Clearsale Blog | Insights on Ecommerce and fraud

“I Don’t Need Fraud Protection — My Business Isn’t at Risk!”

Written by Sarah Elizabeth | Oct 1, 2020

As an e-commerce merchant, you know the risk of fraud, false declines and chargebacks. But maybe you think it won’t happen to you because you’re a relatively new — or small — e-commerce merchant, or because you think your products are not attractive to fraudsters.

Or maybe it’s because you’re selling a new product that hasn’t yet taken off. Or that fraudsters go after the Amazons and the Walmarts of the world, so there is no reason to come after you, right?

Wrong.

While it’s possible these factors could minimize your risk of being a victim, they certainly don’t eliminate it. Here are two myths you might be telling yourself about your risk of being defrauded and the truth behind them.

 

“We’re a Small Company That’s Not Worth a Fraudster’s Time”

Most small business owners don’t expect their business will ever be the victim of fraud. After all, you’re just a small fish in a big pond, and it’s the enterprise retailers that are the bigger target. But it’s what you don’t know — and that you aren’t doing — that can hurt you.

Accenture reports that 43% of cyberattacks target small businesses, yet 65% of small businesses don’t encrypt or safeguard their sensitive or confidential business data and only 14% are prepared for a cyberattack.

This makes these businesses the perfect target for fraudsters.

Some businesses don’t protect themselves or their customers because they’re lulled into a false sense of security that they’re immune from fraud. Others just don’t know what fraud threats to guard against, while others may think that fraud prevention is simply too expensive to implement and maintain — especially if they haven’t yet been a victim.

But all it takes is one attack to disrupt your entire organization. Cyberattacks cost businesses of all sizes an average of $200,000, with 60% going out of business within six months of the attack.

Still sure you aren’t worth a fraudster’s time?

 

“We Have Black- and Whitelists in Place to Protect Us”

Even if you realize you could be at risk, you might think the black- and whitelists you’ve put in place are enough to prevent fraud, chargebacks and false declines. Unfortunately, that’s not always the case.

It’s true that implementing blacklists will help you block fraudsters, but it’s not foolproof. Smart fraudsters have great tricks that let them fool blacklists and bypass the system. Fraudsters are agile and adaptable, which means they’re always changing the details they use when placing online orders — creating new email accounts, using new stolen credit cards and using proxy servers to hide their true location.

Even worse, blacklists can end up blocking good customers with legitimate orders. For example, a good customer might be trying to use their payment or address information … that a fraudster has stolen from them.

Whitelists — lists of good customers whose orders are automatically approved — can be just as problematic. But while blacklists end up contributing to false declines, whitelists often result in elevated chargeback rates. Here’s why: Most fraudsters use stolen credit card data to make their purchases. And when they use account data that’s included on your whitelist, your fraud prevention solution will approve that order without even taking a second look at it. And it won’t be until the true cardholder files a chargeback on the purchase that you’ll realize the limits of your whitelist.

“We Sell Low Value Products Only”

It makes sense that merchants selling high-value items like luxury goods or consumer electronics would be particularly cautious about fraud. When each item costs three, four, or even five figures, a fraudulent transaction can be devastating.

That doesn’t mean, however, that other merchants can be complacent.

Merchants who sell lower-value items often fall prey to a very specific type of fraud: card testing. This type of fraud involves thieves making small, incremental purchases with stolen cards, to assess the card’s credit limit and purchasing power, to see if the card number is valid, and to match card numbers to CVV numbers. While the purchases may be small, card-testing is big business, often involving organized criminals and the use of bots.

This fraud can be difficult to detect, as fraudsters will often use the correct shipping address—they only care if the card works for them, not if they receive the item. In some situations, however, a merchant may find themselves targeted by a wave of card testing, with hundreds of small-value fraudulent transactions taking place.

Once the fraudster has a tried and tested card number in their hand, they will use the card at the same (or another) retailer to pull off a bigger fraud attempt.

 

How a Multilayered Fraud Prevention System Can Help

Chargebacks, fraud and false declines are a costly – yet inevitable – part of doing business, especially when you have an online store. So as an e-commerce merchant, you want to do everything you can to minimize your risk. And that means understanding that you’re a target and also developing a clear understanding of the fraud landscape and how to protect yourself.

Implementing a multilayer approach may be a smart first step. At ClearSale, our 700-plus fraud analysts perform real-time evaluations on every order and offer the immediate, accurate decisions that keep your business running. And because we never automatically decline orders, transactions are never incorrectly denied — even during the most challenging sales peaks. The result? Increased approval rates without an increase in chargebacks and false declines.

Talk with one of our analysts today to learn how our multilayered approach can help you increase approval rates, protect against chargebacks and prevent credit card fraud.