What is eCommerce fraud? – The 5 main types to be aware of
eCommerce fraud is simply any form of fraud that happens on an eCommerce platform or website.
These include the use of a stolen or fake credit card, a false identity, or an affiliate fraud advertising scheme, with each case being as popular as the next.
As an eCommerce business person, it is vital for you to crack down on eCommerce fraud to not only protect yourself financially, but also credibility wise, as no one wants a record of letting fraud happen on their business history.
Personal information or credit card information is all that is required for online fraud to be executed by fraudsters, with the card not even being needed to be present for the fraud transaction to occur. In fact, many hackers will go the extra mile, stealing personal and financial information with intentions to sell them on the black market, a more extreme and severe crime. You can also find a more passive and ‘innocent’ type of eCommerce fraud, often known as friendly fraud, where the customer intentionally files a chargeback to gain a free product and avoid payment.
A large reason as to why ecommerce fraud is rife these days is because prosecutions are getting rarer, with more and more constraints on time and resources leading to delayed and tedious proceedings.
Your best bet is to take the necessary precautions, so this type of fraud never occurs in the first place, with things such as a high-quality fraud detection and prevention management system to eliminate fraud on your platform and reduce its impact on your revenue. This can be installed by eCommerce Developers, which you can find on websites like Developer Connection.
The 5 Common Types of Ecommerce Fraud
The very first thing you should do either before hiring a eCommerce Developer or as something to discuss with your eCommerce Developer is to identify why and how fraud is occurring at all. The next step is to develop strategies to prevent and protect against these attacks, securing your ecommerce site.
While there are countless schemes that fraudsters can use, we want to highlight some of the most common types of ecommerce fraud. These strategies have been used successfully against both small and large ecommerce websites. Recognizing them now can help you avoid becoming a victim.
1. Card Testing Fraud
One of the more common and widely used types of card fraud is Card Testing Fraud (also known as card cracking). This showed in 2017 when card testing fraud rocketed in popularity, jumping up by more than 200 percent in commodity and accounting for around 16 percent of all ecommerce fraud and 7 percent for larger ecommerce merchants.
Instances where fraudsters gain access one way or another to someone’s credit card numbers is what’s called ‘Card Testing Fraud’. This is a shot in the dark for fraudsters as although they have the credit card numbers, what they don’t know is if the card numbers can even be used to successfully complete a transaction or is there is some sort of limit associated with that credit card.
Fraudsters start with small test purchases on ecommerce websites to test if the potential card works, using devices such as scripts or bots to test multiple credit card numbers simultaneously. These first purchases are very small to not only see if the credit card works, but also so the person who owns the card won’t be as alarmed. Once they know that a credit card number works, they will begin making much more expensive purchases, all whilst the card owner hasn’t even found out that their card numbers have been stolen.
2. Friendly Fraud/ Refund Fraud
A name that contradicts itself as no fraud can really be friendly, Friendly fraud, or chargeback fraud, is when a fraudster actively purchases an item or service on your ecommerce website, then requests a refund chargeback from the payment processor, with the claim that the transaction was in fact invalid. The bank associated with the card then returns the transaction value to the customer, which must still be paid by the retailer.
The part which makes this fraud is when an individual makes claims that appear to be believable and honest, essentially taking advantage of the ability to request a chargeback. Friendly fraud can also be used in a cheeky bid to get free items. For example, the fraudster could claim that the item they purchased never reached their house, or some other type of claim such as the item being incorrect or damaged.
The final action of a chargeback fraud instance is when the fraudster contacts the credit card issuer to dispute a charge that they made or intended to make. To prevent this fraud from happening, use a chargeback management software tool that will reduce fraud loss and help you manage disputes or invest in hiring a high quality eCommerce Developer to help you properly protect your eCommerce business.
3. Account Takeover Fraud
When someone gains access to a user’s personal account on an ecommerce website and actively uses the account to make purchases is known as Account Takeover Fraud. This can be achieved through a variety of methods, including gaining access to account passwords and security codes, or personal information that will assist them into getting into your account as they can technically prove that they are the account owner.
Fraudsters will do more than just make purchases. They can edit the details of a user’s account to something that allows them to login again easily, withdraw any funds that are associated to the account and even gain access to other accounts linked to this user.
Account takeover fraud can heavily damage not only the account owner’s security and obviously their finances, but also your retailer reputation, with a cloud of mistrust amongst your users drifting amongst your ecommerce website or umbrella of websites. Customers with accounts will feel that their data may be next to be stolen, leaving them vulnerable if they remain on your eCommerce website, unless you enforce some stronger security rules.
4. Interception Fraud
When fraudsters place orders on your ecommerce website where the shipping address and billing address match that of a stolen credit card, this is known as Interception Fraud. After placing an order, they will actively go and attempt to intercept the package, literally taking the goods themselves.
The fraudster would start with asking customer service to edit and change the shipping address on the order before it is shipped. This allows them time to gain the goods whilst the payment is made by the victim. They may also contact the shipper (whether it is FedEx, UPS, or another courier) to reroute the order to a chosen address. This process is simpler if they live near the victim, as they can wait for the physical delivery of the package, sign for the package and claim it for themselves.
5. Triangulation Fraud
A more complex type of fraud which is still very common is Triangulation fraud. This type of fraud requires three elements to be involved: the fraudster, a shopper, and an ecommerce store. The fraudster creates a ecommerce storefront that sells high-demand goods at competitive prices on something like Amazon, Shopify or any other platform.
The fraudsters then post goods at cut prices on their ecommerce store, easily drawing in multiple legitimate customers who think they have found an amazing sale or bargain. After these bargain-hunting customers place orders on the fraudster’s ecommerce website, the fraudster uses stolen credit card numbers to purchase legitimate goods from your ecommerce website, and then send those goods to their customers.
This leaves the customers of the fraudster’s store receiving real goods for an unrealistic price, the victims with their credit cards being stolen and your ecommerce website being tied into an illegal scheme that you won’t even know is happening.