eCommerce has surged in the past two years, reaching $4.2 trillion dollars this year, even as restrictions from the recent pandemic wind down. In the US, over one in five (21.3%) purchases were made online in 2020, growing 44.0% on the previous year. In the UK, it accounts for over a quarter of all purchases, and has been as much as 36% of all purchases in December of 2020. Although we are unlikely to see that record broken for perhaps a decade in the post-pandemic period, it has been slowly rising from 2.8% in 2006 to around 19% just before the pandemic.
However, just as eCommerce surged, online fraud increased 70% during the pandemic, so now companies have to contend with the possibility that a significant percentage of their transactions will be fraudulent. Although fraud can happen in physical retail, it is rare because of the presence of staff and security cameras – online, anyone can pretend to be anyone else with the right credentials, which are available to buy in bulk through darkweb marketplaces.
There are three main fraud types to be aware of if you or your company is thinking about selling products online:
1. Transaction fraud
A stolen credit card number can sell for as much as $150 if it comes with the cardholder’s CVV, address and security information like their mother’s maiden name. Once a fraudster has purchased it they need to turn that information into money, and one of the safest ways to do this is to buy products online and sell them.
The cardholder will get their money back quickly once they initiate a chargeback, but the merchant will be stung three times over: they will have to refund the payment in full, accept the loss of their item and pay an admin fee to the card network. Too many chargebacks and a card provider might put you in a ‘high fraud target’ category, increasing the fee on each transaction. Chargebacks can be disputed, but this requires an investigation – we created a guide to chargeback fraud prevention and detection.
2. Chargeback fraud
Following on from the fraud type above, chargeback fraud is any knowing or unknowing attempt to get money back for items that were delivered. It won’t be carried out by professional criminals as it requires access to a real bank account to result in a profit, but it is becoming increasingly common.
So-called ‘friendly fraud’ falls into this category. This is where a customer mistakenly initiates a chargeback because they believe a charge on their card was fraudulent. Chargebacks can also be intentional: a customer can initiate a chargeback out of buyer’s remorse on a large purchase or just because they don’t want to go through the returns process. However they do it, the result is the same: money must be refunded and merchants have to pay chargeback fees.
3. Triangulation fraud
This new type of fraud is proving difficult to prevent or detect. A fraudster will put up an eBay listing for an in-demand item, usually at a significant discount, and when it is purchased, the fraudster will use a stolen credit card to purchase the item at full price from elsewhere, shipping it to the eBay buyer. The owner of the credit card will initiate a chargeback, harming the eCommerce store that the fraudster purchased the item from, but will have gotten away with the money from the eBay sale.
Stopping eCommerce fraud
You will notice that in every one of these types of fraud additional damage is done through the chargeback procedure, which has become so harmful to merchants that there is an industry of chargeback dispute companies promising that they can help you fight chargebacks and win.
Before you turn to them, we would urge eCommerce companies to try to prevent fraud before it can occur. Transaction and triangulation fraud both involve fraudsters, to put it simply, pretending to be somebody that they are not in order to use a stolen credit card, and this is a vulnerability. No matter how much they spend to buy credentials, they will not have access to all of another person’s information and there will be gaps that can be found. They will also likely be hiding their digital fingerprints behind VPNs, emulators and other software, another tell-tale sign of fraud.
Just as fraud is always evolving, so is fraud prevention, particularly when AI and machine learning is leveraged to spot patterns and identify red flags. Before you accept that fraud is part of your overheads, do some research into what is available in terms of anti-fraud measures – you’ll be surprised by how much time and money you could save. To learn more, please visit: https://seon.io/
