As an e-commerce business owner, you and your team are constantly faced with the need to juggle multiple tasks at once. Whether it be quality control of your products, customer service, keeping up-to-date with your SEO or simply managing your social media accounts, it’s a constant, ongoing battle of busyness. Needless to say, one of the most important responsibilities of e-commerce is fraud protection. When you’re aware of how hackers are gaining access to online customer data, you’re able to better secure your site in order to protect and reassure your customers. Trust goes a long way in online business and an increase in your level of security can help with most e-commerce fraud. So, continue reading to brush up on a few common schemes that fraudsters are using.
This type of fraud generally consists of stolen credit card credentials that are purchased from the dark web. The purchased goods are sent to re-shippers in an attempt to retrieve stolen merchandise and often, internet proxies are used to cover up any international IP addresses.
Three parties are involved in this type of fraud — the fraudster, the shopper and the e-commerce store. The fraudster begins by creating an online storefront, often on eBay or Amazon, that offers buyers high-demand goods at incredibly low prices. The store collects the payment after the purchase is made, then uses a stolen credit card to purchase the goods from a legitimate website and proceed by shipping them to the customers.
The fraudster begins by processing an order where the billing and shipping information match the address that’s linked to a card. Then they try to intercept the package by changing the address last minute before the order ships, contacting the shipper directly to reroute the package to a new address where they’re able to retrieve it from or simply by waiting outside the address of delivery and offering to sign for the package.
Card testing fraud
This practice tests the validity of a credit card number, with the plans to use those credentials on another website to commit fraud. Fraudsters often target websites that reveal a different response for each type of declined payment. For example, when a card is declined due to an incorrect expiration date, a response is given allowing the individual to simply fill in a different date. This gives multiple opportunities for the information to be entered.
Account takeover fraud
Now, this is an extremely important fraud case to be aware of. A fraudster doesn’t always need to have the credit card information to be able to steal. If they’re able to get a hold of a customer’s login details, on an account where their credit card credentials are stored, they are able to change the shipping address and make purchases on behalf of the cardholder.
How can you protect your business from e-commerce fraud?
- Choose a secure platform.
- Use a secure connection for online checkout (SSL authentication for web and data protection).
- Don’t store sensitive data.
- Use an address and card verification system.
- Require users to create strong passwords with both upper and lowercase letters as well as symbols or numbers.
- Set up system alerts for suspicious activity.
- Use tracking numbers for all of your orders.
- Monitor your site.
- Perform regular Payment Card Industry (PCI) scans.
- Contact Numinix to integrate fraud-prevention filters on your website.
Are there any other types of e-commerce fraud that we didn’t discuss? Please share your thoughts in the comments section below.