E-commerce merchants have seen a lot in the last six months —from a record-breaking holiday shopping season to a sudden spike in online shopping as consumers around the world shelter in place to avoid coronavirus.
But with this added traffic comes added risk.
Increased volume is almost sure to bring out opportunistic fraudsters trying to compromise customers’ accounts and online data and damage a merchant’s reputation and revenue. So, merchants must be aware of new and evolving e-commerce risks.
Here are five predictions about what those risks might look like in 2020.
The number of data breaches rose 17% in 2019, including high-profile victims Capital One, Wawa and DoorDash. Fraudsters continue these types of attacks in the hopes of gaining customer data that will help them launch account takeover attacks and compromise other customer accounts.
If there’s any good news to be found, it’s that there was a 65% reduction in the exposure of personally identifiable information, like Social Security numbers, driver’s license numbers and bank account data.
Still, merchants must closely examine their security protocols and take steps to protect customer data, like:
As COVID-19 continues to affect the way the world operates and does business, it’s critical for merchants to understand the “fraud triangle,” or how the interaction of pressure, opportunity and rationalization significantly affects the fraud rate in a location.
The prevalence of each of these factors varies by region, but here’s how each point of the triangle contributes to fraudulent behavior:
Companies must account for these factors when evaluating the risk of engaging in international business. Fortunately, there are simple ways to minimize the increased risk of fraud during periods of economic uncertainty:
While social distancing and self-isolation have shown employers just how much their employees can do from home, it hasn’t been without its risks. The quick, unexpected transition from secured office networks to unsecured home office systems is leaving companies vulnerable to fraudsters. Even the World Health Organization (WHO) has been a recent target, with hackers able to convincingly replicate a portal used by remote WHO employees.
Here’s just a sampling of what businesses should be on the lookout for:
Phishing attacks designed to steal funds and tax data rose 60% in 2018, in part because criminal gangs are leveraging legitimate business tools like marketing contact lists to target specific victims to scam. Fraudsters are also getting better at impersonating brands that consumers trust, such as Microsoft, Amazon and Netflix, to dupe email recipients into handing over login credentials that can be used to launch account takeover attacks.
Employees may be eager to take advantage of free Wifi when at their local coffee shop or in the airport, but they don’t realize they might be placing their devices and its content at risk for an attack. Hackers can set up rogue networks designed to look like free Wifi access points but whose true intent is to harvest a business’s sensitive data, install malware or launch malicious attacks.
Any device a company’s employee is using to perform work tasks should be protected with preventive software, like antivirus, firewalls and device encryption.
New regulations, while well-intentioned, can serve to expose gaps in payment processes and opportunities for fraudsters to leverage weak points in the fraud prevention armor.
For example, new 3D Secure and the Payment Services Directive (PSD2) regulations are designed to make it harder for cybercriminals to make a purchase with someone else’s payment card information. But in reality, many merchants might not be seeing these benefits right away. Merchants might still be using outdated fraud prevention solutions that don’t meet PSD2 requirements and aren’t robust enough to protect against emerging fraud threats. And as PSD2 allows the opportunity for new payment intermediaries, that could lead to an increase in transaction volumes — which could correlate with an increase in fraudulent transactions.
While there are new fraud risks to merchants in 2020, one thing remains the same: Merchants can benefit from partnering with an outsourced solution for fraud prevention. Merchants benefit not only from these solutions’ wide range of expertise, but also their ability to identify emerging (and subtle) fraud patterns before they have a chance to do real damage.
But picking the right solution to collaborate with isn’t always easy. You need to understand your risk for fraud and chargebacks and be able to evaluate the different fraud prevention alternatives available — from simple fraud filters to managed services solutions.
At ClearSale, we’ve made it easier for you to navigate the often-confusing world of fraud prevention and protection and help you find the right solution for growing your business. Our free “Merchant Guide to e-Commerce Fraud Protection” helps you understand your risks, so you can take the right steps to protect your business, your profits, and your good reputation.