6 Most Common Types of Frauds Used to Target eCommerce Companies
Fraud remains a persistent and evolving threat to eCommerce companies worldwide. As online transactions grow in volume and complexity, so do the tactics used by fraudsters to exploit vulnerabilities in payment systems.
In this article, we will understand the various types of fraud targeting eCommerce businesses. This will help them implement effective preventive measures and protect both their financial assets and reputation.
Payment Fraud
Payment fraud is perhaps the most pervasive threat facing eCommerce merchants. It occurs when fraudsters use stolen credit card information or other payment credentials to make unauthorized purchases.
These transactions often exploit weaknesses in payment processing systems or compromise customer data through:
- Phishing
- Malware
- Data breaches
The financial impact of payment fraud can be significant. It can lead to chargebacks, lost revenue, and damage to customer relationships.
Juniper Research conducted a study to predict merchant losses due to this type of fraud. It was found that the losses will exceed $362 billion worldwide between the forecast period 2023-2028. The year 2028 alone will see losses worth $91 billion.
This growth is being driven by a concurrent increase in eCommerce transactions in emerging markets. Merchants are facing new, more sophisticated threats in these markets. Fraudsters are leveraging artificial intelligence (AI) to facilitate ‘traditional’ fraud strategies like phishing, business email compromise, or account takeovers.
CNP Fraud
As stated by Ethoca, CNP fraud usually occurs when the physical payment card is not given to the merchant. Thus, this is common with eCommerce purchases, as payment is usually made online. It is also common with contactless payments, where the consumers pay through mobile apps, and the merchant never sees any card.
Fraudsters exploit chargeback policies to obtain refunds while retaining the purchased items. This leads to financial losses and increased operational costs for merchants.
It is anticipated that CNP fraud losses will rise in tandem with eCommerce growth. In 2020, US retail eCommerce sales surged by 36.4%, while CNP fraud losses increased by 31.2%. Both areas will gradually return to normal over the next few years.
Since CNP has taken over as the largest kind of credit card fraud, merchants should prioritize spending resources to strengthen security for these channels.
It is extremely difficult for merchants to win chargeback reports. Although 72% of merchants respond to chargebacks, the average net win percentage is just under 9%.
Effective strategies to prevent chargeback CNP fraud include:
- Robust transaction documentation
- Customer verification measures
- Proactive dispute resolution practices
Friendly Fraud
Friendly fraud happens when a customer fraudulently reports that they did not receive the goods or services they ordered online. Put simply, they seek a refund or chargeback from their payment provider.
Unlike traditional fraud, friendly fraud involves legitimate customers exploiting transaction dispute processes to obtain refunds while retaining the purchased items. Therefore, it is also known as first-party fraud because the customers themselves are the fraudsters here. This type of fraud poses challenges for merchants in proving transaction validity and enforcing fair dispute resolution policies.
The sad part is that a lot of people willingly commit first-party fraud. The strain of this is faced by the merchants, who have to bear the losses if they are not able to prove the fraud.
A recent report shows that a staggering 23% of consumers admitted to committing this fraud. Despite having received the goods and being satisfied with the purchase, they raised disputes. The average value of chargebacks due to these disputes in 2022 was $192.53.
Account Takeover Fraud
Account takeover fraud involves cybercriminals gaining unauthorized access to customer accounts through various means. These means can include:
- Phishing attacks
- Password cracking
- Social engineering
Once inside, fraudsters can change account details, make fraudulent purchases, or steal personal information. This type of fraud affects individual customers and undermines trust in eCommerce platforms that fail to secure user accounts adequately.
Sift’s 2023 Q3 Index Report predicted losses of billions in fraud by the end of 2023. Around $635 billion were associated with account takeover (ATO) attacks alone. ATO assaults increased by an eye-popping 354% year on year (YoY) in Q2 2023 throughout Sift’s global network. This rise was following an already alarming 169% spike YoY in 2022.
Identity Theft
In identity theft, fraudsters steal personal information such as social security numbers, birth dates, or addresses to impersonate individuals.
This stolen identity can be used to open new accounts, make purchases, or conduct other fraudulent activities. The consequences for victims can be severe, including:
- Financial losses
- Damaged credit ratings
- Lengthy legal battles to restore their identities
In a recent poll of 2,000 Americans who faced identity theft, around three-quarters (73%) said they experienced it once. The remaining 27% experienced this fraud more than once. This shows the high prevalence of identity theft attacks and how they are increasing in numbers.
Phishing Scams
Phishing scams are fraudulent strategies employed by criminals to fool people into disclosing sensitive information. These frauds frequently use phony emails, websites, or communications that look to be authentic. They prompt unsuspecting victims to disclose confidential information. Successful phishing attacks can compromise eCommerce security measures and lead to financial fraud or identity theft.
Data shows that there were 300,497 phishing victims in 2022 in the US alone. The total loss of these victims was around $52,089,159. While phishing attacks occur all around the country, some states have had significantly more or far fewer attacks, with drastically variable damages.
Frequently Asked Questions
What types of victims do fraudsters mostly target?
Fraudsters generally target the elderly and college students, although any consumer is vulnerable to fraud. Seniors are a common target because of their lack of understanding of technology and fraud. Therefore, they are most likely to click on any malware link.
Which sorts of internet fraud are the most common?
Internet fraud is a broad term and may include many common types of scams. Some of these may include phishing attacks, spyware, spam, identity theft, etc.
Which is the most common way frauds are identified?
Tips from third parties are the most common method of detecting fraud, accounting for 40% of initial detections. Organizations frequently receive these reports via anonymous hotlines, websites, or tip lines. Other approaches to identifying fraud include internal audits, financial inspections, machine learning algorithms, etc.
As eCommerce continues to expand globally, so too does the sophistication and frequency of fraud targeting online transactions. Protecting against these threats requires eCommerce companies to adopt comprehensive fraud prevention strategies. By understanding the common types of fraud outlined above and implementing proactive measures, businesses can mitigate risks.
They can also safeguard their financial assets and maintain trust among their customer base in the dynamic landscape of online commerce.