6 Types of eCommerce Fraud and How to Fight Them
September 15, 2021
Table Of Contents
In only nine years, eCommerce fraud tripled from $9.84 billion in 2011 to $32.39 billion in 2020, and the trend shows no signs of slowing down.
With e-commerce on the rise, it’s critical for companies to know how to avoid becoming a statistic.In this article, you will learn about the six most common types of eCommerce fraud, and how to protect your business from them.
The Most Common Types of eCommerce Fraud
For those looking for a quick answer, we’ve outlined the 6 most common tactics cybercriminals use to scam e-commerce companies:
Card testing fraud
Interception fraud
Triangulation fraud
Account takeover fraud
Identity theft fraud
Friendly fraud
Card Testing Fraud
Card testing fraud, or “card cracking”, involves testing whether the stolen credit card is valid and active by making a small online purchase to see if there are any restrictions or limitations.
When someone fraudulently obtains debit or credit card information, this is usually the first thing bad actors do before attempting to execute larger transactions. Therefore, all transactions are equal when searching for fraudulent behavior, and smaller, suspicious transactions should not be overlooked.
Interception Fraud
Interception fraud entails placing an order online using the victim's credit card along with their billing and shipping addresses.
Once the order is placed, cybercriminals “intercept” the delivery process by contacting the store, pretending to be the victim, and redirecting the delivery to a new address.
Triangulation Fraud
In triangulation fraud, the criminal creates an online storefront. The customer makes purchases through that storefront, assuming they are purchasing legitimate products from a real company.
The cybercriminal ships the items the customer has ordered through the legitimate eCommerce store, but saves the card information provided by the customer. Once the transaction is complete, the cybercriminal uses the authorized credit card provided by the unwitting victim to make additional, unauthorized purchases through the same store.
Since the first transaction was valid, the criminal can potentially continue making fraudulent purchases without raising any suspicions for years to come.
Account Takeover Fraud
Account takeover fraud is often a crime of opportunity. Here, the fraudster illegally obtains and uses another person’s saved account information on an eCommerce store or marketplace to make purchases on the victim’s behalf without consent.
The sensitive information is typically obtained through hacking (rare) or phishing schemes (extremely common), the practice that entails sending emails on behalf of legitimate companies or people to trick the victim into revealing login credentials.
Identity Theft Fraud
Identify theft fraud is the most common type of eCommerce fraud that occurs when a person’s identity is stolen to make unauthorized purchases online on their behalf.
Since many payment processors make it possible to complete transactions without using credit card information every time, hackers may find a workaround by obtaining the victim’s name, email address, or phone number to make purchases.
Friendly Fraud
Friendly fraud, also known as “chargeback fraud”, happens when cybercriminals make a legitimate purchase using their own credit card.
After receiving their order, they request a chargeback, alleging the charge was fraudulent or not received.
How to Combat eCommerce Fraud
Since eCommerce fraud has been getting more and more common, you must develop more awareness and defenses against cybercriminals in your organization.
There are a myriad of ways companies worldwide push back against the plague of fraudulent transactions. To get started, begin with implementing the following techniques to protect your company and your customers.
Create Blacklists
A blacklist is a list of individuals or businesses that you have identified as committing or attempting to commit acts of fraud against your business.For example, this might include people who have initiated fraudulent chargeback requests or tried to use card testing transactions.
Once you add their information to your blacklist, you can block them from making any purchases on your store again.
Although it is a simple yet important first line of defense against fraud, this measure isn’t wholly effective. For example, it doesn’t prevent a fraudster from assuming a new identity to scam you or your customers. Still, it’s a solid preventative step.
Identify the Origins of Transactions
If you identify the device used to make a transaction, you can better screen that transaction for any indications of fraud. This is done by collecting and storing a device's “fingerprint,” which can be used to identify suspicious transactions involving a specific device.
For example, you may want to verify transactions whenever the same IP address is associated with multiple, unrelated transactions, or when the same customer makes purchases from multiple locations across the world.
Keep Your Systems Up to Date
Every company providing solutions for online stores is perfectly aware of the rampant fraud going around.
Upgrades often include security fixes that fix weaknesses exploited by cybercriminals, meaning you drastically reduce the likelihood of a successful fraudulent transaction or hack attack just by keeping everything up-to-date. Regularly updating your CMS, add-ons, and other systems that you rely on to run your e-commerce business is critical to ensure you always stay one step ahead of cybercriminals.
Use the Power of Big Data to Prevent Fraud
With each year, fraudsters become more sophisticated in their attempts to scam eCommerce businesses, making it difficult to fight back with simple tools and techniques.
In real-time fraud prevention instances, companies crosswalk the data obtained from live transactions with existing records and third-party datasets to detect fraud as it occurs.
Credit card fraud may be uncovered when transaction data doesn’t align with existing customer data, purchase history, or device information, thus flagging the transaction as suspicious. If that happens, the transaction can be stopped from being processed.
The data used to prevent fraud can come from many sources and may include:
Geolocation data from apps
Website logs
Customer information
Transaction history
Additionally, successful fraud detection cases can help train intelligent fraud prevention systems to detect future incidents of fraudulent behavior.
Fight Back Against eCommerce Fraud with Data
The most fraud-proof e-commerce businesses rely on the latest tools to prevent fraud before it becomes an issue.
At the core of almost any effective fraud detection software is fresh and comprehensive data powering the systems that accurately block fraudulent transactions.
People Data Labs offers an extensive dataset containing more than 2.5 billion records and over 150 fields that empower companies to combat e-commerce fraud effectively.
To learn more, get in touch with our team today and schedule a free consultation.
Like what you read? Scroll down and subscribe to our newsletter to receive monthly updates with our latest content.