Multiple Ways for Fraudsters to Gain Access
Consumer’s online accounts are prime targets for cybercriminals. Most contain a load of valuable personal information, such as names, addresses, dates of births and even credit card details. There are multiple ways for cybercriminals to get hold of these details, such as phishing, social engineering, hacking, credential stuffing… Every so often, e-commerce frauds start with a data breach. Dark web marketplaces have made personal information more accessible. This makes it easier for cybercriminals to gain access to consumers’ online accounts.
Account Take-Over and Shipping Fraud on the Rise
TransUnion’s 2020 e-commerce report (update September 2022: report not available anymore) focuses on the impact and growth opportunities of mobile e-commerce and the trending risks merchants and consumers are facing. The two top trends highlighted in the report are account take-overs and shipping fraud. E-commerce account take-overs increased no less than 347% from 2018 to 2019. Over the same time period, shipping fraud jumped 391%. If a consumer uses the same password for different accounts, a hacker can easily take over multiple accounts and impersonate the person, shop to their heart’s content or even commit identity theft. In the case of shipping fraud, criminals usually change the delivery address. Or, in order to avoid detection, they don’t change the shipping address, but rather redirect the in-transit shipment via the carrier, once the package has shipped.
Transaction Declined
Online shopping accounts have become the fastest-growing segment for account take-overs. It is now a larger “market” for cybercriminals than online banking, gambling and insurance account take-overs. Mostly, this is because these types of accounts are generally more secure and users use two-factor authentication more often for them. Contradictorily, part of the reason for this rise is that online retailers are in some cases reluctant to implement fraud prevention programs. This is because some solutions don’t have sufficient controls to avoid large amounts of false positives, also called false declines. False positives occur when a fraud prevention program incorrectly flags a legitimate online purchase as illegitimate. This is a scenario most consumers are all too familiar with: they have taken the time to research the products, compared the prices, made a selection and are ready to pay for their order. Next… their transaction is declined.
All About Mobile
These days, online shopping is happening more and more often on a mobile device. It is usually faster and easier. Therefore, it has become the new norm for consumers to reach for their mobile when they want to shop online. This is especially the case for millennials (58%) and Gen Z (49%), according to a poll organized by software company Episerver. Unfortunately, some consumers are not sufficiently aware of some of the extra risks. In 2019, mobile transactions increased by 32%. Potential fraud from mobile devices, however, increased by 118% over the same time period, TransUnion’s report said. In some cases, malicious adware, or malicious links direct users to fake retail websites or a fake ad-on on a genuine retail site. Some scammers also set up fake online stores on social media platforms. For extra protection it is wise to secure your connection with a VPN.
