If you have an e-commerce store, you know that protecting your online store against fraud and scams is essential for business. Vigilant digital security is more important than ever to protect your business and your customers. In the post-COVID world, fraudulent purchase attempts have increased by 69% in 2021 alone.
Unfortunately, there is no one-size-fits-all solution to protecting your business against these threats. Small business owners should take various precautions to protect themselves.
As a business owner, you have options and steps you can take to reduce the risk of fraud and scams against your business.
What is an online scam?
Simply put, an online scam is when someone tricks you or your business out of money over the internet. They are usually facilitated by cybercriminals and can range from credit card to identity theft.
Online scams have been around for a long time but have increased due to increased online sales due to COVID-19 as many small businesses have been forced to quickly build an e-commerce gateway to their stores due to restrictions . At the start of the pandemic, the FBI went so far as to warn the general public about hackers and scammers.
Some scammers go so far as to use social engineering tactics. These attacks use scare tactics to trick users or employees into handing over confidential and sensitive information.
How important is staying safe online?
Business owners tend to store personal information on their computers, such as credit card details and passwords, which are the information sought by cybercriminals.
Staying safe online will prevent your business from suffering a major loss from a compromise. The damage caused by the scam is not just about lost revenue or damaged property, it can also result in the loss of valuable brand equity with potential customers.
The impact of fraud on your business can be serious. This may require you to manage:
- The cost of lost merchandise, handling or shipping of any fraudulent orders
- Chargeback fees
- Damage to your company’s reputation
- The loss of your business bank account
Fighting fraud is tough, but understanding the different types can help you identify where and when attacks might be happening.
What are the types of online scams?
Here are some of the most common scams targeting online businesses today.
It seems that every day a new email scam emerges. Phishing emails appear to come from a legitimate sender, but are intended to obtain sensitive information from the recipient. For example, in Canada, there are regulations such as the Canadian Anti-Spam Legislation that have been put in place to protect against fraud and spam.
You may have received an email or text message alert that your work account has been compromised. Clicking on the link may make you vulnerable to hackers who may target personal and business information. Always make sure you trust the sender before opening attachments or clicking on links.
Business owners should be aware that scammers continue to become more sophisticated in their delivery by impersonating a legitimate brand. You can avoid receiving phishing emails by making sure your firewall and anti-virus software are up to date.
Small business owners can also be tricked by scammers who send fake emails containing invoices in an attempt to collect their payment.
You can avoid any potential loss by ensuring your business has a clear billing process. This way, if your business receives an invoice, it can be traced back to approved expenses in your database.
Card Absent Fraud (CNP)
This type of fraud occurs when a scammer uses a stolen credit card, consumer identity, or bank card data.
Usually, an NPC follows the process below:
- The scammer makes an online purchase with a stolen credit card.
- The issuing bank approves the purchase and the items are delivered to the scammer. The cardholder does not acknowledge the purchase and requests a chargeback from their credit card company.
- The merchant must in return reimburse the rightful owner of a card and ends up with a loss. In an extreme case, your store could be penalized and blacklisted.
Your store can protect against CNP fraud with advanced authorization tools, such as multi-step authorization or tokenization.
Don’t be fooled by the name, this type of scam is anything but friendly. This happens when a customer, who has paid for and received their item, files a chargeback request with their credit card company.
Sometimes it can be an honest mistake on the part of the customer, as they might not recognize the store name on their credit card statements. But there are times when friendly fraud is committed with malicious intent. Some customers go so far as to hire professionals who report the fraud and get their money back for a fee.
Friendly fraud is a growing concern. And, without meticulous record keeping, you could be liable for all the fees and penalties that come with chargebacks.
Government agency imposter scams
There is a recent trend of cybercriminals trying to scam companies by pretending to belong to government organizations like the IRS or the Social Security Administration. Scammers scare victims with legal repercussions and ask for money in advance or demand to be paid in installments by phone or email.
The best way to avoid getting scammed this way is to call the government agency and inquire about the offer or benefit. Avoid the contact information in the ad and look for the agency’s official website instead.
Account takeover (ATO) fraud is on the rise this year. More than 22% of American adults are victims of scammers hacking into unsecured accounts. These cybercriminals use the stolen information to perform unauthorized transactions, which can have a serious impact on your business.
We can expect ATO fraud cases to continue to rise in 2022 as cybercriminals get more creative with their schemes. There are now automated methods, such as scripting, that make this type of fraud easier than ever.
As a merchant, you can protect your customers from ATO fraud by providing two-step authorization or biometric passwords before customers complete their purchases.
How to identify online fraud?
The process of identifying potential fraud can be difficult. But these days, merchants have the ability to do their own digging and investigating to help catch suspicious purchases and track down fraudulent activity.
- Take note of unusual account activity. It is important to note anything unusual. For example, note things like multiple failed transactions. This can be an indication that maybe something is going on and needs to be investigated further. Remember that if a fraudster is successful, they can retry the fraud, so be sure to blacklist their phone, email address, IP address, and billing address.
- Check addresses. Most secure transactions are those with shipping, billing, and IP addresses in close proximity to each other. The greater the distance, the higher the risk that the purchase is fraudulent. If the IP address is also masked, this can also be a sign of a scam.
How do I protect my business against fraud?
Getting scammed is the last thing you want to do. Here are some tips to avoid it:
- Provide fraud and theft prevention training to employees. It’s a good idea to train employees and encourage them to come up with anything out of the norm. Business owners can host cyber security awareness sessions to keep up to date with some of the newest scams on the internet.
- Do not share passwords and sensitive information via email. Make sure that passwords and sensitive information are not sent by email. This is because emails are sent as plain text and are therefore not encrypted. If a hacker gains access to your inbox or that of one of your employees, it could result in the loss of sensitive information.
- Check invoices and payments. You may be dealing with scammers. Make sure they are who they say they are before approving payments or invoices.
- Perform security audits. This will allow you to identify potential weak points that could make it easier for online scammers to acquire your customers’ information or commit future fraud. You can run phishing tests or mirror your website.
Trying to protect your online store from fraud and other scams can be a challenge. Being aware of the security of your online store is the first step to keeping it safe. Staying alert can prevent you from falling victim to fraudulent activity or losing money to chargebacks.