As an eCommerce professional, you have a lot on your plate. From managing your inventory and establishing 3PL relationships, to marketing your products and keeping up with the ever-changing market, your days are busy enough without added headaches to contend with. Even when everything runs smoothly, eCommerce is a challenging industry, but fraud can completely upend your business, costing you time and money, and wreaking havoc on your operations and bottom line.
Every $1 in fraud costs retailers in the United States $3.60 in total expenses, compared to $3.13 pre-pandemic, according to LexisNexis. In the U.S., eCommerce merchants have been hit with the highest fraud costs, losing an average of $3.90 for every dollar in fraud losses. Of these, nearly half are related to replacing and redistributing lost goods — and the price of your reputation can’t be calculated.
On top of the overall rising cost, merchants are experiencing higher fraud costs in the mobile channel, and fraud has increased amid the pandemic, driven by opportunity and desperation.
As an eCommerce professional, you need to protect your customers and yourself against potential fraud. eCommerce fraud has risen nearly twice as fast as sales, making it more important than ever to be on the lookout for common types — and prepared to combat them.
eCommerce fraud is any type of fraud that takes place in an eCommerce transaction. Using a stolen or fake credit card, a fake identity, and fraudulent affiliate advertising are all forms of eCommerce fraud. When a customer engages in fraudulent activities on your online store, you as the retailer will absorb the cost, negatively impacting your revenue and creating problems for you.
One reason eCommerce fraud is so prevalent is that prosecutions are rare due to time and resource constraints, and the burden of gathering evidence. Because prosecutions are so uncommon, it’s best to integrate high-quality fraud detection or prevention management systems that help you detect and eliminate possible fraud on your platform and protect your business.
Fraudsters are leveraging new, more advanced tactics every year, too, which means eCommerce fraud is constantly changing and highly sophisticated. However, you can protect yourself and your customers from these common types of eCommerce fraud by knowing what to look for and how to beat them.
Sometimes called “card-not-present,” “card cracking,” or “payment fraud,” credit card fraud is one of the most common forms of eCommerce fraud.
It occurs when a credit card stolen from a genuine cardholder is used to make an online purchase. Often, the stolen card and cardholder’s information are employed in the ruse, looking like a legitimate purchase made by a verified customer.
One of the easiest ways to spot credit card fraud is by looking for card testing. This is a widespread tactic used by fraudsters who’ve gained access to one or more credit card numbers, but aren’t sure if those numbers can be used to complete a transaction successfully, or what the limit associated with that credit card might be.
The fraudulent user then visits your online shop and makes small test purchases, often utilizing bots or scripts to test many numbers quickly. These first purchases are usually tiny, as the only reason for them is to see if a credit card number can be successfully used. Once they know a number will work, they move on quickly to make a far more expensive purchase.
These initial small purchases usually go undetected by merchants or impacted customers. By the time large purchases are made and discovered by the merchant or credit card holder, it’s often too late.
You can prevent credit card fraud by requiring address verification through an address verification system (AVS) and the card verification value (CVV) from the credit card. It’s likely if a user has access to both of these, that user is the legitimate cardholder and you’re not at risk of fraud.
You can also set up alerts in your system to let you know when the same customer has made multiple purchases in a short period of time. If it’s a legitimate purchase, your customer service team can send out a note thanking the customer for their business and creating a stronger relationship. If it’s not legitimate, this opens the door for your team to uncover the fraud and stop the shipment before the warehouse sends it out and loses you both the money and the product.
Another common form of payment fraud is known as “chargeback fraud” or “friendly fraud,” which occurs when a legitimate cardholder makes a purchase and then contacts his or her bank to reverse the charges after receiving their order.
The term “friendly fraud” might seem extra infuriating since it’s anything but convivial for you. In many cases, chargeback fraud is the result of a stolen credit card. Friendly fraud occurs when a customer is legitimately trying to cheat you, by receiving your product and then submitting a chargeback claim. Chargebacks were introduced as a method of consumer protection, but the industry regulations have been unable to keep pace with technology and payment options, leading to loopholes that hurt merchants.
In addition to the loss of revenue (and product) incurred when a fraudulent chargeback occurs, merchants are slapped with an additional fee, which is never recouped, even if the chargeback is later cancelled.
In most cases, the issuing financial institution will side with its customer, not the merchant, making it especially difficult for sellers to stop this process once it’s begun. Your best defense is a great offense, fight each chargeback case with screenshots and data showing that you implemented as many tools as you could to protect your store.
To prevent friendly fraud, simple tactics such as ensuring your descriptors are accurate, offering solid customer service, and creating blacklists for customers who request friendly fraud chargebacks can help protect you.
Upon first impression, supply chain fraud might seem unlikely — like a fancy bank heist you see on a film — but it’s more common than you think. Given the sheer complexity and scale of today’s supply chains, fraud poses a larger threat than ever before. Like the credit card bandits, these fraudsters are as sophisticated as they are bothersome.
Supply chain fraud can overlap a number of types of fraud: financial fraud, misrepresentation of goods/services, bribery, and collaboration and collusion between parties.
It can begin long before you’ve had a sale. Misrepresentation of goods is a common form of supply chain fraud, requiring eCommerce merchants to be especially careful about vetting suppliers to ensure the goods or services are as advertised (e.g., legitimate brands rather than counterfeit items).
Unfortunately, fraud can happen at any point throughout the supply chain, and the costs can be astronomical. Paying close attention to communications, staying on top of vendor processes and procedures, and diligently checking on your inventory as it moves can help prevent fraud and theft of goods.
Tip: Watch out for suppliers who change their banking information for money transfers, and always confirm on a phone call before wiring money to a new account.
Another form of supply chain fraud is cargo theft, a wide-reaching and remarkably unreported issue faced by all parties within the supply chain. Many view cargo theft as an unfortunate, but unavoidable cost of doing business, and many countries still lack a unified reporting agency or database.
In the U.S., however, there are a number of independent entities who track cargo theft, with several backed by the companies that foot the bill for these crimes. But the data is spotty.
The goal of cargo thefts typically is resale, so the focus is usually on items that can be sold quickly and easily. That makes smaller, in-demand, and easy-to-move products popular targets.
In most cases, cargo theft is pre-planned and takes place while goods are in transit, with thieves posing as a legitimate carrier for the pickup, stealing unattended cargo, or even going so far as to rob drivers. Occasionally, cargo theft is a crime of opportunity, such as when items are left unattended.
Cargo theft can also happen on a smaller scale, such as when packages are left on doorsteps, and so tends to happen more around the holiday season. Requiring a signature at the door and other safeguards during the shipment process can help you prevent this smaller-scale (but equally expensive and frustrating) form of theft.
Third-party logistics (3PL) partners are one of the most important relationships for eCommerce merchants, but they also need to be carefully selected and monitored. A good 3PL partner will have safeguards in place to ensure your inventory is properly managed and protected, but sneaky and fraudulent companies are out there.
Having tools in place, including an alert system like the ones that Pipe17 customers use for inventory management, can find and trigger alerts for you as to inventory mismatch between your store and your warehouse. If inventory is decremented by the warehouse at a different rate than orders are causing, an alert system can be the first way for you to spot a problem.
As the logistics industry continues to scale to meet the growing global demand of eCommerce, inventory loss is sadly keeping pace. One reason for this loss is ineffective security safeguards such as alarm systems, closed-circuit television, and uniformed guards — all commonly used to protect from breaking and entering, but not internal theft.
Internal 3PL theft can take many forms, from the use of your inventory to fulfill orders for other clients, to small- or large-scale theft of goods for resale. The result is costly for vendors and, unless perpetrators are caught, there’s often little or no recourse.
To avoid 3PL theft, it’s imperative you adequately vet potential partners and perform regular auditing of your inventory and security protocols. Sophisticated thieves will outsmart even the best security systems and procedures, so it’s especially important to find a 3PL with an airtight security system in place. Ask lots of questions, seek reviews or feedback from existing customers, and, of course, remain diligent about regularly checking your warehouse management system and fulfillment reports to look for anything amiss.
When you think of theft, your mind almost immediately goes to the tangible: taking your inventory. While you’re focused on ensuring your supply chain is legitimate and protected, and working closely with your 3PL though, it’s easy to miss one of the sneakier forms of thievery: website theft.
After years of research, hard work, and dedication to your business, you’ve built a great store and an appealing inventory of products. You’ve carefully tracked keywords, supported strong SEO in your content marketing, and steadily built your business … only to have someone rip off and duplicate all your work. Website theft most commonly refers to the act of “copying” your website, from name to images, text, and other content, and benefiting from your hard work.
When website theft occurs, it competes with your site for traffic and sales, impacting your bottom line and creating confusion. Further, if the copycat website doesn’t deliver on its (or rather, your) promises, it can damage your reputation. In short, it’s a big headache for you.
Preventing website theft is difficult. As we know, once something’s on the internet, it’s hard to take it down, and fraudsters are prolific and tenacious. To thwart fraudsters’ efforts, you can begin by disabling users’ ability to identify your best-selling products, which makes it more difficult for them to spot products to rip off. Secondly, you can employ apps and other tools to disable right-clicking and highlight to copy and paste; this makes it especially difficult for would-be copycats to steal your images and content.
Website theft can also occur when hackers take over your legitimate website, stealing customer information and even preventing you from accessing your online store. To protect yourself from these, use a trusted and reputable hosting site (e.g., Shopify), and engage in regular password updates. These and other security measures can keep you (and your customers) safe.
Theft and fraud are, unfortunately, a reality for eCommerce professionals in today’s market. As online shopping continues to grow in popularity among consumers, so, too, will the opportunities for fraudsters to make a quick buck at the expense of hardworking merchants. While it may seem like there are many types of fraud to worry about, the truth is, you can take small steps today to protect yourself, your customers, and your business.
By carefully selecting your vendors throughout the supply chain, from your suppliers to your 3PL partners, you can ensure you work with trustworthy and secure organizations who have your back. Utilizing fraud filters and other apps or tools to boost online security will minimize or even eradicate risk payment fraud and website theft. Finally, requiring additional security measures (namely, CVV and AVS) can reduce the likelihood of card cracking and payment fraud requiring chargebacks, which cost you inventory and revenue.
Kathleen Sullivan Garman has been an Ecommerce Operations Leader for 20+ years, helping dozens of companies set up the right backend processes. She’s currently running ecommerce operations at Remaker Labs (the masterminds behind CarryHitch).
As Pipe17’s Ecommerce Operations Advisor, Kathleen provides valuable input to our product team and advises customers on best practices. Kathleen is an avid snow skier and scuba diver and would rather be under the ocean than above it. She volunteers as the executive director of Mended Hearts of Spokane, a cardiac charity.