E-commerce Fraud Prevention – The Pandemic Didn’t Trigger Only Growth But Also Fraud Rise
The COVID-19 pandemic is breeding a global growth of e-commerce sales, with people isolated at home and purchasing their services, goods, and even entertainment online. People are facing a dark period, and the virus has impacted multiple aspects of their life. The way they purchase services and products is only one-way life has changed in the form they knew. ACI Worldwide reports that retail sectors have registered a 74% growth in March compared to the same period in 2019, and online gaming registered a staggering record of a 97% rise.
As expected, when online sales are on the rise, so is fraud. With more people using the Internet to satisfy their needs, fraudsters have access to more targets. E-commerce websites have started to experience critical increases in COVID-19 scam activities and are actively looking for ways to stop fraudulent attempts that target both clients and organizations.
Pandemic trends show that scam attempts have increased by 13% in March 2020, and fraud specialists predict that in the long term, the consumer behavior (preference for online shopping) will encourage growth in fraudulent endeavors. If appropriate solutions aren’t found by the end of the year, the e-commerce fraud losses in the USA can reach $12 billion.
While you cannot stop cybercriminals from targeting your e-commerce website, you can fight them back and teach your clients and employees to prevent online fraud. Here are the worst scams you can deal with and how to stop them.
1. Account Takeover
Fraud prevention continually advances, but so do fraudsters who seek new ways to exploit e-commerce vulnerabilities. Annually, account takeover costs companies $5.1 billion, so it’s no surprise it’s named one of the worst scams, an online website can experience.
When shopping online in the era of data breaches, people expect the brands they patronize to protect their data. 55% of the buyers who experienced an Account Takeover stopped using the e-commerce website. The bad news is most times, loyal customers become scam targets because they trust the merchant enough to join their loyalty programs and allow them to store their credit card info on their servers. Data breaches reflect poorly on brands that don’t protect their clients’ data.
Cybercriminals have created numerous strategies to take over accounts, and often they use the brute force of bots to try millions of passwords a second, to access an account. Sometimes they can even get the client’s password from the dark web, and they can register in their account undetected. Once logged in, they change all information fields and disrupt data. A company can protect its clients from Account Takeover by using fraud detection technology to identify the intrusion attempts and stop cybercriminals before breaching into its customers’ accounts.
2. Email Account Phishing
Email phishing is a scam as old as the Internet, so many people are familiar with the concept and its consequences. 32% of confirmed online attacks involved phishing. Each of you opened an email from a contact you didn’t know who requested your sensitive account information. Lately, the scammers no longer pose in Nigerian princes, but they write emails as e-commerce stores. The most popular email template is a deliver/order confirmation that tries to obtain your sensitive data. Other times they ask you to access a fraudulent website that collects your information.
In the best-case scenario, email phishing directs you to a page with an unexpected advertisement. In the worst-case scenarios, the email isn’t harmless and leads you to a page with viruses, malware or other hacking-elements. How can e-commerce websites stop email phishing? 38% of untrained users fail a phishing test, and 50% of data breaches are the result of a human glitch or error, so it’s crucial to educate their clients and employees to never click on an email from senders they don’t know. However, sometimes hackers log in into emails of people you may know to send you a message. Why wouldn’t you click on a link your manager, Internet provider, or mom sends? Before following the instructions, ask yourself if the sender would ever ask you to act this way.
3. Triangulation Fraud
Three parties are required for a triangulation fraud to be successful, the victim (most times a buyer looking for bargains), an e-commerce website (that provides unbelievable offers), and the fraudster. The hackers create an online store with high-demand articles and low prices and lure buyers with advertisements.
The unsuspecting buyer places an order and provides the platform with their sensitive data and credit or debit card. The criminal uses their credit card credentials to purchase the same product but from a legitimate online shop.
The best way to prevent triangulation fraud is to use only reliable websites. Before placing an order and paying online for products, check the site, and look for reviews.
E-commerce websites are often the target of pagejacking, a tactic that creates a fraudulent web page to mimic one of the existing reliable sites. The clients access the online store they used hundreds of times, but they land on a page that seems a little off. Commonly, pagejacking cases include a high-ranking website and siphoning off its search engine traffic. When hackers jack the page of a reliable site, they also use a method called mousetrapping to prevent the user from exiting the page. Whenever they try to close it, a new window opens, and when the user attempts to exit the browser, their computer gets flooded with a myriad of pop-ups. This is one reason merchants prefer to create websites with Shopify Plus because it offers additional security measures that protect sensitive customer data like credit card information.
From the e-commerce point of view, pagejacking is another phishing method hackers use to collect sensitive information. The new page mimics the online store’s login menu and solicits customers’ usernames and passwords. The best way for merchants to protect their clients is to use encryption to store and transmit customer data. It won’t stop hackers from obtaining it, but they won’t be able to use it.
Fraud prevention measures enhance an online store’s success and prevent fraud schemes that can impede progress.
E-commerce Fraud: How To Report a Scammer
Warn your family and friends about these e-commerce types of ffraud by sharing this article on social media using the buttons provided. You can also officially report the scammers to the Federal Trade Commission using the link below:
How To Prevent Identity Theft and More
If you want to be the first to find out the most notorious scams every week, feel free to subscribe to the Scam Detector newsletter here. You’ll receive periodic emails – we promise not to spam. Last but not least, use the Comments section below to expose other scammers.
Verify a website below
Are you just about to make a purchase online? See if the website is legit with our validator: