Online shopping has become so common that it seems to have always been around. eCommerce has completely revolutionized retail; not that long ago, people used the Internet mostly to read product reviews or compare prices before going to a physical store to make their purchases. Today, more and more people are shopping online, and the benefits of comparison shopping and the convenience of home delivery make online shopping hard to beat. People are using both computers and smartphones to buy almost everything, from groceries to building supplies as well as to book expensive vacation packages.
Now that money changes “hands” in the online world, criminals are working hard to make sure they are able to carry out their fraudulent activities where the money is, stealing both money and data from online shoppers and businesses. In this blog we discuss the most popular fraud methods used today that eCommerce businesses and their customers should be aware of.
1. EMV-Driven Fraud / Card-Not-Present Fraud
Europay, Mastercard, Visa (EMV) fraud occurs when the customer makes a purchase by phone or online, giving the card’s data verbally or electronically. The fraudster obtains the cardholder’s personal details through phishing or via a dishonest employee who passes the information along after a purchase. Another less common way is hacking a merchant’s database. The latest figures estimate the global loss to EMV fraud alone at over $25 billion a year. Along with monitoring spending habits and typical card usage, credit card payment processors try to minimize fraud by checking the CVV security code. However, if the fraudster has obtained these details, the transaction is indistinguishable from a legitimate one.
2. New Account Fraud
New Account Fraud (NAF) occurs when a fraudster creates a new account based on stolen personal information. A Social Security number is often, but not always, required to commit this kind of fraud. Since it is a new account, almost limitless online purchases can be made before the merchants and credit card companies recognize that fraud has occurred. The fraudster uses a different mailing address to prevent the victim from seeing the bills and detecting the fraud until it’s too late. New account fraud totaled $3.4 billion in the US in 2018 with fraudsters looking beyond EMV fraud and moving into loans, including mortgages.
3. Account Takeover Fraud
Account Takeover Fraud takes place when a fraudster illegally accesses a victim’s account using stolen credentials or bots. Fraudsters can begin making purchases immediately and, as with New Account Fraud, there is a time lag from the time of fraud to its detection. Often victims only realize the theft has occurred after they receive their monthly statements. Account takeover fraud has increased significantly in recent years, with fraudsters learning how to evade authentication methods. In 2018, an estimated 679,000 Americans were victims of this kind of fraud.
4. Friendly Fraud
Friendly fraud occurs when someone who has access to a customer’s card uses it without the customer’s knowledge. For example, a teenager ordering pizza without their parents’ knowledge. In some cases, the customer made a purchase but forgot about it. What distinguishes friendly fraud from other types of fraud is the customer’s attitude and behavior when they complain; in the case of friendly fraud, it’s clear that the purchase was actually made.
5. Loyalty Fraud
Loyalty and rewards programs have become valuable to fraudsters; 72% of airline loyalty programs have a fraud issue. Notably, 10% of these programs did not know if they had a fraud problem or did not know that it was possible for loyalty fraud to occur. Miles and points can be used as cash when they are used to purchase goods and services. Consumers and many businesses that offer loyalty programs are not necessarily aware of the value the loyalty points have to fraudsters. This explains why there aren’t many security measures applied to protect loyalty programs, and why fraudsters have been able to take advantage. Account data is stolen and points are transferred to fake accounts, later to be sold online.
The Changing Face of Fraud
It is clear that as increasing amounts of retailers and shoppers move toward digital channels, fraudsters are developing more sophisticated methods to steal data and carry out fraudulent activities. The key to fighting fraud of all types is to always be aware of current and new threats and to be able to mitigate them with the correct tools and solutions.