Semalt: Common Types of Fraud Affecting E-Commerce
Criminals seem attracted to the alternative payment methods as they serve as a perfect place to conduct fraud. Ever since the year 2013, e-commerce fraud cases have increased by 19% in that for every $100, 5.65 cents go to the fraudsters.
The following article, Max Bell, the Semalt Customer Success Manager, explains the most common types of e-commerce fraud.
They account for 71%, 66% phishing, and 63% account theft. The attackers mostly target credit cards. The goal here is to carry out transactions with a different identity as coming up with a new identity is tedious. Fraudsters target personal information, which enables them to conduct these online transactions. Phishing is a widely used method to fish for client information from websites. Pharming is a technique whereby an attacker manipulates a website to direct customers to a given website, from where the passwords they use are then used to appropriate someone's identity. Attacks on e-commerce providers, and using malware to attacks websites also fall into this category. Man-in-the-middle attacks are more sophisticated and involve siphoning data by hijacking communication between the website and the customer.
Here, customers order for goods and then use a "pull" form of payment like a direct debit, or credit card. They then initiate a chargeback claiming that their account information was hacked or stolen. These types of customers get wrongly reimbursed, yet keep the goods or services. It goes hand in hand with re-shipping whereby the customer does not want to avail their physical address for delivery. Rather, they use intermediaries who use their details to acquire the product.
In this case, a hacker uses a credit card to make a purchase, but they manipulate the details of the transactions to circumvent the fraud detection systems. Fraudsters require technical expertize to carry out this kind of fraud. It requires mastering how the detection systems work, and a great deal about the owners of the stolen card. They then use this correct information to fool the system. Before carrying out a successful clean fraud activity, they must test the card to see if it works.
One may use a fully automated process or get real people to log in as merchants using fake accounts. The objective is to gather as much money as they can from affiliate programs by manipulating traffic or statistics for the sign-up forms.
It involves three processes. The first is to create a fake storefront offering low prices on goods with high demand. The second step is to use stolen credit card data and using the names gathered off of these credit cards, make purchases from real stores. They make sure to deliver the product to the customer to ensure credibility on first purchase. Finally, the fraudster uses the information from the stolen card to make further purchases.
This type of fraud is straightforward: the fraudster offers goods at low prices, but never ships them to the customer. They, however, keep the payments and is not unique to a particular type of payment.
More International Fraud
The prevalence of fraud is the lack of an integrated system to provide a singular view of all the transactions made in over 14 countries, and in different markets. 52% view increased fraud as a significant challenge, and a similar number not aware of the tools available to them for fraud prevention. Language barriers inhibit management of fraud across countries, and for individuals.
Fraud proves to be a challenge for any merchant. However, as they adopt a multichannel sales medium, the threat is bound to exacerbate. Third party websites lead in fraud activity, followed by mobile phones, and finally, merchant's websites.