eCommerce fraud featured image

Most Common Types of eCommerce Fraud You Should Know About

May 18, 2022 / Posted in Credit Cards

Online merchants are thriving more than ever, and it is expected that the next two years will be the most lucrative ones yet. Unfortunately, fraudsters are following trends as well, and as the marketplace continues to expand, all types of eCommerce fraud are becoming an increasingly bigger problem. eCommerce fraud protection is a serious topic that every online business should consider seriously, and you can begin by getting to know what kind of scams exist.

There Are Several Types of Recurring ECommerce Frauds That Online Merchants Have to Be Aware Of

If you plan to start a new business in the field of online merchant services, it is absolutely essential to gain as much knowledge as you can about eCommerce fraud detection. Naturally, you would like for your company to be recognized for good customer service, but unfortunately, there are many fraudsters waiting for an opportunity to use that to their advantage. Here are the most common scams:

Testing Scam

We will start this guide to eCommerce fraud with the testing (often also called cracking) scam, which is one of the most frequent ones. Nowadays, the winner in cards vs. cash is obvious. However, bank cards offer many opportunities for scams, and it is necessary to know how to prevent scams with cards. Fraudsters are able to obtain numerous credit cards by stealing or buying information on the dark web. They will then find a random online business and start making small purchases to check whether the stolen data is genuine (scammers can get scammed by purchasing false data on the dark web). If the transaction is carried out, scammers will be able to see the card’s available resources and start making all sorts of expensive purchases. The main issue with this scam is that it is often discovered after a number of expensive transactions have been made. A small recurring payment often goes unnoticed.

Friendly/Chargeback Scam

A scammer will make a purchase and then ask for a chargeback. If it is successful, the bank’s payment processor will return the entire sum to the scammer, while the business will still have to pay credit card transaction fees. What is more, the scammer will, in most cases, receive the item for free afterward. A chargeback scam often works like this: a scammer will try to dispute a credit card charge by claiming, for example, that the item has not been delivered and that the application for a refund has been filed, but there has been no answer. Also, a frequent claim is that the purchase has been canceled but that the delivery was nevertheless performed. It is not unusual for claims that are well-devised to be successful.

Account takeover scam

This type of scam happens when a scammer gets a hold of an account. One of the most popular online small enterprise ideas is to implement registration on their websites. This means that customers can register and make purchases with their accounts (often, customers can link their cards with accounts and get discounts by doing so). Unfortunately, accounts can often get hacked, and a scammer will use all available resources. Although an enterprise usually does not take responsibility if a customer has lost their account (people often carelessly give away their information,) your reputation can sustain irreparable damage. When such scams occur, people often immediately pass the blame on merchants by stating that they have dubious account safety measures. Often the most successful small online businesses are the ones where customers feel safe to open accounts.

Refund scam

Stolen cards are again the main instruments for this scam. Fraudsters will contact an online enterprise and report that an accidental overpayment has occurred. At first, this claim will look completely valid since the transaction will be valid. But the scammer will then ask for reimbursement to be sent on a different number (the stolen one will probably, by this time, be blocked). What happens is that the scammer will receive the items and plus extra cash, while the enterprise will have legal obligations towards the original owner.

Triangulation scam

This scam works differently than the usual ones. The scammer will basically create a website that will serve as an alternative to Shopify or Amazon, where various items will be advertised for incredibly low prices. Next, the scammer will use all stolen cards to purchase goods from your website (triangulation cannot work without stolen credit cards). Ironically, customers who have purchased items from the scammer’s website will receive their items, but your enterprise will face many problems once the owners of the cards notice fraudulent activity. What is more, even a more tragicomic scenario can occur. Business owners can make the mistake of purchasing their own goods from scammers once they have seen the affordable prices.

Interception scam

Scammers can make a purchase using someone else’s information and then try to change the address of delivery. Often, they will call the company and try to reroute the delivery. But, also, they often call the shipping service or even try to get hold of the driver in order to give new address information. There have even been cases where scammers live in the vicinity of the victim and have waited for the delivery in person.

Ecommerce Fraud Prevention Is the Key to Establishing a Successful Online Enterprise

Merchant services and credit card processing services go hand in hand nowadays. There are many reliable credit card processing companies for small businesses that will offer safe and efficient payment options. But, there are also other preemptive measures that every online entrepreneur should take into consideration. There is no reason to run a high-risk enterprise.

Every Online Company Should Operate in Compliance With PCI Standards

The PCI standard (The Payment Card Industry Data Security Standard) is a set of rules that every online enterprise should follow. Being PCI compliant means that you have implemented safety measures for both you and your customers. Some of the measures are implementing a firewall and having a system for credit card statistics. The official law states that PCI has to be followed unless you want to pay non-compliance fees. All in all, it is illogical not to have PCI compliance as it will directly increase the cybersecurity of your enterprise.

In General, for Better Fraud Protection and Prevention, Do Not Ask For Too Much Information

You shouldn’t ask your customers for information that doesn’t really affect transactions. The best prevention is not having the information that a scammer can steal in the first place. This means that the website should only ask for things that are necessary for purchases and shipment. Birth dates, social security numbers, or pictures are often completely unnecessary.

Person typing in information

There Are Many Scam Detection Solutions Available on the Market

Scam detection solutions are third-party programs that offer comprehensive protection against cybercrime. They are used by all sorts of online enterprises but are highly recommended for smaller, developing businesses. Scam detection solutions have a large amount of data about the majority of online scams, and they basically serve as anti-virus programs that will notify its owner about potential fraudulent activity.

Blacklists Are a Great Way to Fend Ecommerce Scammers Off

Blacklists work great with scam detection solutions. Blacklist means that once you have been notified about fraudulent activity, you will block that person from making any further purchases on your website. Of course, the same person may attempt to scam you from another account, but scammers often employ the same patterns, and once you have an extensive blacklist, it will be easy to recognize fraudsters.

Glasses and a laptop behind

Strong Customer Authentication Is a Reliable Way to Confirm Someone’s Identity

Strong customer authentication (SCA) is an additional safety measure that stands before the final confirmation of transactions, and it is one of the best solutions to confirm someone’s identity. What this means is that you will implement an additional step before the transaction can be completed. These are the two most usual methods employed:

You can implement an additional password which will only be used before the transaction completion. This password will only be known by the customer. Questions that only customers know answers to are also popular passwords.

You can implement a secret code. Often, this is a combination of letters and numbers that the customers receive on mobile devices before confirming the transaction. This combination is different for each transaction, and there is a limited period of time for entering the code. If the code is not entered in a timely manner, the process must be repeated.

All in all, SCA is a great safety measure that cannot be hacked in easily and is, overall, a reliable way of scam prevention. But, there is one downside. People are often lazy, and some will find it irritating to remember additional passwords. Still, we think that it is worth losing a few customers in exchange for more thorough security measures.

Hypertext Transfer Protocol Secure (HTTPS) Is a Great Protocol for Fraud Prevention

HTTPS is basically an enhanced HTTP. This protocol is responsible for data transference between online stores and buyers’ internet browsers. During transactions, HTTPS encrypts the customer’s information into a code (addresses, names, numbers) that is really difficult to hack into. In this way, you are ensuring that scammers cannot easily steal information from your websites. Here is a useful video on how HTTPS works.

Don’t Ship Products to Non-Home Addresses

Scammers can often give you addresses of post office boxes or storage units. There are numerous cases where scammers have given addresses of freight forwarders since the address will look valid at first glance (you can easily spot it since the container has a long serial number after the address). All in all, just ship your products to legitimate home addresses. In that way, if something goes wrong, the police will know on which door to knock.

A person carrying boxes

You Have to Follow the Development of Triangulation, Chargeback, and All Other Scam Trends Actively

Nowadays, there are analysts who compile information on cybercrime from all around the world. Such extensive information serves for comparison, and analysts can often use these resources to determine whether potentially fraudulent activity is indeed a fraud. Therefore, hiring an analyst is a wise move for your enterprise, but you, yourself should, in the first place, collect and store all the information from both your and other entrepreneurs’ experiences in order to keep track of all the scams and their development.

People discussing one of the credit card processing companies

You Can Do Certain Things if You Have Fallen Victim to a Scam

Unfortunately, it is still quite hard to track down cybercriminals, especially when you take into consideration that a scammer can be located in a foreign country. Therefore, it has to be repeated that prevention and appropriate protection are the two most important things. Still, some measures can be taken if you have fallen victim to fraud:

  • First, report the scam to your local government and law enforcement agency.
  • Report the scam to the Federal Trade Commission (FTC). This agency collects all scam reports, and they will listen to your case.
  • If you suspect that you have been scammed from a foreign county, you can report it to the Internet Crime Complaint Center (IC3).

Merchant Chimp Offers the Best Services in This Field

In this age where online shopping is gaining an advantage over traditional, it is completely natural that young entrepreneurs should think about starting an online enterprise. With Merchant Chimp card processing company, you’ll get both reliable and convenient services. Hence, the chances of being scammed when having our resources at disposal will be significantly reduced.


It never hurts to know how much you can save.

Get a Quote

Step 1 of 2