Ecommerce Fraud Detection & Prevention: The Key Attacks on Online Stores

Ecommerce Fraud Detection & Prevention: The Key Attacks on Online Stores

Author avatar

May 28, 2021 by Bence Jendruszak

Ecommerce is fast-paced, competitive, and at times challenging.

The last thing you want to worry about is how to deploy a Risk Ops or fraud prevention system.

And yet, as we’ve seen time and time again, every online store owner soon realises that they must protect themselves against fraudsters. In fact, the pandemic has greatly accelerated this need, as fraud rates skyrocketed by 70% during the crisis.

This is why, in this article, we’ll go through the most common attacks on online stores, and we’ll give you pointers on how to defend yourself.

But first, let’s get the basic definitions out of the way:

What is eCommerce Fraud Detection and Prevention?

Ecommerce fraud detection and prevention cover all the tools and processes an online store can put in place to reduce the costs and resources lost to fraud. This includes blocking transactions with stolen credit card numbers and reducing chargebacks and friendly fraud, amongst others.

Common ECommerce Types of Fraud to Watch Out For

There was once a time when only stores dealing in luxury items or high-value electronics were targets of fraudsters. 

These days, anyone’s game. It barely matters if you deal in physical or digital goods and whether you sell items worth hundreds of thousands, or merely inexpensive merchandise. Fraudsters have – and will continue to – attack any business that accepts payments. 

Here’s how it’s likely to affect you:

Transaction Fraud

While payment gateways like Stripe and PayPal have made it easier than ever to accept credit card payments, what goes in behind the scenes is surprisingly complex. This is what it looks like in diagram form:

How Does Online Payment Processing Work

The problems begin to arise when a fraudster makes a purchase with a stolen credit card number. This is the definition of transaction fraud, also known as credit card fraud, or CNP fraud (card not present). 

Here’s a breakdown of what happens:

  1. A fraudster acquires a credit card number and uses it to pay on an online store.
  2. The store processes the payment.
  3. The real cardholder notices a strange transaction.
  4. They contact their bank and initiate a chargeback to get their money back.

So far, so good. The chargeback process is designed to refund the legitimate cardholder, and it works.

However, it’s expensive to process, and the responsibility falls on the online store. That’s right, when a fraudster buys something on your site, you have to:

  • Refund the payment.
  • Accept that you lost a sale.
  • Pay an expensive admin fee to the card network.

To make matters worse, if too many chargebacks are requested on your site, the card network may put you in a high fraud target category, where the fee for processing each payment will increase.

Of course, you can dispute the chargeback. But this is a time-consuming process, which requires in-depth knowledge of the kind of evidence you need to provide. 

For more information on how to win more chargeback disputes, please consult our ebook here.

Friendly Fraud

Not all transaction fraud is caused by bad agents. Sometimes, a chargeback is initiated by someone whose card was not stolen. It’s called friendly fraud, or first-party fraud and it tends to fall into three categories:

  • Innocent or accidental requests: the refund request is made by customers who do not recognise a purchase made with their own credit card. It is also known as friendly or first-party fraud because the card is indeed in the right cardholder’s possession at the time.
  • Opportunistic friendly fraud: refunds are increasingly weaponised by opportunistic and dissatisfied customers. This could be because of a store policy they disapprove of (offering travel credit instead of refund), or simply because they feel buyer’s remorse. Wardrobing, which is mentioned above in the return fraud section, also falls under that umbrella.
  • Malicious friendly fraud or chargeback fraud: at first glance, there seems to be a contradiction in terms here, but the fact is that some buyers will know in advance that they’re going to request a chargeback. These bad customers have every intention to have their cake and eat it, by receiving an item, claiming it never arrived, and asking for their money back.

These attacks also result in chargeback fees, so the problems are essentially the same as with standard transaction fraud – with the added challenge of proving the cardholder’s bad intention when disputing the chargeback.

A Note on Chargeback Guarantee Fraud Prevention Models

In recent years, a growing number of eCommerce fraud solutions have popped up, offering a chargeback guarantee pricing. The idea is that they will block all transactions and friendly fraud, and if you still get chargebacks, they will pay the admin fee themselves.

In practice, this is a great model for smaller businesses. You get peace of mind and can focus on your sales, rather than worry about fighting fraudsters and card network operators all the time.

However, problems arise when you consider false positives. The term simply refers to cases that are marked as fraudulent, when they are actually legitimate customers. 

If you think about it, chargeback-guarantee solutions have a strong incentive to be extra careful with transactions. The more transactions they block, the better the fraud rates will look.

But they will also often block business from legitimate customers. False positives rates increase, and customer dissatisfaction too. Seeing how cut-throat the eCommerce world is, it makes little sense to send potential customers to competitors by blocking their payments on your site.

Return Fraud

Another booming trend sees fraudsters abuse online stores’ return policies, often in combination with transaction fraud. Here are ways in which they attempt to exploit them:

  • Receipt fraud: Using reused, stolen or falsified online receipts to return merchandise for profit. Alternatively, returning goods purchased on sale or from a different store at a lower price with the intention of profiting from the difference.
  • Price arbitrage: purchasing differently priced, but similar-looking merchandise and returning the cheaper item as the expensive one.
  • Switch fraud: purchasing a working item, and returning a damaged or defective identical item that was already owned or purchased with a stolen credit card.
  • Bricking: purchasing a working electronic item, and deliberately damaging or stripping it of valuable components to render it unusable, then returning the item for profit.
  • Cross-retailer return: returning or exchanging an item purchased at another retailer (usually at a lower price) for cash, store credit or a similar, higher-priced item at another retailer.
  • Open-box fraud: purchasing an item from a store and returning it opened with the intent to re-purchase it at a lower price under the store’s open-box policies. A variation of price-switching.
  • Inventory depletion: purchasing an entire shop’s inventory with the intention of selling the same one in their own store. They return the items within the rights of the policy later.

One of the most common return fraud tactics in the world is called wardrobing. It happens when users purchase an item of clothing with the intention of wearing it for a short period of time and returning it later. It is considered a form of friendly fraud.

Click here for more information on return fraud and the tools you can use to spot and prevent it.

Triangulation Fraud 

A recent fraud technique has been making waves in the eCommerce world lately. It’s called triangulation fraud, and it works as follows:

  1. A cardholder makes a purchase with a marketplace seller (eBay).
  2. The seller (fraudster) buys the same item from your online store.
  3. They use a stolen credit card number and give you the original customer’s shipping address.
  4. You ship the item to the customer.
  5. The owner of the stolen credit card number initiates a chargeback.
  6. You try to get in touch with the eBay seller, but they ignore you. You have to pay the chargeback fee.
E-commerce fraud triangulation fraud isolated

In that scenario, the initial seller receives the item they paid for. The marketplace seller appears legitimate. 

But behind the scenes, someone’s money is stolen, and it’s you, the online store, that has to refund it, after shipping an item. 

This is a great example of how widespread and sophisticated fraud has become. Fraudsters are always looking for new avenues to exploit online stores and they can take advantage of lax rules on marketplaces such as eBay, as well as the need for online stores to accept payments as fast as possible.

Identifying Fraudulent eCommerce Activity

Fraudsters try their best not to tie their online activities with real-life identities. This is why identifying customers before they reach the checkout stage can help reduce fraud rates. You can compare data points such as their IP address geolocation and shipping address, for instance. Failing to confirm the cardholder’s identity on a social media site can also increase the risk of fraudulent payment. 

For most online stores, transaction fraud will appear as card testing. These are low-value transactions that fraudsters use to see if the card can work. Keep an eye on transactions under $1, especially when they all come from the same account. 

Finally, understanding how users connect to your site can point to risk. For instance, customers using VPNs, proxies or emulators are definitely trying to spoof data: you should be extra vigilant with their transactions.

Triangulation Fraud: Signs to Watch Out For

Note that while some platforms like Shopify or payment gateways like Stripe offer built-in eCommerce fraud detection and prevention, the tools will not be advanced enough to flag attacks such as triangulation fraud. Here are a few common data points to monitor:

  • New customer profiles: keep a close watch on new accounts that immediately buy the same items regularly. They might look like loyal customers but actually point to fraudulent sellers.
  • Conflicting addresses: if the shipping address and billing address don’t match, it should increase your suspicions.
  • Low-value transactions: fraudulent sellers will try to stay under the radar by focusing on low-value goods or services.
  • Invalid contact details: if you attempt to contact your customer and don’t hear anything from them, you could be dealing with a fraudster.
  • Connections between users: this type of fraud tends to be committed by organised fraud rings, who rely on the same devices to connect to your store.

You have a few options here: you can take all the data points and perform an in-depth manual review, to confirm whether you are dealing with a legitimate customer or not.

But because time is often of the essence when shipping products (especially digital goods), it’s worth combining all these data points together and feeding them through automated risk rules, you can also perform a behaviour analysis, which will not just highlight suspicious data points, but also flag risky customers over time. 

Other Tools eCommerce Merchants Should Deploy

For better fraud protection, you need to know as much as possible about your customers. This is why your strategy should include eCommerce fraud prevention tools such as:

  • Data enrichment: you can use a single data point, such as an email address or a phone number, and build a complete profile of your customers based on it. For instance, you can check if the email address is valid, whether it’s been opened with a temporary domain service or one that increases risk (no verifications during email account opening). This is particularly helpful when performing a manual review, to confirm a customer’s identity before shipping a product, for example.
  • Reverse social media lookup: thanks to data breaches and dark web marketplaces, fraudsters have access to tons of credit card numbers. What they can’t do, however, is create full social media profiles to match every name on the credit cards. This is a great chance to check if a user appears legitimate or not based on their social presence. SEON can check 20+ social networks.
  • Device fingerprinting: this technique looks at how customers connect to your site. It’s helpful to spot suspicious logins via VPNs, proxies or emulators, but also to spot connections between accounts. A lot of fraudsters will recycle the same devices and IP addresses, so flagging them can help you take down entire fraud networks at once.

Ecommerce Fraud Protection With Machine Learning

A good eCommerce fraud solution allows you to sift through all your customers’ data to find suspicious fraud patterns. With basic tools, that data is fed through risk rules. For instance: a rule can state that IPs from blacklisted countries will not be able to go through the checkout.

But because fraudsters adapt to your solutions, it’s important to anticipate new attack vectors before they damage your eCommerce. 

This is why machine learning systems, such as SEON’s can analyse hundreds of data points and notice connections between fraudulent cases. It will then suggest rules that you can deploy to block online payment fraud, friendly fraud and other attacks as soon as possible.

Share article

Learn more about our products

Products

Author avatar
Bence Jendruszak
COO

Bence is the co-founder and COO of SEON whose vision is to create a safer online environment for merchants in high risk verticals.


Sign up to our newsletter