Fighting Ecommerce Fraud: Strategies & Tips To Prevent Fraud
May 23, 2022
The Bolt Team
Retailers start a business for any number of reasons. Some want to scratch the entrepreneurial itch. Others believe they have an idea that can take off. But no one becomes a retailer to contend with the never-ending supply of ecommerce fraud.
That is unfortunately the state of retail these days. Fraud has run rampant, and retailers now spend too much time thwarting these occurrences. Below are some effective strategies and tips for combating fraud.
Fraud: 5 Letters that Keep Retailers Up at Night
Fraud leaves a bad taste in shoppers’ mouths, but it doesn’t have to be that way. Learn how retailers can protect their customers and sales from fraud.Download Report
What is ecommerce fraud?
The past decade has seen worldwide ecommerce sales grow from a few hundred billion in the early 2010s to nearly 5 trillion in 2021. In the US alone, ecommerce sales now account for 13.2% of total sales, and that number is growing each year.
What’s driving this adoption is convenience. Shoppers can order anything imaginable as long as they have an internet connection — even something like groceries, long believed to be immune to the so-called “Amazon Effect,” can be ordered with a few clicks on the phone.
The sheer volume of online shopping has, by all intents, made life easier for most people, but it hasn’t come without some unintended consequences, particularly the rise in fraud. Fraud is one of the costliest problems facing retailers, and it’s no surprise why.
Bad actors have followed the flow of money into ecommerce—with many laying out well-thought plans to exploit retailers for their own good.
That unfortunately leaves retailers with an alphabet soup of fraud; there is friendly fraud, chargeback fraud, buy online pickup in-store fraud, and the list goes on. Falling victim to any of these costs retailers billions of dollars each year, but reputational damage is the bigger issue.
Our recent study with YouGov found that 71% of customers would view a brand unfavorably if their information were compromised.
Why does ecommerce fraud happen?
With so much at risk, retailers would benefit from understanding what motivates fraudulent behavior. Of course, money is one part of the equation. If an industry pulls in sales over $5 trillion each year, it will always be a hotbed for fraud. But that doesn’t answer why fraud happens so frequently.
Fraudsters are steps ahead of retailers
Many retailers only recently migrated to digital storefronts, and as a result, they’re still learning about modern technologies and their threats. For sophisticated hackers and even tech-enthusiasts, the lack of know-how has become a feeding frenzy for exploiting websites in their infancy.
It’s not prosecuted often
We’ve all seen the jarring videos of shoplifters strolling out of a Walgreens or CVS clutching a garbage bag filled with stolen goods. Now imagine the same taking place across millions of stores online. Fraudsters carry out these actions without fear, mainly because prosecution is rare in both offline and online fraud.
It’s hard to detect
It bears repeating that retailers don’t always have the technical know-how to protect themselves against known and unknown threats. Until retailers get up-to-speed with the evolving ecommerce landscape, bad actors will feel encouraged that their crimes are untraceable.
What are some common types of fraud?
The first step in preventing fraud is knowing what you don’t know. In the past decade, new types of fraud have cropped up with alarming regularity, and now there are more than the industry knows.
Friendly fraud sounds innocuous in name, but it has given retailers a headache over the years. In fact, the 2022 Chargeback Field Report found that 94% of merchants view friendly fraud as an issue for their business.
Friendly fraud occurs when consumers dispute credit card charges after knowingly making a purchase. When done effectively, the bad actors receive the ordered goods, and the credit card company removes the charges in question. This is possible because of the strong consumer protections across the country, which steer credit card companies and banks in favor of consumers.
Reshipping fraud has also become more prominent in recent years. Criminals in third-world countries order big-ticket items with stolen credits, and instead of shipping the items to their home country, someone in the United States receives the package. That person then reships the stolen merchandise to other parts of the world.
Buy Online Pick Up In-Store (BOPIS) Fraud
The click and collect method isn’t new, but it only became popular in the years since the pandemic outbreak. And as a result, bad actors have taken advantage of BOPIS. As the name implies, BOPIS lets shoppers purchase goods online, and instead of waiting days for a delivery, they perform the last-mile delivery themselves.
There are numerous ways fraudsters exploit BOPIS. For one, click and collect shoppers don’t come up against the same advanced fraud detection algorithms that online shoppers face. What’s more, there is often a communication lapse between the website and physical store, which fraudsters can exploit.
6 Tips for preventing ecommerce fraud
1. Be diligent and audit frequently
Conducting regular security audits can help retailers identify vulnerabilities before it’s too late. In these checks, retailers should ask themselves a few questions.
- Is my store still PCI-DSS compliant?
- Are we using industry best practices for passwords?
- Are we encrypting personally identifiable information?
- Does your fraud provider release patches and updates?
2. Monitor for suspicious behavior
Bad actors often think they’re two steps ahead of retailers, but in reality, most fraudsters follow a similar playbook. Look out for some common behaviors to identify fraud:
- Using multiple shipping addresses
- Switching between VPNs
- Gradually increasing basket sizes
- Ordering at erratic hours
3. Follow relevant industry regulations
Online stores that accept credit card payments must comply with regulations, notably the Payment Card Industry Data Security Standard (PCI-DSS). PCI compliance means stores follow data security standards that prompt education, awareness, and effective implementation. Fraud providers like Bolt can help unsavvy retailers comply with relevant regulations like PCI and GDPR.
4. Develop a network of retailers
A corner store victimized by a string of crimes may consult with stores in the area to see if adjacent stores faced the same fate. Doing the same online was not easy in the past, but with the Bolt Network, retailers can tap into millions of retailers who may be contending with fraud. If we see the same risky profile elsewhere on the Network, we can prevent suspicious activity on retailers’ websites.
5. Collect only what’s necessary
Completing an online order doesn’t require a birthday, social security number, and mother’s maiden name. So in most cases, retailers should ask for less, only collecting the data they need to complete and ship a transaction. When retailers keep a lean profile of customers, they are at less risk of facing a hack or undue threat.
6. Partner with a modern fraud solution
For many ecommerce businesses, doing each of the above steps can feel like running a marathon without training. It’s a lot to ask, especially when retailers don’t have enough resources or time.
That’s why retailers should consider partnering with a modern fraud solution. Providers like Bolt automate the necessary steps to safeguard retailers from existential threats and protect customers from unwanted risks.
Bolt Fraud Protection, in particular, feeds hundreds of behavioral signals into a supervised machine learning model to prevent fraud early and often. Doing so has allowed us to approve an industry-leading 99% of orders, and if we do miss something, we will indemnify you for losses.