Breaking Down e-commerce Fraud – The Five Pillars of Fraud

By Oksana Balytsky [ Join Cybersecurity Insiders ]

By: Oksana Balytsky, director of product marketing, Forter

E-commerce is expected to account for nearly a quarter (22%) of all retail sales by 2023 — a 7.9% jump from 2019.

As consumers fully embrace the digital age, e-commerce is expected to thrive and is likely to become the primary method of purchasing. By 2024, global e-commerce sales are expected to reach $6 trillion.

While the increase in e-commerce transactions is great for retailers, it also brings about another problem: e-commerce fraud.

Why Retailers Need to Be on the Lookout for Fraud

E-commerce fraud seems fairly self-explanatory, but the reality is it covers a wide range of tactics used by fraudsters to target retailers. While brick-and-mortar stores are no strangers to scams, having policies in place to check for counterfeit bills and credit card fraud, e-commerce platforms aren’t as seasoned and have a whole new world of opportunities for bad actors to take advantage of.

Rewards, saved payment information and other convenient offerings may entice eager shoppers to give a certain retailer their business, but are avenues for fraudsters to take advantage of, should they gain access to legitimate customers’ account information.

With rising e-commerce transactions and retailers enhancing the digital experience to attract consumers, there are five common types of fraud that merchants should be on the lookout for:

  • Account Takeover

  • Card Testing

  • Interception

  • Chargebacks

  • Refund Fraud

Account Takeover Fraud

Hollywood has dramatized hackers. The common perception is that these cybercriminals are penetrating firewalls with lines of code and using complicated tactics to outsmart top-tier security products.

The reality? Most are just logging in.

Known as account takeover (ATO), this fraud tactic involves when scammers gain access to a legitimate customer’s login. Fraudsters have a variety of methods they can use to crack a password, such as purchasing stolen passwords and security codes from the Dark Web, implementing phishing schemes or just good ole’ fashion guessing.

Once ATO occurs, the scammer can change account details, make purchases, access other accounts if on an admin user and withdraw funds if the application allows it.

ATO is a form of identity theft, and victims may never trust the retailer again.

Card Testing Fraud

In addition to credentials, fraudsters can also purchase credit card numbers in bulk from the Dark Web for as low as $17. Scammers can also just steal them directly through phishing attacks.

To avoid initial suspicion, fraudsters will typically start out with smaller transactions with each card number to figure out which ones are valid and determine the limits. If successful, then scammers begin making larger purchases. By the time the merchants discover they’ve been the target of card testing, the scammer has already likely done significant damage.

Interception Fraud

Interception fraud is when an individual purchases an item online with a stolen payment method but provides the retailer with legitimate, matching shipping and billing addresses. The goal is to intercept the package before it gets to the address provided.

There are three ways this happens:

  1. The scammer knows the victim and is in close enough proximity to steal the package from the drop-off location.

  2. Contacting a customer service representative from a retailer to change the address before the item is ready to be shipped.

  3. Touching base with the actual shipping company to reroute the package to another destination of the fraudster’s choice.

Chargeback or “Friendly” Fraud

Chargeback fraud is when a customer purchases a product or service before contacting their credit card company to void the purchase, resulting in a “chargeback.”

Also called, “friendly fraud,” these cases are interesting because it could result from a legitimate purchase not being recognized by the customer. However, despite a lack of maliciousness, it is no less detrimental to e-commerce merchants. At the end of the day, it can still have a negative impact on the business-customer relationship.

Scammers will intentionally commit chargeback fraud by abusing policies to get items for free, knowing the purchase will be refunded to their credit card. Retailers then lose out by:

  • Lost merchandise

  • Shipping costs

  • Chargeback fees

  • Banking fines

Refund Fraud

Refund fraud is when a scammer purchases a product or service using a stolen credit card and has it refunded to their credit card. Typically, fraudsters will do this by informing the merchant that the refund will need to be processed on a new credit card because the old one has been closed.

It’s a tricky situation for merchants because it can be difficult to decipher which claims are legitimate and which ones are not.

Taking the Burden off Retailers

While retailers can conduct consistent site security audits to train support teams to spot the signs of fraud, the burden shouldn’t be on the retailers’ shoulders alone. Fraud prevention solutions can help automate the scam-detection process.  Machine-learning-based fraud prevention tools can significantly reduce the risk of fraud while ensuring a smooth customer shopping experience.

It’s important to stay educated on the most common fraud tactics to stay aware, but a modern fraud prevention solution can help fill in the gaps and keep retailers’ teams focused on providing top-of-the-line products and services for consumers.


No posts to display