E-commerce is fast-paced, competitive, and at times challenging. In 2023 alone, online retailers lost a staggering $48 billion to fraudulent activity. To stay ahead, it’s critical to understand the types of fraud targeting your business and how to detect them before they wreak havoc.
This article breaks down the most common e-commerce fraud schemes and offers practical tips to protect your store.
What Is Ecommerce Fraud?
E-commerce fraud encompasses a wide range of malicious activities aimed at exploiting online stores. While fraudulent transactions using stolen credit card information are the most common threats, other tactics like account takeovers and return fraud are on the rise. The global reach of e-commerce is both its strength and vulnerability, as bad actors can easily impersonate legitimate customers using false identities or stolen data to purchase goods and services for resale.
One of the most damaging outcomes of e-commerce fraud is the surge in chargebacks. A high rate of chargebacks not only leads to lost revenue but can also harm your standing with credit card networks, resulting in higher processing fees and potentially labeling your business as high-risk.
7 Types of Ecommerce Fraud
Here are seven examples of how fraudsters may target your ecommerce in order to exploit it:
1. Transaction Fraud
Transaction fraud occurs when malicious actors use stolen credit card information to make purchases, often referred to as credit card fraud or card-not-present (CNP) fraud. In these cases, not only do you lose the sale, but you’re also required to issue a refund to the legitimate cardholder if they request a chargeback.
The impact doesn’t stop there—too many chargebacks can push your business into a high fraud target category with card networks, leading to increased processing fees and further financial strain. Preventing transaction fraud is essential to avoid these costly consequences.
Discover how SEON’s real-time transaction monitoring prevents fraud, ensures compliance, and unlocks customer insights, helping your business stay ahead in the evolving retail landscape.
Learn more
2. Friendly Fraud
Friendly fraud, or first-party fraud, tends to fall into three categories:
- Innocent or accidental requests: The refund request is made by customers who do not recognize a purchase made with their own credit card.
- Opportunistic friendly fraud: Refunds are increasingly weaponized by opportunistic and dissatisfied customers. This could be because of a store policy they disapprove of (e.g. offering travel credit instead of refund), or simply because they feel buyer’s remorse.
- Malicious friendly fraud or chargeback fraud: some buyers know in advance that they’re going to request a chargeback. These bad customers have every intention to receive an item, claim it never arrived, and ask for their money back.
These attacks also result in chargeback fees, so the problems are essentially the same as with standard transaction fraud – with the added challenge of having to prove the cardholder’s bad intention when disputing the chargeback.
3. Return Fraud
Another booming trend called “return fraud” sees fraudsters abuse online stores’ return policies, often in combination with transaction fraud. Here are ways in which they attempt to exploit online merchants:
- Receipt fraud: Using reused, stolen or falsified online receipts to return merchandise for profit. Alternatively, returning goods purchased on sale or from a different store at a lower price, with the intention of profiting from the difference.
- Switch fraud: Purchasing a working item, and returning a damaged or defective identical item that was already owned or has been purchased with a stolen credit card for this purpose.
- Bricking: Purchasing a working electronic item and deliberately damaging or stripping it of valuable components, thus rendering it unusable, then returning the item for profit without informing the merchant that it no longer works.
- Open-box fraud: Purchasing an item from a store and returning it opened with the intent to re-purchase it at a lower price under the store’s open-box policies. A variation of price-switching.
- Inventory depletion: Purchasing an entire shop’s inventory so that consumers are more likely to buy the same items from the fraudster’s own store. The items are later returned for a refund, within the rights of the policy.
4. Wardobing
Wardrobing, a widespread form of return fraud, occurs when customers purchase clothing with the intent to wear it briefly and then return it for a refund. Although this tactic initially plagued brick-and-mortar stores, it has become even more prevalent with online shopping, where buyers can return items without facing store staff in person.
According to the Retail Technology Review, wardrobing costs retailers an estimated £1.5 billion ($1.89 billion) annually, making it one of the most common and damaging forms of return fraud globally.
5. Triangulation Fraud
Triangulation fraud involves a legitimate customer, a legitimate online store and a fake online store operated by a fraudster who has access to stolen credit card details.
- A customer places an order with a marketplace seller (e.g., on eBay or Amazon).
- The seller, who is actually a fraudster, then purchases the same item from your legitimate online store using stolen credit card details.
- They provide your store with the customer’s shipping address, so you unknowingly ship the product directly to the buyer.
- The customer, unaware of the fraud, receives the item, believing they’ve purchased from a legitimate seller.
- The actual cardholder notices the unauthorized transaction and files a chargeback.
- As the legitimate online store, you’re hit with the chargeback fee, and the fraudster vanishes with the customer’s payment—leaving you to cover the loss despite fulfilling the order.
This type of fraud leaves both the customer and your business in the dark, while the fraudster profits at your expense.
6. Account Takeover Fraud
When your online store allows customers to hold store credit in their accounts, it essentially transforms these accounts into e-wallets. This creates a significant incentive for criminals to engage in account takeover fraud.
Account takeover fraud is particularly damaging, as it serves as a gateway to further fraudulent activities. Once a fraudster gains access to a customer’s account, they can exploit personal information to commit additional crimes, such as making unauthorized purchases or stealing identities.
Moreover, this type of fraud can tarnish your reputation. Customers may complain about their accounts being “hacked,” directing blame towards your security measures and eroding their trust in your business. Protecting against account takeovers is crucial to maintaining both customer loyalty and your brand’s integrity.
7. Bonus Abuse Fraud
As competition in the online retail landscape intensifies, retailers use coupons and bonus offers to attract customers. Unfortunately, this also creates a significant incentive for fraudsters.
Fraudsters may exploit your bonus program by creating multiple accounts to refer themselves and claim rewards. This not only undermines your marketing efforts but also impacts your bottom line, resulting in lost revenue on items that could have been sold at full price to genuine customers. Protecting your promotional programs from abuse is essential to maintaining profitability and sustaining your competitive edge.
Enhance your security, boost customer trust, and maximize profits with SEON’s real-time insights and proactive measures tailored for the retail industry. Take the first step toward a safer online shopping experience.
Ask an Expert
How to Detect Ecommerce Fraud
To effectively combat e-commerce fraud, focus your anti-fraud efforts on three key stages: signup, login and transaction. Here’s how to enhance your detection capabilities:
- Leverage data analytics for fraud prevention: Utilize data analytics to identify inconsistencies that may indicate fraud. For example, an order placed with a US card but shipping to Croatia should raise red flags.
- Perform a card BIN lookup: Understanding the payment method can mitigate risk. A BIN lookup reveals card validity, registration location, and type—note that prepaid cards generally carry higher risks than standard credit cards.
- Check for a digital/social footprint: Verify the cardholder’s identity using public data from social media. Digital footprint analysis can help you get enriched data on users based on their email or phone number, enhancing identity verification.
- Identify card testing attempts: Watch for low-value transactions, particularly those under $1, which fraudsters often use to test card functionality. Multiple such transactions from the same account warrant scrutiny.
- Monitor connection methods: Be vigilant with users connecting via VPNs, proxies, or emulators, as they may be attempting to spoof their data.
- Assess shipping behavior: Employ velocity rules to analyze customer behavior. High volumes of small transactions within a short time frame or repeated failed login attempts can indicate potential fraud.
- Spot connections between users: Analyze data on your customers to uncover suspicious connections, such as multi-accounting fraudsters abusing promotions. Identifying users signing up from the same IP address can help you take preventive action.
Implementing these strategies through the right e-commerce fraud detection software is essential. Look for features like risk scoring, digital footprint analysis, device intelligence and machine learning to enhance your risk management approach.
Triangulation Fraud: Signs to Watch Out For
Note that while some platforms like Shopify or payment gateways like Stripe offer built-in ecommerce fraud detection and prevention, their tools will not be advanced enough to flag more complex attacks such as triangulation fraud. That’s why it is key to have a robust system for fraud detection.
Here are a few common data points to monitor, in order to be protected:
- New customer profiles: Keep a close watch on new accounts that immediately buy the same items regularly. They might look like loyal customers but this actually points to fraudulent sellers.
- Conflicting addresses: If the shipping address and billing address don’t match, it should increase your suspicions.
- Low-value transactions: Fraudulent sellers will try to stay under the radar by focusing on low-value goods or services.
- Invalid contact details: If you attempt to contact your customer and don’t hear anything from them, you could be dealing with a fraudster.
- Connections between users: This type of fraud tends to be committed by organized fraud rings, who rely on the same devices to connect to your store.
You have a few options here.
You can take all the above data points and perform an in-depth manual review, to confirm whether you are dealing with a legitimate customer or not. But because time is often of the essence when shipping products (especially digital goods), it’s worth combining all these data points together and feeding them through automated risk rules.
You can also perform behavior analysis, which will not just highlight suspicious data points but also flag risky customers over time.
What Ecommerce Fraud Prevention Tools Should Merchants Deploy?
For better fraud protection, your strategy should include these two essential e-commerce fraud prevention solutions:
- Digital footprint analysis: Digital footprint analysis involves gathering online activity related to a user from data points like email addresses or phone numbers. It reveals associated social media accounts, links to data breaches, the user’s IP address and location, the age of the contact information, whether it’s disposable, and the network provider. This information creates a unique profile, helping businesses assess potential fraud risk based on publicly available data.
- Device intelligence: Analyzing a user’s unique device configurations and behaviors helps create a profile in order to identify suspicious activity. By leveraging real-time data on device identification, location and network settings, businesses can flag and block potentially fraudulent setups, ensuring a more secure transaction environment.
Ecommerce Fraud Protection With Machine Learning
In the rapidly changing e-commerce landscape, fraud protection is crucial for securing revenue and customer trust. Traditional methods, like blocking IPs from blacklisted countries, can be easily bypassed. To stay ahead, retailers need advanced solutions like machine learning. SEON’s platform analyzes vast customer data to detect suspicious patterns, using AI trained on historical transactions to identify subtle connections and adapt to new threats.
By creating dynamic risk rules, SEON proactively blocks payment fraud while ensuring a smooth experience for legitimate customers. As fraud tactics evolve, machine learning is key to effective protection for retailers.
FAQ
Ecommerce and online stores are the targets of transaction fraud attacks (paying with stolen credit card numbers), account takeovers (stealing user accounts), return fraud and more.
Detecting ecommerce fraud starts by logging as much data about customers as possible. It helps to authenticate them at login, spot suspicious information that could point to chargeback fraud, and identify customers who abuse return policies.
Detecting friendly fraud is harder than standard payment fraud. However, fraud detection tools can help you acquire detailed transaction and user data, which will enable you to dispute a chargeback request from an unscrupulous buyer.
The key to preventing ecommerce chargebacks is to create a full profile of your users based on minimal data points and with minimal friction. For instance, an email address could point to a social media profile, which lets you know the person really exists.
You might also be interested in reading about:
- SEON: How to Improve Gift Card Fraud Prevention
- SEON: Best Fraud Detection Software
- SEON: Payment Fraud: How to Detect and Prevent It in Your Business
Learn more about:
Digital Footprint | Device Intelligence | Device Fingerprinting | Fraud Detection API
Sources
- The Telegraph: Online store fraud rates skyrocket during pandemic
