Put simply, online fraud—also called e-commerce fraud—occurs when someone uses stolen or fake information to make an online purchase.
There are many kinds of e-commerce fraud, but below are four of the most common:
Account takeover (ATO) fraud:
ATO attacks occur when fraudulent actors use stolen identities, bot attacks, phishing, malware, and other tools to acquire user credentials and take control of an e-commerce account. After they’ve breached the account, the criminal can transfer money, make purchases, modify the account, or even target the victim’s other accounts. Spikes in sign-ins, lockouts, and changes to account profiles can all signal potential ATO attacks.
First party misuse
Often referred to as “friendly fraud,” this kind of fraud has a financial impact on merchants even though it’s often not malicious. It occurs when an online purchase is made by the card holder or a family member, such as a child. The card holder then either forgets they made the purchase, or is unaware of the purchase made by the family member, and reports it to their bank as fraud which results in a chargeback.
Card testing fraud
In this common form of credit card fraud, when malicious actors obtain stolen credit card account numbers, they’ll often use scripts or bots to quickly make multiple online purchases to verify that the accounts are still valid and ascertain the associated credit limits. Before the typically small test purchases are detected, the criminals will make several large purchases, usually right up to the credit that’s available on the accounts.
Third party fraud
Also referred to as third party misuse, this is one of the most common types of e-commerce fraud. It happens when a bad actor gains access to stolen payment information, like a credit card number, and uses it to make an online purchase. When the actual card holder becomes aware of the unauthorized purchase, they report it to the bank which results in a chargeback to the merchant.
Fraudulent activities like these can be significantly reduced with the right fraud prevention solution. For example, those that use advanced AI techniques and learn from a wide network of data are able to review online purchases and spot patterns that indicate if the activity is real or fraudulent.These solutions work like this: When an online purchase is initiated, it analyses many aspects of the transaction such as who’s initiating the purchase, what device is being used, which product being purchased, and what card is being used. Then, when the system detects suspicious patterns, it alerts you that the purchase has been flagged as possible credit card fraud so you can block the transaction from going though.
When e-commerce fraud occurs, your business suffers more than revenue losses. You also have to contend with damage to your company’s reputation as well as the loss of customer trust.
Each of these negative impacts—financial losses, damaged reputation, and diminished trust—threaten the long-term health of your business. Regardless of the size of your company, the risk from these types of e-commerce fraud is real.
Neglecting certain practices can put your business at a greater risk of e-commerce fraud. For example, companies must monitor the source of their website traffic, track sales and chargebacks, monitor customer fraud complaints, and look for changes in the buying patterns of existing customers. Without this critical monitoring, businesses and their customers are more likely to be targeted by criminals.
In addition, organisations must remain aware of current fraud trends and should talk with their partners and service providers to develop strategies that specifically address threats as they evolve.
Questions to ask:
Do you know where certain frauds are originating?
What types of fraud are frequently occurring in your industry?
What is your strategy to mitigate and prevent losses?
What do you still need to bolster your fraud detection and prevention?
When implementing changes to make shopping easier for your customers, are you also making it easier for unauthorized users?
Everyone in your business is responsible for detecting and preventing online fraud. Employees must continually weigh whether a change they’re making to improve the shopping experience for customers is also making it easy for bad actors to commit fraud—one common example of this is introducing a buy-online/pick-up-in-store model.
To prevent theft of credentials that can lead to account takeover fraud, security updates to your business website and applications should be downloaded and installed as soon as they’re available. Set this up so it happens automatically across all devices to make sure your business is always protected.
In addition, educate your employees about the importance of paying close attention to customer complaints and watching for telltale signs of possible fraud; monitoring customer trends is one of the most valuable and reliable warning signs.
Finally, have regular conversations with industry peers, partners, and service providers about trends in fraudulent activities and their current strategies. Make sure you know what’s going on in your industry and keep employees up to date as well.
You know fraud prevention is important to your e-commerce business, but where do you begin?
Start by taking stock of what you need: What threats does your business face? What tools do you currently use to mitigate fraudulent activities? Are those tools able to protect your business from current threats and new activities?
Then look for a comprehensive fraud protection solution that uses machine learning to detect new threats when they appear.
In addition, look for these capabilities when evaluating a fraud protection solution:
Helps protect your revenue by increasing bank acceptance rates and reducing checkout friction that can result in abandoned carts.
Prevents fraudulent account access, fake account creation, and account takeovers.
Prevents loss by quickly identifying potential fraud on returns and discounts for omnichannel purchases.
Five helpful questions to ask as you evaluate a potential fraud protection solution:
Does it use machine learning to detect suspicious activity?
Is it capable of developing knowledge about customers’ unique behaviour patterns?
Does it use machine learning algorithms to flag suspicious transactions?
Can it self-educate and increase its knowledge as customer activities change?
Does it use machine learning algorithms, rather than a rules-based approach, to evaluate transactions in real time?
To safeguard your revenues and reputation, make sure your online business is protected by choosing a standalone e-commerce fraud protection service that integrates with your other retail technologies and supports a seamless customer experience.
Microsoft Dynamics 365 Fraud Protection helps online retailers diagnose transactions, evaluate fraud potential, and protect their business with customisable rules to obtain recommendations for e-commerce transaction decisions.
Engage with experts and peers, read blog articles, and find local events.
Access industry-leading self-help and support options.
Get ready and learn more about new capabilities.