How Fraud is Impacting the eCommerce Industry

Why is there so much eCommerce fraud occurring?  The short answer is because there's so much money being spent online these days. US consumers alone are projected to spend $709 billion on eCommerce in 2020 - up 18% from 2019. It's a lot of money and a big target for scammers. Fraud is the eCommerce industry is expected to account for more than $12 billion this year.

Types of eCommerce Fraud

There's no shortage in the creative way fraudsters will try to scam the system.

Account Takeover

The most common type of fraud is account takeover. Scammers use stolen or leaked credentials to grab control of a legitimate user's account, change the setting, and run up the bill. Identities and financial information is shared openly on the dark web and available for purchase.

Backdoor Files

Fraudsters are also using what's called backdoor files to access eCommerce APIs and bypass two-step authentication practices for accounts.

Chargeback Fraud

One prevalent and troubling type of fraud is from chargebacks. These occur when a customer asks for a refund from their credit card company after already receiving the goods or services. Scammers also use stolen identities or stolen credit cards to buy products and take the money back.

When chargebacks happen, not only does the merchant lose the sale (and the item) but they're also hit with fees from the card issuer. It's estimated that for each dollar lost to a chargeback, it costs merchants $2.40. On a $100 item, a chargeback can equal a loss of $240.

This is sometimes called friendly fraud when customers claim their card was stolen, get a refund, and keep the item.

Fake Merchant Fraud

Scammers have even been known to set up fake eCommerce stores on merchant sites like eBay or Amazon. They will typically offer in-demand products at exceptionally low prices to attract shoppers. This gives them access to credit card account information they can use to purchase items online. They may even buy the product from another site and ship it to the customer so they won't suspect fraudulent activity from the fake merchant site.

Affiliate Fraud

Scammers stuff affiliate cookies into users' browsers. This tricks the affiliate tracking system to record that the customer was brought to purchase by the scammer, rather than the actual marketing campaign or a different affiliate. Whether the program works by first click or last click attribution, pay per signup or revenue share, cookie stuffing harms merchants by masquerading as legitimate traffic.

Another frequently employed method by scammers is brand bidding on second-tier PPC networks which are notoriously hard to monitor, as these ads usually appear through browser toolbars or extension, above Google or Bing ads. This allows scammers to cannibalize your organic traffic, or in the most sophisticated cases when the scammer actually runs the toolbar, to overwrite organic links to your website with their own affiliate links.

Preventing eCommerce Fraud

Preventing eCommerce fraud is a constantly evolving process. As technology advances, to do the tactics used by scammers to grab increasingly large shares of the dollars being spent online.

The first step in preventing eCommerce fraud is recognizing the warning signs that indicate there might be a problem with the order, including:

• First-time shoppers

• Unusual activity, such as large orders or multiple orders in short periods

• Locations that appear on blacklists

• Cards that appear on databases of breached accounts

• Unusual email addresses

• Different addresses for billing and shipping

While these don't necessarily indicate fraud, when a user meets one or more of these criteria, it's time for a deeper look. Unfortunately, the sheer volume of transactions that would fit these parameters makes it nearly impossible to manually clear each one.

The only solution is to take preventative measures to mitigate the effects of eCommerce fraud, such as AI-powered fraud detection tools to automatically analyze purchases before they are approved. These tools use reverse email lookup, IP analysis and social media lookup to create a profile in order to determine the legitimacy of that use. Essentially, if they are a real customer or a fraudulent actor. 

Wrap Up

The online economy will only keep growing in the years to come. Companies who conduct business online need to arm themselves with the knowledge and tools required to protect their assets and revenue from the ever growing cyber security threats.