers into revealing their username and password. They then log into the account and quickly change the password, locking the real customer out. When locked out of their accounts, customers are unable to make purchases and may lose trust in a business website, choosing to shop elsewhere instead. This type of fraud has increased by 34% over the past few years, according to Experian.5. Card-testing fraudWhen scammers purchase stolen credit card details in bulk, they won’t know which ones are still active. Scammers usually test multiple credit cards with small orders that the cardholder is unlikely to notice at first. While these test orders have lower value, multiple orders add up to revenue loss over time due to chargeback costs and lost inventory.6. Automatic push payment (APP) fraudThis involves being tricked into willingly making a bank transfer. When targeting a business, the fraudster will often pose as an existing supplier and convince the business to change bank account details. Rather than sending payments to existing suppliers, the business instead pays fake invoices to a fraudster’s account. Similarly, customers can also be fooled into thinking they are making a payment to your business, when they are in fact sending money to a fraudster. In 2019, UK banks and their customers lost £456 million in 2019 to APP fraud.How is ecommerce fraud detected?
Merchants can often spot ecommerce fraud by keeping track of orders. Inconsistencies in orders don’t always indicate fraud, but they tend to be a red flag. Here are some signs of ecommerce fraud to watch for:- Orders from the same card from different IP addresses
- Difficulty providing personal information
- Repeat transaction declines
- Orders of the same item in multiple colours or sizes
- Multiple small orders sent to the same address
- Multiple orders from different cards sent to the same address
- Multiple orders from the same card sent to different shipping addresses