eCommerce fraud is growing at a rate faster than eCommerce sales. This shocking statistic not only means that your customers are likely to become a target of fraudulent activities, but that your business is at risk, too. With profits, reputation, and future sales on the line, being aware of the latest scams and how to protect yourself is crucial.
What is an eCommerce scam?
The significant volume of financial transactions generated by eCommerce is attracting criminals all across the world, with online scams of many different shapes and sizes. What they all have in common is an aim to benefit from your business unethically or illegally.
Not only is it unnerving to become the target of a criminal attack, but eCommerce scams also bring long-lasting and damaging impacts to you and your business, including:
- Slashing your profits;
- Upsetting your customers;
- Affecting your reviews;
- Damaging your brand image; and
- Costing you significant time.
To protect yourself from the potentially business-fatal consequences of a scam, first, you must understand what a scam looks like.
Common eCommerce scams
We could write all day about the various tactics that criminal use to scam eCommerce businesses out of money and products. So, we’ve done our best to narrow it down to the most common eCommerce scams that you should be aware of.
An account takeover scam starts with a phishing email, tricking your customers into giving their account name and password away. This can take place either via email, or in other ingenious ways like a fake website.
The perpetrator uses this information to log into a customer’s account, change the password and delivery address, and then make unauthorized purchases for themselves. With many consumers only glancing at their bank statements, this type of scam can go unnoticed for some time.
Identify theft is a common news item because it’s a common eCommerce scam. A cybercriminal hacks into a database, stealing personal information including names, addresses, and credit card information. This data is later sold to another scammer who uses this information to open up accounts to pay for products. With this type of scam, you can be both a victim to the initial hacking and the fraudulent purchase of products from your account.
If you’re thinking of a typical rogue criminal when reading this blog, think again. Return scams can be carried out by both new and loyal customers – ordering enough products to trigger an affiliate scheme or loyalty reward, using that reward, and then returning the original products for a full refund. The customer benefits, and you’re left out of pocket.
A chargeback scam occurs when someone makes a purchase from your store and then later contacts their card provider requesting a chargeback because the item was never delivered. Of course, the item was delivered and received, but with no proof of delivery they get their money back and you have no money or product to show for it.
Finally, it’s worth us touching upon mobile fraud. M-commerce is growing, and it’s only a matter of time before the scammers follow. With mobile shopping involving e-wallets, payment alternatives, digital currency, and one-touch spending – mobile fraud is something you should keep up-to-date on.
Bank transfer fraud
Be careful about who’s emailing you, as unscrupulous thieves may surprise you with how well they can get around your systems. Whether it’s sending you an email address ending in .corn versus .com, or sending you emails posing as your suppliers from hacked accounts.
Protecting yourself from eCommerce scams
This all paints a very dim picture for the future of your eCommerce business – but it needn’t. With the right knowledge and processes, you can protect yourself and your customers from the hands of cybercriminals – starting with:
Ensuring that your systems are PCI compliant
The Payment Card Industry (PCI) is hot on the topic of eCommerce scams and, accordingly, has published extensive guidance on the storage and security of information. Ensure that your eCommerce platform and systems are all compliant with the PCI’s best-practice guidance (which can be found here) by opting for a platform and apps that guarantee compliance and come with secure online checkout, layered security, data encryption tools, and PCI scan.
Putting processes in place
Certain processes can significantly reduce the chances of an eCommerce scammer being successful. These include:
- Address verification when paying – ensuring that the address input matches the billing address;
- Requesting the three-digit CVV card security code when making any purchase;
- Mandating strong passwords; and
- Implementing two-step verification, like Amazon.
It is also advisable to prepare a plan of action for if a scam does take place so that you know what to do, who to inform, and how to recover quickly.
Monitoring customer behavior
Customers normally follow a familiar buying pattern – ordering the same types of products, spending a similar amount, and using the same delivery address. Fraud detection tools can monitor this behavior to alert you of anything unusual (such as excessive spending or shipping to a different state) that might indicate a scammer at work.
Always use tracking numbers
Be sure to track your packages, which will help you know exactly when items were delivered and prevent anyone from claiming that their item was undelivered.
While this service may initially cost more than standard shipping, you will soon find that customers are willing to spend more for premium shipping – driving conversions and reducing any financial impact. Plus, with access to bulk shipping discounts, you may find tracked deliveries cheaper when using an outsourced fulfillment partner.
Confirm changes in payment methods
A common way for fraudsters to trick you out of money is by posing as your suppliers or manufacturers and “updating” their bank information for wire transfers. Before proceeding, be sure to verify with your manufacturers on the phone whenever there is a change in payment methods.
Learning from your mistakes
eCommerce scams can be complex, intelligent, and difficult to spot. If a scammer does target your online business, the best thing to do is to learn from your mistakes, analyze how it happened, and implement additional processes to ensure that it doesn’t happen again.
eCommerce scams are an unfortunate part of running an eCommerce business, and as the technology to combat them develops, so does the technology used by scammers to create new scams. The best thing that you can do is to remain vigilant, keep on top of the latest trends, and do everything you can to prevent it from happening and minimizing the impact if it does.