How to help prevent ecommerce fraud (infographic)

Image by mohamed Hassan from

By Dori Bright

Online shopping was already on the rise before COVID-19. Yet with lockdown restrictions and social distancing guidelines in place, more people have turned to ecommerce out of necessity.1

This is great news if you’re an online merchant. You can now service a larger pool of potential customers around the globe. However, increased online shopping creates more opportunities for scams, fraud, and other types of cyberattacks. It’s not just the direct out-of-pocket losses of which you have to be wary. Factoring in litigation, penalties, and diminished consumer confidence, the true cost of online fraud can be up to three times the original monetary value of whatever was stolen.2 This may help explain why the majority of small businesses shut down their operations within six months of a cyberattack.3

One of the first things you’ll want to consider when setting up a new ecommerce business is to have the right fraud detection services lined up so you can quickly identify any fraud that may occur. To understand what types of fraud you might encounter, this guide covers three of the most common types of online fraud, complete with strategies to help you avoid these scams.

Account takeover fraud (ATO)

With account takeover fraud, cybercriminals gain access to a customer’s username and password to make fraudulent purchases with whatever credit card credentials are stored under that user’s account. These criminals also update the shipping address to ensure they receive the delivered goods.

You can help prevent ato fraud by requiring two-factor authentication (2FA) for all customers and employees. This makes it harder for criminals to gain access to user accounts. In addition, consider restricting all deliveries to the “billing” address on file.

Card testing fraud

With this type of fraud, criminals test stolen credit cards by running small back-to-back transactions – usually under $1. This results in out-of-pocket losses for you, not to mention authorization fees for each successful transaction. If a stolen card works, that criminal may then start buying bigger-ticket items, resulting in even more losses and fees.

Working with your processor, you should set up your payment environment to reject any purchases that don’t correspond with the prices you charge. If the cheapest item in your inventory costs $10, for example, there should never be a charge for $9.99 or less. It may also be worth using online velocity filters to prevent thieves from testing multiple cards back to back when shopping in your eCommerce store.

Friendly fraud

Despite the name, there’s nothing friendly about this fraud. Also known as chargeback fraud, this type of scam happens whenever a fraudster buys something from you – only to claim he or she never placed the order or that it didn’t arrive. Instead of requesting a refund directly from you, the fraudster goes through his or her credit card company for reimbursement. Thereafter, the credit card company comes after you for repayment.

It’s now your responsibility to prove the purchase was legitimate, which is hard to do for anonymous, online transactions. However, there are steps you can take to help strengthen your case:

-Disabling guest checkout is a good start. Requiring two-factor authentication is even better. Both strategies help make it harder for customers to claim they never placed the order.

-Consider adding tracking to all deliveries. Adding signature requirements is also a wise move. Doing so helps make it harder for customers to claim they never received the order.

Even for experienced security experts, staying ahead of ecommerce fraud is difficult since criminals keep developing newer and more inventive methods for scamming small businesses and customers alike. Although the above examples represent some of the more common fraud tactics out there, this list is barely scratching the surface.

To learn more tips on how best to protect yourself and your customers, be sure to review the accompanying resource.
How to prevent e-commerce fraud graphic


Dori Bright is Senior Vice President of Marketing Intelligence and Small Business Market Development at Fiserv, a leading global provider of eCommerce payments and financial technology solutions, helping businesses connect with customers through physical, digital, and mobile payment experiences that drive commerce.
1 “US ecommerce sales grow 14.9% in 2019,” Digital Commerce 360, 19 February 2020
2 “CNP Fraud Costs US Merchants $3.36 for Every $1 of Direct Fraud Loss,” Card Not Present, 30 July 2020
3 “60 Percent of Small Businesses Fold Within 6 Months of a Cyber Attack,” Inc., 7 May 2018

Leave a Reply

The Self-Employment Survival Guide can help you succeed. Learn all about it here.

Self-Employment Survival Guide book cover