Combat Ecommerce Fraud with BigCommerce and Signifyd
Get The Print Version
Tired of scrolling? Download a PDF version for easier offline reading and sharing with coworkers.
A link to download the PDF will arrive in your inbox shortly.
Ecommerce fraud takes on all shapes and sizes. But whether you’re talking about sophisticated bot attacks or consumers looking for bogus refunds, one thing remains the same: fraud can cost your business big.
Ecommerce fraud is any deception that occurs over the internet with the goal of financial or personal gain of the fraudster. It is also sometimes called payment fraud. But what does it look like in practice?
What does ecommerce fraud look like in 2023, and how can your business protect itself from attacks?
Credit card fraud is the umbrella term for fraud that is committed using a credit card or debit card. In the context of ecommerce fraud, credit card fraud is also known as card-not-present fraud and payment fraud.
In credit card fraud conducted online, the fraudster uses stolen credit card information to purchase products or services from a web merchant.
Affiliate fraud is illegal activity intended to generate affiliate commissions. In affiliate marketing, online merchants pay affiliates a commission for sales that affiliates refer to. The merchants give affiliates a unique, trackable web link that points shoppers to the merchant’s store pages.
When a shopper clicks on one of these links and makes a purchase, the merchant rewards the affiliate for the referral by giving the affiliate a commission (typically a percentage of the sale price).
In affiliate fraud, criminals game the system and defraud the online merchant using fake activity to either generate commissions or to increase the amount of the commissions.
In the world of credit card transactions, a chargeback is a demand that a credit card provider makes to a retailer to refund a fraudulent or disputed transaction.
In the online commerce world, chargeback fraud occurs when an online shopper makes a purchase with their credit card, receives the purchased goods or services, but then requests a refund from the credit card company, who pushes that through the issuing bank (the bank that issued their credit card, also known as the card issuer).
Often called “friendly fraud,” this type of fraud results in the payment processor demanding that the retailer refund the purchase amount to the issuing bank. When a bank demands a chargeback, the online merchant is responsible for refunding the purchase.
Most ecommerce stores provide customers with accounts that store personal information, financial data and purchase history. Cybercriminals hack into these accounts through phishing schemes.
In one of the most common tactics, fraudsters send emails to trick customers into revealing personal data like usernames and passwords. They then log into the customers’ accounts, change the passwords and make unauthorized purchases.
In interception fraud, fraudsters use stolen credit cards to make online purchases, ship the goods to the address that’s on file for the credit card at checkout, but then intercept the package before it is delivered.
For example, a criminal will visit an online merchant such as Amazon and use a stolen name, address and credit card to purchase an item. After the transaction is completed, the criminal calls customer service before the item has shipped and changes the delivery address to the criminal’s desired pickup location.
Triangulation fraud uses three steps to defraud online merchants. In the first step, criminals create a fake online storefront, typically one that offers popular brand-name goods at bargain-basement prices. The only goal of the site is to steal names, addresses and credit card numbers from unsuspecting shoppers.
In the second step, the fraudsters use the stolen customer credentials and credit card numbers to visit a legitimate online store, buy exactly what the victim purchased from the fake store and ship it to the customer.
The third step is the payoff for the fraudsters. They use the stolen customer data to make additional online purchases that they ship to themselves. This type of fraud typically remains undiscovered for a longer time than other types of online fraud because the original purchase (from the fake site) raises no suspicions on the part of the victim.
In 2022, ecommerce fraud varied by industry. The largest growth in fraud came from the collectables industry, with fraud increasing 106% year over year.
The next largest industry was luxury goods, which experienced a 104% increase in fraud year over year. In third came leisure and outdoor, which saw a 42% increase.
Some verticals, however, did experience a decline in fraud pressure over 2022.
Alcohol, tobacco and cannabis ecommerce businesses have seen fraud decrease by 28%. Beauty and cosmetics have seen a decrease of 39%. But the largest decrease in fraud by vertical was seen by business supplies, with a 48% decrease in 2022.
While the graphs above show how wide the variance in fraudulent activity can be, one thing is for sure: ecommerce fraud isn’t going away anytime soon.
In fact, malicious actors are finding new ways to attack businesses and attempting to get around safeguards in place.
Our partner Signifyd has done extensive research into what one fraudulent charge can actually mean for a merchant. The true cost of a fraudulent transaction on a $100-valued order actually comes out to an average of $206.80.
While the initial order itself may be only valued at $100, there are a variety of other costs associated with it, including the wholesale cost of goods, shipping and fulfillment and marketing costs.
Then there are the charges associated with the fraud itself: processing fees, chargeback fees and manual review rates. Add to that additional fees for fighting abusive claims with a payment provider… the list becomes quite extensive.
Fraudsters are using new technologies and techniques to attack merchants and subvert fraud detection software.
Automation has long been the name of the game for fraudsters in a variety of industries. In 2023, analysts expect bad actors to take advantage of new automated technologies, like automated phishing.
This innovation — paired with a number of high-profile data breaches over the last two years— means that merchants will need to work hard to examine every transaction to determine intent.
Inflation and rising prices, higher expectations and challenging economic times have all impacted the way consumers view fraudulent activity. These, along with many other factors, have caused some consumers to turn to fraud as a way to earn a quick buck.
Merchants will need to be wary of false claims about credit card charges, fulfillment and product quality, and return fraud.
At BigCommerce, we partner with a number of ecommerce protection platforms, like Signifyd.
Signifyd is a pioneer among fraud-prevention companies that use big data and machine learning to distinguish between fraudulent and legitimate transactions and one of the few that offers a financial guarantee that its automated decisions are correct.
At its core, Signifyd is a decision provider. It relies on its Commerce Network of thousands of retailers worldwide to provide the transaction, behavioral and historical intelligence it needs to fuel machine-learning models that determine the identity and intent behind each transaction.
Understanding identity and intent allows Signifyd’s Commerce Protection Platform to provide online merchants and brands with decisions at key points in the buying journey:
Whether to ship an order or decline it because it is fraudulent.
Whether to provide an immediate refund or to wait until a returned product is received and inspected.
Or whether to make good on a merchant fulfillment error or whether to contest a consumer’s claim because it is not valid.
Providing those decisions accurately and quickly is a key to providing a memorable customer experience, which in turn is a key to creating customer lifetime value.
Ecommerce fraud is a common occurrence in 2023. From phishing and account takeovers to credit card fraud, bad actors can employ a variety of techniques to defraud merchants. It’s imperative for merchants to remain on their guard as technologies continue to evolve.
But sometimes that’s easier said than done. Bringing in a fraud prevention and protection partner like Signifyd can help protect merchants from fraudulent charges and ensure business success. To find out more about the new breed of fraud protection, reach out to BigCommerce partner Signifyd.
Reed Hartman is a Content Marketing Manager at BigCommerce, where he uses his years of research, writing and marketing experience to help inform and educate business owners on all things ecommerce.