E-commerce Fraud and How to Avoid It

E-commerce Fraud Prevention is a Must

The pandemic was a particularly ripe opportunity for e-commerce fraud. Socially isolated people connected only by the Internet (traffic surged some 60% during the pandemic) both for work and entertainment served as prime targets for e-commerce fraudsters. This is why the average value of attempted payment e-commerce fraud increased 69% year over year.  

E-commerce fraud in the United States is projected to exceed $20 billion in 2022. The types of e-commerce fraud encompass identity theft, account takeovers, “pharming” (directing users to a seemingly legitimate site in order to capture personal information), and chargeback fraud, among others. The largest e-commerce fraud market is China, accounting for about 40% of global e-commerce fraud losses (over $12 billion) in the next three years.

E-commerce fraud is an unfortunate reality that can cost Amazon sellers a significant amount of money. Fees lost revenue and operational costs can cost as much as two and a half times the amount of the original disputed transaction. Excessive e-commerce fraud can potentially bankrupt an Amazon seller’s business.

Amazon sellers unable to counter e-commerce fraud can experience not only financial loss but damage to their brand reputations because customers tend to hold them partly responsible for the fraud, even when they can’t be faulted for the fraudster’s actions. In addition, Amazon sellers with excessively high incidences of e-commerce fraud could be dropped by payment processors.

To understand e-commerce fraud and how to avoid it, let’s take a look at:

  • Types of e-commerce fraud
  • What you can do to avoid e-commerce fraud
fraud

Types of E-commerce Fraud

There are many types of e-commerce fraud. These are some of the most common that could affect your Amazon business.

Identity Theft

As the name implies, fraudsters steal personal identifiable information (PII) used to apply for credit, pay taxes, obtain government benefits, or purchase goods online. Fraudsters then use this identity information to make credit card purchases, apply for loans and new credit cards, open accounts, and even obtain tax returns.

There are several ways identity theft is conducted.

Phishing is when someone posing as a legitimate institution or seeming familiar friend or colleague contacts the victim by email or even by phone to obtain sensitive data such as banking and credit card details, and passwords. Sometimes fraudsters impersonate a charity asking potential victims to donate; this was particularly popular during the pandemic when people by and large wanted to help out as much as they could.

A variation of this, called pharming, is when the email directs the victim to what seems a legitimate website to purchase a product or complete a form. Yet another is when the email is opened, malware is embedded in the device to report to the fraudster PII that the victim enters into legitimate online forms and e-commerce sites.

If the credit card company agrees the card was stolen and this is a case of identity theft, in most cases the cardholder is refunded and possibly the Amazon seller reimbursed as well. However, the rules on liability vary depending on the credit card issuer; in some cases, the Amazon seller is stuck with the cost of the transaction for what is called “card-not-present” fraud, i.e., online credit card transactions.

Merchant Fraud

This is similar to identity theft, except the stolen credentials are those of the merchant. The fraudster obtains access to the merchant account and processes payments using stolen credit cards or accepts customer purchases that are never delivered. While the Amazon seller isn’t responsible to reimburse the fraudulent charges, it does affect the brand’s reputation. Future customers are less likely to do business with you if they know your business was victimized by merchant fraud.

acccount

Account Takeover

Account takeover (ATO), again just as the name indicates, uses stolen user login usernames and passwords to take ownership of a user account and frequently multiple accounts where people often reuse the same set of login credentials. ATO attacks often are not performed by the same individuals who stole the data; rather fraudsters obtain stolen credentials on black market sites called “the dark web.” However an ATO occurs, the owners of the stolen cards dispute the sales, and Amazon sellers may suffer fees and/or lost merchandise.

Synthetic ID Fraud

Synthetic identity fraud is one of the fastest-growing types of cybercrimes. A fraudster steals someone’s personal information or buys it on the dark web, then combines it with fake information to create a new identity. In some cases, the fraudster uses a single SSN (Social Security Number) to create multiple identities. Synthetic ID is used to build a good credit record over time, then they borrow a lot of money or charge a number of expensive items and disappear quickly before creditors can trace them. The Amazon seller loses unpaid merchandise.

Chargeback Fraud

Chargeback fraud is when cardholders intentionally dispute transactions they know they in fact authorized. For example, the fraudster may claim they never received a delivered package to receive a refund or may dispute an unreturnable purchase after feeling buyer’s remorse. While this is typically a one-time fraud by an individual who is not otherwise a cybercriminal, multiple occurrences from multiple cardholders can still cost the Amazon seller.  Amazon is now taking a picture of deliveries to verify they in fact occurred, so this may help discourage this practice.

refund fraud

Refund Fraud

A fraudster makes a purchase using a stolen credit card and then returns it for a refund, but asks to credit the refund to a different account. The fraudster gets the refund, the original cardholder disputes the charge, and the Amazon seller loses the sale and possibly potential fees.

Shipping/Interception Fraud

Fraudsters place an order using a stolen credit card but request a shipping address different from that on the card. The scammer gets the product, the legitimate owner of the card disputes the charge, the Amazon seller loses a sale, and the brand reputation suffers.

What You Can Do

You can’t prevent people from stealing credit card information and attempting e-commerce fraud. However, there are things you can do to reduce your exposure to e-commerce fraud.

Any of the following might indicate you are possibly a target of e-commerce fraud:

  • Unusually large quantity purchases.
  • New shipping addresses that:
    • aren’t on file in a customer profile 
    • just added to the account prior to a new substantial purchase 
    • change after an order is submitted
  • Sudden increases in transaction volume, are indicative of card testing, i.e., multiple small purchases to determine whether a stolen card hasn’t been reported and is still active.

If any of these occur, it doesn’t necessarily mean it’s a case of e-commerce fraud, just that you need to take some additional steps to contact the customer to ensure the purchase is legitimate.

Address Verification Service (AVS) is offered by many credit card companies to compare the submitted address with the one the issuing bank has on file and sends you an AVS code. These codes can indicate discrepancies between the existing address and the one provided by the fraudster.

Credit Verification Value (CVV) is a security number printed on the back of a credit card that is never stored online, which means the buyer needs to have a physical credit card in hand to read the CVV and make the purchase. This comes in handy to prevent transactions with card information stolen from online resources, though it doesn’t of course prevent fraud when the physical card is stolen and shared on the dark web.

Perhaps the best way to avoid e-commerce fraud is to require two-factor authentication for customer accounts. This requires a code texted or emailed to the customer to verify and complete a transaction. 

Get Your Owed FBA Reimbursement

E-commerce fraud can cost your business. So can losing out on FBA reimbursement Amazon owes you for mistakes in mishandling your inventory and order fulfillment, but which it doesn’t automatically refund.

GETIDA makes obtaining your FBA reimbursement simple, easy and cost-effective. GETIDA software reviews the previous 18 months of transactions to identify potential FBA reimbursement. With your approval, a team of former Amazon employees work on recovering your reimbursement. 

There is no charge for this. The only charge is a percentage of approved claims. And the first $400 in FBA reimbursement is free.