E-Commerce and online retail transactions & revenue continue to set new year-over-year records in 2020, creating one of the fastest-growing opportunities for bad actors and cybercriminals to defraud digital businesses of millions of dollars a year.
Just as e-commerce and online retailers are responding to the rapid growth in orders by finding new ways to scale shipping, delivery, and service, there needs to be just as strong of a focus on fraud detection and protection. The following are a few of the many approaches bad actors take to defraud e-commerce sites, online retailers, and consumers buying online:
The most common type of e-commerce fraud is Chargebacks, one of the most expensive types of fraud an online retailer will experience. It's a technique that often leads to additional fees, loss of inventory, services, and can even lead to them not being able to accept a specific type of credit card. Chargebacks can be the result of either criminal or friendly fraud. In either case, chargebacks are costly and take an excessive amount of time and cost to resolve.
Friendly fraud escalates the more online revenue an e-commerce site or online retailer generates and can account for between 40% to 80% of all fraud losses. Also known as First Party Fraud, this type of fraud occurs when customers request refunds from their issuing banks, claiming that transactions on credit card statements are fraudulent. Rather than contacting the business where a purchase was made, a consumer simply calls their bank, which, lacking verification information, refunds the consumer and issues a chargeback to the company. Friendly fraud can be either accidental or intentional.
Gaming and wireless fraud are one of the fastest-growing areas today, given the 126% year-over-year growth of online sales in this area as of April 2020. Credential stuffing, Account Takeover, and Streaming Potluck schemes are all used to defraud e-commerce sites and online retailers today. Credential stuffing is the use of mass login attempts to verify the validity of stolen username/password pairs. This information is used to take over accounts. Streaming Potluck is a technique where each member of a group brings their account for a streaming service and shares it. Each member of the group has access to all services. Depending on the service provider's business model, unauthorized account sharing can cause lost revenue.
Account Takeover (ATO) is rampant in gaming and spreading across every area of e-commerce today. The online gaming industry relies on real-time approvals of small transaction amounts to keep players engaged. Transactions need to be approved nearly instantaneously and at scale for a game to be financially successful. Fortunately, there are fraud prevention solutions that can analyze a transaction in less than a second, taking into account the many data points from other current and past transactions to see if it is real or fraudulent. From 2016 to 2017, losses from account takeover (ATO) rose 122% and reached $9B in 2019.
Thwarting Fraud Using A Real-Time Identity Trust Network
E-commerce sites and online retailers are facing an overwhelming workload of transactions, unusual activity, and fraud signals their fraud analysts are doing their best to keep up with today. Many are relying on systems that generate false positives, rejecting loyal customers who are legitimate buyers. That's one of the most common ways an online retailer will lose a customer.
False positives and slow response times often happen when the transaction is first assumed to be fraudulent. Instead of forever trying to fine-tune a risk score, quantifying trust with long-standing customers is showing the potential for improving fraud detection online. Kount is taking this approach by fine-tuning trust scores based on their Real-Time Identity Trust Network. The Trust Network is based on supervised and unsupervised machine learning algorithms that deliver personalized responses to transaction requests in milliseconds. Using supervised machine learning algorithms and techniques, Kount can learn from every customer interaction, gaining new insights into how to fine-tune identity trust for every customer's transaction.
While many online sellers are legitimate, unfortunately scammers can use the anonymous nature of the internet to rip off unsuspecting shoppers.
Scammers use the latest technology to set up fake retailer websites that look like genuine online retail stores. They may use sophisticated designs and layouts, possibly stolen logos, and even a ‘.com.au’ domain name and stolen Australian Business Number (ABN).
Many of these websites offer luxury items such as popular brands of clothing, jewellery and electronics at very low prices. Sometimes you will receive the item you paid for but they will be fake, other times you will receive nothing at all.
The biggest tip-off that a retail website is a scam is the method of payment. Scammers will often ask you to pay using a money order, pre-loaded money card, or wire transfer, but if you send your money this way, it’s unlikely you will see it again or receive your purchased item.
A newer version of online shopping scams involves the use of social media platforms to set up fake online stores. They open the store for a short time, often selling fake branded clothing or jewellery. After making a number of sales, the stores disappear. They also use social media to advertise their fake website, so do not trust a site just because you have seen it advertised or shared on social media. The best way to detect an fake trader or social media online shopping scam is to search for reviews before purchasing.
A product is advertised at an unbelievably low price, or advertised to have amazing benefits or features that sound too good to be true.
The other party insists on immediate payment, or payment by electronic funds transfer or a wire service. They may insist that you pay up-front for vouchers before you can access a cheap deal or a give-away.
The social media based store is very new and selling products at very low prices. The store may have limited information about delivery and other policies.
An online retailer does not provide adequate information about privacy, terms and conditions of use, dispute resolution or contact details. The seller may be based overseas, or the seller does not allow payment through a secure payment service such as PayPal or a credit card transaction.
Online payment services like Google Pay, Paytm, and PhonePe have grown in popularity over the past few years thanks to the government’s ‘Digital India’ push. UPI (or Unified Payments Interface) has made it easy for users to transfer money and our dependence on these services may have even increased during the ongoing coronavirus lockdown as people are forced to stay at home and make payments online instead of doing it in person via cash. Thus, this is the time to be extra vigilant when it comes to UPI scams as fraudsters try to dupe unsuspecting users since scammers are always on the lookout to trick users into giving them money directly from their bank accounts, and UPI is a great tool for them to do so. In fact, several people have lost thousands and lakhs of rupees in these UPI scams. Here are a few popular UPI scams through which fraudsters are able to scam people using apps such as Google Pay and PhonePe.
Request Money scam
One of the most common UPI scams is the ‘Request Money’ scam. This happens when a user receives a request to pay money instead of getting a payment, and isn’t paying enough attention to the transaction. OLX and Quikr are well-known for hunting grounds for frauds using this scam. On apps like Google Pay, PhonePe, BHIM, etc., there is an option to request money from another person, which is something fraudsters take advantage of. Say you’re expecting a payment from a person for a product you want to sell, but instead of paying you the amount, the person sends a payment request for that amount. You receive the request and, unassumingly, enter your UPI M-PIN. As soon as you enter the PIN, you have validated the transaction and the money gets transferred from your bank account to the fraudster’s account.
Cashback/ refund scam
This is a variation of the Request Money scam, wherein the scammer will call and pose as an agent of the bank or a major retail chain. She/ he says the user has been awarded some cashback and asks them to accept it via any UPI app of your choice. Many scammers even keep an eye on Twitter and Facebook for complaints shared by users on the platform; they then call as executives of such companies and promise to process a refund. Within seconds, the user gets a message mentioning the said amount on your UPI app; in a rush to encash the cashback, many users enter their PIN. However, this will be a payment request — UPI apps do not require users to enter PIN to accept a payment. This means they authorised a UPI payment from their phone instead of accepting money from the caller. This is a fairly common scam and many have fallen for it.
Remote access/ Vishing
UPI has a simple four-digit PIN to authorise transactions. The simplicity of this process also makes it easy for hackers to transfer funds from your bank to their accounts once they discover your PIN. One of the ways hackers can do this is by accessing your phone remotely using apps like AnyDesk. This is a remote desktop software that can allow hackers to gain access to your phone and all the OTPs it receives.
Protect yourself
Check if the website or social media page has the policies that sound fair. The better online shopping and auction sites have detailed complaint or dispute handling processes in case something goes wrong.
When using retail websites, find out exactly who you are dealing with. If it is an Australian company, you are in a much better position to sort out the problem if something goes wrong.
When making online payments, only pay for items using a secure payment service—look for a URL starting with ‘https’ and a closed padlock symbol, or a payment provider such as PayPal. Think twice before using virtual currencies such as bitcoin—they do not have the same protections as other transaction methods so you can’t get your money back once you send it.
Avoid any arrangement with a stranger that asks for up-front payment via money order, wire transfer, international funds transfer, pre-loaded card or electronic currency, like Bitcoin. It is rare to recover money sent this way. Never send money or give credit card or online account details to anyone you don’t know or trust.
By prioritizing trust over risk scores, e-commerce and online retailers can reduce false positives, friction, and lost sales. Apart from strengthening fraud prediction and prevention, improving user experiences is by far the most important area of any e-commerce strategy today. Having a trust score that continually learns about each customer to reduce transaction delays further and improve accuracy using machine learning is proving effective in thwarting fraud. Trust is the best revenue accelerator there is, and now is the time to enhance e-commerce and online retailing with a more precise approach to completing sales.
Get the Best Bank Nifty Option tip on a daily basis and start making money with our professional Bank Nifty tips desk which gets you profit in less than two hours every day.
You
should Trade Less But Trade Accurately & this is Achieved with our Tip.
