To stay ahead of fraud attempts, e-commerce merchants need to be aware of the most common fraud schemes that are being used to target e-commerce stores today. In 2022, some of the top e-commerce fraud trends include:
- BOPIS fraud
- Returns fraud, including:
- Wardrobing fraud
- Chargeback fraud
- Return as a service (RaaS) fraud
- Account takeovers
- New account fraud
- Synthetic fraud
- Bot imposters
- SQL injection
- Cross-site scripting
- Backdoor file fraud
- Data breaches
When you know how to protect your business, it’s possible to avoid all of these types of fraud.
Key E-Commerce Fraud Trends in 2022
Online fraud complaints grew to 2,184,531 in 2020, making it likely that you will experience online payment fraud sooner or later, and while the e-commerce fraud rate in Europe is lower than the global average, implementing fraud protection tips and having a solid fraud prevention program can help you eliminate (or at least reduce) financial losses from online fraud.
Buy Online Pick up In-Store (BOPIS)
“Click and collect” became a popular biosecurity strategy during COVID-19 as customers tried to avoid handling cash. However, the system of handing over goods that same day after online payments had already been made opened the door for opportunistic fraudsters to collect other customers’ goods (for free).
The solution to BOPIS fraud is to require account registration for online payments and ask for the customer’s ID when they come to collect their purchase. Running AVS (address verification service) and CVS (card verification) checks at the checkout provides an additional layer of security.
Seeing as online retailers, on average, experience at least a 30% return rate, it’s unsurprising that returns fraud has made a comeback in 2022. While a straightforward returns policy is essential for keeping good customers coming back, it’s important to know how returns fraud works and how to stop these fraud attempts in their tracks.
Wardrobing fraud is so common that perpetrators might not even consider themselves to be fraudsters. In this kind of fraud, customers purchase high-end luxury goods online, use them once and return them with the tags still intact before the returns period has passed.
There are several solutions to wardrobing fraud:
- Put the tags in places that are hard to conceal.
- Design tags that are not easily removed and replaced.
- Make your returns policy extremely strict as far as not accepting dirt, perfume and other markers of wear on returned items.
Friendly Fraud / Chargeback Fraud
Friendly fraud, also known as chargeback fraud, occurs when online shoppers claim not to have received the goods—often weeks or months later—and force chargebacks through their card-issuing bank. Ultimately, it’s e-commerce retailers who bear the financial loss.
Solutions to friendly fraud:
- Track shipments and require a signature upon delivery.
- Follow up about the arrival of purchases around a week after purchase.
- Make your returns policy easy to access.
- Issue refunds promptly and cheerfully.
- Choose a merchant service provider with chargeback protection.
Return as a service (RaaS)
Return as a service is a more sophisticated kind of fraud that involves professionals and amateurs working together to target e-commerce merchants and make money off fraudulent transactions involving returns.
To prevent RaaS, put strict time limits on returns, always require the receipt and check it in your system and offer store credit rather than cash refunds. Make it clear to employees that colluding in any kind of fraud will result in immediate termination and criminal proceedings.
Account fraud, or payments fraud, covers three more e-commerce fraud trends that you’re likely to see in 2022:
- Account takeovers. Fraudsters use stolen credentials and stolen credit card details to log in to customers’ accounts, make purchases and intercept the purchases before they are received. Account takeover is often part of identity theft.
- New Account fraud. This is one of the e-commerce fraud trends that has risen significantly in recent years—increasing by 27.8% worldwide (year to date) in 2019. Fraudsters create a new account using a stolen credit card and usually make purchases within 24 hours of creating the account.
- Synthetic fraud. Synthetic fraud occurs when fraudsters create a synthetic identity using the details of several real people, stolen from the deep web. This synthetic identity is then typically used to secure credit. Synthetic identity fraud attacks are mostly an issue for online retailers who offer delayed payments or payments in instalments.
The best way to reduce all types of payment fraud is to conduct background checks on new customers and verify the information provided. Some of the most-used fraud detection tools include:
- Card verification number (CVN)
- Address verification service (AVS)
- Postal address validation
- Geographic maps and indicators
- Email verification tools
- Phone number verification using reverse lookup tools
Several types of digital fraud have come to the fore in recent years and are likely to continue in 2022. The most common kinds of digital fraud, according to Signal Sciences, 2019, are:
- Bot imposters – Malicious bots impersonate Google bots and look for holes in websites’ software.
- SQL injection – Hackers enter code into an input field box—like a username or password field—to return all of the usernames and passwords on your database.
- Cross-site scripting (CSS) – Hackers create redirect links that either take good customers to phishing websites or take customers through an affiliate link to earn affiliate commissions unethically.
- Backdoor files – Hackers enter the backdoor of your website to gain remote access to data files and make remote changes to your website.
Preventing these kinds of fraud attacks can be a little trickier than preventing payments fraud, but it’s not impossible. To slow online fraudsters down, merchants can:
- Benchmark legitimate Google bots
- Know their affiliates and review affiliate commission statements regularly
- Add banners to educate their customers about how to recognise their official website (HTTPS address, trust markers, logo or image in search results)
- Add SQL parameters to the user account fields to prevent SQL injection
- Have an up-to-date firewall and antivirus and refrain from downloading suspicious files
In many cases, fraudulent transactions are perpetrated by bad actors inside the company or people from inside and outside of the company colluding. This is a problem not only because of the economic costs of card-not-present fraud but also because of the effects on customer trust and the reputation of the company in general when the fraud is discovered.
To prevent internal data breaches, internal identity theft and fraud, it’s essential to use a PCI-compliant global payment gateway that uses secure encryption for all transactions. In addition, merchants need to train their staff in payment security, restrict access to credit card details and warn their staff that there will be criminal proceedings for any account of fraud.
Choose Customisable Fraud Protection That Works for You 24/7
Now that you know about the top e-commerce fraud trends for 2022, it’s time to take action with fraud protection software that keeps you in control. The best fraud prevention software will work for you around the clock and allow you to make decisions, such as allowing more returns during high-volume periods or accepting purchases from customers who you know are travelling abroad.
While fraudulent transactions will never be eliminated completely, staying abreast of the trends and using a fraud prevention service that’s updated to secure the latest threats will help to keep any losses to a minimum.