A new malware campaign has compromised hundreds of ecommerce sites that use the Adobe Commerce (formerly Magento) platform. An August 2024 Cybernews® article titled “Hackers target online shoppers in new Adobe ecommerce malware campaign” reported that the malware campaign is stealing payment information from online shoppers on those sites. This news is alarming for online businesses that rely on the platform, but it also highlights the fact that this can happen with any platform. Online businesses need fraud prevention and chargeback protection to protect their bottom line.
If you’re wondering how this sort of breach could happen, it’s because many online sellers mistakenly think they’re too small or unknown to be fraud targets.
The reality is that every online business is a target. Fraudsters know new stores often lack comprehensive fraud protection, making them easy targets for online fraud. While small-business owners are learning the basics — like what is a chargeback on a credit card — fraudsters may already be inflicting chargebacks, usually in a few ways.
This happens when thieves make small purchases to test stolen card data or make increasingly larger purchases to test credit limits. Fraudsters often target small stores for card testing because they assume there won’t be proper data-entry and fraud controls in place to spot large numbers of attempts to place orders during short amounts of time.
Once the criminals have validated the card information, they can move on to larger fraudulent orders. These fraudulent orders are often placed for items with high resale value, such as designer clothing, accessories and jewelry.
When the real cardholder disputes the fraudulent charges — either the small card-testing transactions or the larger orders of goods to resell — the seller faces a potential chargeback. With each confirmed chargeback, businesses lose the revenue from the sale, lose any shipped merchandise and face a chargeback fee from the bank. If the number of chargebacks rises too high or too fast, online retailers may pay higher payment-processing fees or lose their merchant accounts on short notice.
Criminals are starting to use AI-powered bots to commit fraud, but infinitely faster. Using chatbots, fraudsters can create communications to target members of your team who work within your security framework. AI bots are even being used to penetrate the metaverse with microtransaction fraud, spam and scams.
Security magazine identifies a few schemes to look out for:
Leveraging a type of AI-powered fraud, criminals in this most recent hacker attack used malware to compromise sites. Hackers take advantage of vulnerabilities and inject digital skimmers injected into the site code, turning over control remotely. From there, criminals scrape the personal and payment data provided during checkout and for storage in a database. That stolen data is then available for use by the hackers or for sale on the black market.
Preventing all of these fraud schemes is essential, but not all fraud prevention solutions are the same. Online businesses should select a fraud prevention partner that offers a comprehensive solution.
You have multiple options for integrating fraud prevention tools, and sorting through them all can be daunting. Look for a partner like ClearSale that focuses exclusively on fraud protection, has the expertise to prevent fraud from damaging your business and is constantly monitoring the changing fraud landscape.
The hybrid model pairs advanced machine learning with highly trained human analysts to address the friendly fraud threat in real time. Not only does that help protect your business over the long term, but by applying a global lens and a large database of orders across industries, a hybrid solution enables both AI and analysts to quickly recognize fraud trends and help clients eliminate fraud threats and prevent chargebacks — all while approving more orders, faster.
Chargebacks can siphon away a small business’s profits. Every dollar in chargebacks costs businesses $2.50 in time, fees, goods, and shipping, not to mention the costs associated with penalties and punitive actions if your chargeback rate crosses the 1% threshold.
That’s why ecommerce businesses need a fraud prevention strategy that includes comprehensive chargeback services such as conducting data audits and gathering compelling evidence to help prove whether the customer received the purchased products.
Depending on your business needs, ClearSale combines AI and fraud expertise to help you protect your business from fraud.
Not only does ClearSale provide fraud protection with a range of service levels and chargeback management — we also offer brand protection and cyberthreat services to prevent fraud from happening in the first place.
ClearSale’s database is massive, spanning industries and continents. That means that, once we detect a criminal attack perpetrated on any platform, our algorithm will likely recognize it before it impacts other clients. And we’ve been preventing and protecting businesses from ecommerce fraud since the first online transaction was made. Our analysts have literally seen it all, and our AI-enabled algorithm has been constantly learning and improving fraud detection accuracy since way back then.
Not to mention, our long-standing partnership with Adobe — and Magento before that — means we have the tools in place to address fraud on that platform and virtually any other.
While fraud prevention can be complex, adding tools to your store is easy and usually takes just three steps:
By using an established ecommerce platform and a strong fraud-prevention solution provider, you can focus on your core business goals, protect your revenue stream and give your new business the best possible future.
If your business has been impacted by the most recent Adobe Commerce hacking scheme, reach out to us. We have trusted partners who can help your team contain the breach. Then let’s talk about protecting your business from dealing with this again.