endpoint security

4 Types of eCommerce Fraud That Have Increased During the Pandemic

  • By Thorsten Herbes
  • Nov 02, 2020

As we shop from the safety of our homes and fuel the digital economy, we expose ourselves to a great amount of risk, and fraudsters are taking advantage of this sharp increase in online shopping over the course of the Covid-19 crisis. Bots, account takeovers, and fake accounts are commonplace threats to merchants and require far more sophisticated prevention methods than what companies have in place today. As the fraudsters become smarter and more adept at defeating the traditional methods of fraud prevention, detecting subtle tells and behavioral analysis have emerged as effective ways to protect both consumers and merchants from unwanted access and transactions. As a merchant, look for holes in your anti-fraud stack and realize that the fraudsters will always evolve. If your fraud prevention technology remains stale, you are inviting chargebacks.

While their methods continue to change, today’s eCommerce fraudsters can still be divided into several key fraud vectors.

Bots
The dark web is filled with easily obtained lists of usernames and passwords, and fraudsters are able to purchase large quantities of such combinations for relatively little money. These credentials are then loaded into a server and used to ping eCommerce and other sites in an attempt to find a combination that works. It’s essentially the fraudster’s version of playing a slot machine, hoping for the jackpot winning combination of username and password. Once they’re “in,” the options are near limitless -- the fraudster has access to the compromised account and can make changes, transact or, like many of us who use the same username and password across multiple sites, take over the account and associated payment methods. Plus, they can even access your accounts on other sites with the same credentials. Traditional methods of analyzing the physical identity of the consumer no longer work in this scenario because the fraudster has the matching data and can easily defeat this layer of defense. A more timely approach to fraud prevention against bots is to add in a layer of security that looks for commonalities, such as IP addresses, device fingerprint and other “tells” that can easily identify a bot and stop it from getting through.

Account Takeover
Once a fraudster gains access, taking over an account is simple. In a typical account takeover (ATO) scenario, the fraudster will change subtle pieces of information associated with the account, such as phone numbers, emails, and addresses. The fraudster now “owns” your account and can transact, purchasing goods for their own use or for the purposes of selling them. Consumer electronics or digital goods, like gift cards, are particularly attractive items. Fraudsters typically attempt a large number of transactions over a short period of time, in order to maximize the breach before the real account owner has a chance to notice the compromised account. ATO is more difficult to prevent than bots, as the fraudster has already made his or her way into the secured environment with real credentials and, more importantly, now controls the account. Again, traditional methods of defense often fail in this instance. However, while the fraudster can easily mimic the credentials of the real customer, they are unable to behave in the same way that the real customer would. Utilizing behavioral biometrics has proven to be the key defense here -- fraud can be detected by analyzing user behavior patterns and comparing them to the real customer’s known patterns. Is the shopping behavior the same? Is the typing rhythm similar to prior transactions? Are there any other dissimilarities in the interaction? The fraud can be stopped only by analyzing these small variations in an intelligent way.

Fake Accounts
Another common vector is the creation of fake accounts, using stolen identities or payment instruments. Fraudsters will visit a site or app and create a new user profile, using components that are stolen in combination with their own information, such as burner phones and fake email addresses. If successful, the fraudster can transact while impersonating the real consumer and take advantage of any goods or services obtained prior to the consumer noticing. Merchants often ship items or digital goods to this seemingly good new customer, often not realizing that they are dealing with a fake account until it is too late and the real account owner contacts them to ask about the charges on their credit card. Fake accounts are difficult to spot once they have been established, so the need for more subtle ways to detect a fraudulent customer becomes paramount. Creating fake accounts has only a limited rate of success, so fraudsters often use shortcuts to help them generate many fake account registration attempts at once -- something that can lead to their detection. Paying close attention to common traits, such as the number of instances a certain device has been used; how many times the same password has been used across multiple, seemingly unrelated accounts; and the general behavioral patterns can be powerful tools in deterring this type of fraud vector.

Transaction Payment Fraud
The result of all three attack vectors is almost always a chargeback. The real consumer has realized that their account has been compromised and that transactions have been made with their payment method without their knowledge or consent. The consumer now contacts the issuing bank and demands that the charges are reversed, resulting in the bank charging back the merchant for the unauthorized transactions. The risk to the merchant is reputational and financial, potentially resulting in negative reviews and corrective measures required by the card issuer prior to allowing the merchant to accept the compromised payment method again. Assuming that the fraudster has managed to successfully evade the typical legacy methods of fraud prevention, such as identity verification, one-time-passwords or even out-of-wallet personal identification questions, there is still hope that a fraudulent transaction can be avoided. Using behavioral attributes and measuring exactly how the fraudster interacted during the page traversal can be excellent indicators of likely fraud and can offer a final barrier against unwanted transactions.

Ultimately, relying solely on standard defensive measures has become a risky proposition in today’s socially distanced shopping environment. Thankfully, new ways to prevent fraud, such as machine-learning behavioral models powered by artificial intelligence, are at the forefront of the battle and become more powerful each day.

Featured

  • Improve Incident Response With Intelligent Cloud Video Surveillance

    Video surveillance is a vital part of business security, helping institutions protect against everyday threats for increased employee, customer, and student safety. However, many outdated surveillance solutions lack the ability to offer immediate insights into critical incidents. This slows down investigations and limits how effectively teams can respond to situations, creating greater risks for the organization. Read Now

  • Security Today Announces 2025 CyberSecured Award Winners

    Security Today is pleased to announce the 2025 CyberSecured Awards winners. Sixteen companies are being recognized this year for their network products and other cybersecurity initiatives that secure our world today. Read Now

  • Empowering and Securing a Mobile Workforce

    What happens when technology lets you work anywhere – but exposes you to security threats everywhere? This is the reality of modern work. No longer tethered to desks, work happens everywhere – in the office, from home, on the road, and in countless locations in between. Read Now

  • TSA Introduces New $45 Fee Option for Travelers Without REAL ID Starting February 1

    The Transportation Security Administration (TSA) announced today that it will refer all passengers who do not present an acceptable form of ID and still want to fly an option to pay a $45 fee to use a modernized alternative identity verification system, TSA Confirm.ID, to establish identity at security checkpoints beginning on February 1, 2026. Read Now

  • The Evolution of IP Camera Intelligence

    As the 30th anniversary of the IP camera approaches in 2026, it is worth reflecting on how far we have come. The first network camera, launched in 1996, delivered one frame every 17 seconds—not impressive by today’s standards, but groundbreaking at the time. It did something that no analog system could: transmit video over a standard IP network. Read Now

Most   Popular

New Products

  • HD2055 Modular Barricade

    Delta Scientific’s electric HD2055 modular shallow foundation barricade is tested to ASTM M50/P1 with negative penetration from the vehicle upon impact. With a shallow foundation of only 24 inches, the HD2055 can be installed without worrying about buried power lines and other below grade obstructions. The modular make-up of the barrier also allows you to cover wider roadways by adding additional modules to the system. The HD2055 boasts an Emergency Fast Operation of 1.5 seconds giving the guard ample time to deploy under a high threat situation.

  • Luma x20

    Luma x20

    Snap One has announced its popular Luma x20 family of surveillance products now offers even greater security and privacy for home and business owners across the globe by giving them full control over integrators’ system access to view live and recorded video. According to Snap One Product Manager Derek Webb, the new “customer handoff” feature provides enhanced user control after initial installation, allowing the owners to have total privacy while also making it easy to reinstate integrator access when maintenance or assistance is required. This new feature is now available to all Luma x20 users globally. “The Luma x20 family of surveillance solutions provides excellent image and audio capture, and with the new customer handoff feature, it now offers absolute privacy for camera feeds and recordings,” Webb said. “With notifications and integrator access controlled through the powerful OvrC remote system management platform, it’s easy for integrators to give their clients full control of their footage and then to get temporary access from the client for any troubleshooting needs.”

  • PE80 Series

    PE80 Series by SARGENT / ED4000/PED5000 Series by Corbin Russwin

    ASSA ABLOY, a global leader in access solutions, has announced the launch of two next generation exit devices from long-standing leaders in the premium exit device market: the PE80 Series by SARGENT and the PED4000/PED5000 Series by Corbin Russwin. These new exit devices boast industry-first features that are specifically designed to provide enhanced safety, security and convenience, setting new standards for exit solutions. The SARGENT PE80 and Corbin Russwin PED4000/PED5000 Series exit devices are engineered to meet the ever-evolving needs of modern buildings. Featuring the high strength, security and durability that ASSA ABLOY is known for, the new exit devices deliver several innovative, industry-first features in addition to elegant design finishes for every opening.