5 Types of eCommerce Fraud
Table of Contents
- Credit Card Fraud
- Friendly Fraud
- Account Takeover Fraud
- Refund Fraud
- Card Testing
- Why Prevention is Crucial
- What Is the Most Common Form of Online Payment Fraud?
Fraud is a major problem across all industries and sectors, but for online merchants in particular, it’s especially concerning.
Estimates suggest that fraud cost eCommerce merchants $12 billion in 2020, and although there have been some successful efforts to combat it, overall fraud rates show no signs of slowing down. In order to adapt to the growing rate of fraud in online payments, eCommerce merchants should stay informed on the different types of fraud they face and how to prevent them. In general, eCommerce fraud falls into one of the following five categories.
Credit Card Fraud
This is the type of online fraud most people are familiar with, and it typically refers to a transaction done with stolen payment information—someone else’s credit card, banking info, etc.
Credit card fraud often results from a hack of a customer information database that's not properly secured. Stolen credit card information is bought and sold online, and this information can be used to make fraudulent purchases, especially from merchants whose fraud protection isn't up to snuff.
If someone gets their hands on enough personal information about someone, they can commit identity theft, and open accounts in their name. This also falls under credit card fraud.
The rise of online shopping has come with a commensurate rise in credit card fraud, thought it's also the type of fraud that card networks have put the most effort into fighting. Changes like EMV chips and new payment methods like Click to Pay are largely targeted at this type of fraud. Most common anti-fraud tools are fairly effective at tackling this type of fraud, although identity theft in particular can be difficult to stop on the merchant's end of things.
It might sound harmless, but a friendly fraudster isn’t someone you want around.
Friendly fraud is when a customer knowingly makes a purchase, but then disputes the charge with their bank anyway—likely in an attempt to get a free product or service.
Friendly fraud also might occur when a customer is frustrated with a merchant (or their shipping or customer service) or out of impatience if a delivery has been delayed. However, the most common form of friendly fraud is the result of unclear merchant descriptors. If someone is looking at their account history and sees a payment with a description that doesn't seem familiar, they will often file a chargeback to dispute it. Merchants can avoid this by ensuring their descriptor is clear, and using programs like Order Insight to preempt confused customers.
Account Takeover Fraud
Account takeover fraud occurs when a thief gains access to someone else’s online account—maybe the login to Amazon, an online store, or possibly to their PayPal, Apple Pay, or Google Pay account.
In many cases, this is easier than you’d expect. Most people use low-security passwords that fraudsters can easily hack with a little bit of personal information found on the web. Even more reuse the same passwords for multiple sites, so if customer credentials from a low-security site are leaked, fraudsters can attempt to use the same information to login to more secure websites.
Phishing is also a common cause of account takeover. A fraudster sends an email pretending to be the victim's bank or some other business they have a relationship with, and directs them to a website designed to look official that asks them to log in or enter some personal information.
There's not always a lot merchants can do about this type of fraud, which is part of why it has become so common. Nearly 30% of eCommerce fraud is the result of account takeover. Some fraud tools can take on account takeover fraud, however, by using device fingerprinting or location data to red flag suspicious transactions.
In refund fraud schemes, the thief purchases an item with a stolen credit card, and then returns it for a refund—on a different card or account.
This began as a common fraud strategy in brick and mortar stores (often with the fraudster seeking cash), but its prevalence has risen in the online environment in recent years. Increasingly generous refund policies have also made refund fraud easier than ever. While a generous refund policy can be a great way to prevent friendly fraud chargebacks, it's important to be aware of the downsides. The easiest way to prevent people seeking to commit refund fraud from targeting your business is simply to mandate that all refunds be returned to the same card with which the payment was made. The increasingly widespread adoption of this practice has been effective at reducing these fraud attempts.
Card testing fraud is one of the fastest growing types of online fraud out there, thanks to the aforementioned compromises of customer information databases..
Card testing occurs when a cyber thief “tests” a stolen credit card number to see if it's functional.
They might do this by making smaller purchases at first, to see if they go unnoticed, and then branching into higher-cost items until they max out the balance. This type of fraud can be extremely costly for merchants, even at the beginning, since fraudsters typically charge a large number of smaller purchases all at once using multiple stolen credit card numbers. If these turn into chargebacks, it could mean thousands in lost sales—not to mention chargeback penalties.
Methods for preventing card testing are mostly the same as for preventing credit card fraud in general, however merchants can also take advantage of velocity checking tools that look for multiple purchases using the same IP or device fingerprint to attack card testing more directly.
Why Prevention is Crucial
When it comes to online fraud, it’s not just the lost product and incorrectly declined transactions that cost merchants cash. The chargebacks that follow fraudulent purchases also cost businesses millions.
From the actual lost sales themselves to the chargeback fees, resources spent fighting the chargebacks and the looming threat to their merchant accounts, chargebacks pose yet another significant financial risk to today’s online retailers.
That’s why prevention of fraud—as well as the chargebacks that come with them—is crucial to operating a financially healthy business in today’s day and age.
What Is the Most Common Form of Online Payment Fraud?