4 types of e-commerce fraud & how to prevent them

E-commerce fraud is constantly evolving, with scammers finding new and inventive ways to steal details, funds or goods from consumers and merchants. 

It’s estimated that by 2024, e-commerce sales will grow to $6.4 trillion. Which means this is a lucrative market for scammers and you need to make sure you have the tools and processes in place to detect and prevent potential fraud. 

If you accept payments online, keep reading - we’ve listed 4 types of e-commerce fraud and how to prevent them. For more details on how to detect and prevent online fraud, get in touch.

1. Friendly Fraud 

False chargebacks, also known as Friendly Fraud, often make up the majority of chargeback cases a business will receive. It's important you know how to recognise and fight Friendly Fraud. The main difference between this type of fraud and most others, is that the fraudster is also the customer. 

Friendly Fraud is when a customer disputes a transaction with their bank, even though they don’t have a legitimate reason to do so. The customer will often then get to keep the goods or benefit from the service as well as getting their money back.  

Some examples of Friendly Fraud by customers are:

  1. When a customer buys goods with the full intention of raising a chargeback. 
  2. When a family member makes a purchase without the cardholder’s knowledge. This is often associated with children stealing their parent’s cards to make online purchases.
  3. When a customer is genuinely confused and doesn’t recognise the transaction on their bank statement (even though it is legitimate).
  4. When a customer is unhappy with the service or product they’ve received. Rather than trying to resolve the issue with the merchant, they go straight to their bank to raise a chargeback instead.

Friendly Fraud is costly as it can result in the loss of the cost of goods, the cost of a refund and chargeback fees. 

Some of the things you can do to help tackle Friendly Fraud are:

  • Carefully document every sale so you can provide evidence to the bank that the purchase was legitimate, if a chargeback is raised. 
  • Talk with your customer service team about reviewing their processes and targets for responding to customers, to help avoid customer dissatisfaction. 
  • Make sure that your merchant descriptor matches the trading name of your business. This is the name that appears on your customers’ bank statement and will cause confusion if they don’t recognise it.

2. Refund and Return Fraud 

Refund and Return Fraud are both on the rise, so it’s important to recognise the difference between the two and how to tackle them.

Refund Fraud is where a customer requests a refund or an item, without returning the goods. They’ll often make a false claim about why they can’t return them so that they can keep the item and get their money back. 

Return Fraud is where a customer exploits a company’s return policy. They’ll return or try to return an item that has been:

  1. Stolen.
  2. Used.
  3. Bought from a different company.
  4. Is a knock-off (with them keeping the original item).

Customers often commit these types of fraud due to loopholes in company policies. Make sure your refund and returns policies are reviewed and updated regularly to help discourage fraudsters from taking advantage. 

Some first steps you can take to tackle Return and Refund Fraud are:

  • Write clear and simple return and refund policies. So fraudsters can’t argue with them or find any loopholes. 
  • Replace cash refunds with credit or gift receipts.This will often deter fraudsters as most legitimate customers will be happy with purchasing a different item. 
  • Make sure that your customer support team are aware of this type of fraud, so they can easily identify them when they arise and have a plan in place on how to deal with them. 

3. Buy Now Pay Later (BNPL) Fraud

BNPL Fraud is any type of fraud relating to BNPL payments. This can either be made by consumers who find a loophole in a merchant’s BNPL options or by fraudsters trying to gain free goods or make a profit. While adding verification checks to the checkout flow may add a little friction for the consumer, it’s worth it to ensure the person making the purchase is legitimate and able to pay.

So, what are some BNPL Fraud types to look out for?

  1. Account Takeover Fraud. Fraudsters take over an existing user’s account which has already gone through ID and credit history checks, to make a purchase. 
  2. Stolen Card Details. Fraudsters buy items using BNPL options but with stolen card details. This is difficult to identify until the cardholder raises a complaint.
  3. Non-Repayment. Some BNPL offers allow you to make a purchase with no payment taken for months. Fraudsters will often go for this option with no intention of ever paying. 
  4. BNPL Offers. Some merchants run promotional campaigns to encourage consumers to try their BNPL payment option (e.g. a gift card or free item). Fraudsters will take advantage of the offer, creating multiple accounts to gain as many free items as possible, with no intention of paying for the main item when their first payment is due.

BNPL is a great payment option, especially for retail merchants or those selling high priced items. But, if you’re already using it or considering adding it to your checkout here are some ways that help you prevent BNPL fraud:

  • Identity verification. Choose a BNPL provider who has a clear identity verification process. This’ll help to ensure you know who your customers are and that they’re legitimate. 
  • Address verification (AVS). This helps to ensure that the person making the purchase is the account holder. By asking the customer to confirm their address allows the card network or bank to check that the address the customer has provided is the one they have on file. 
  • Customer authentication. Getting the customer to re-confirm their identity using authentication methods, like 3D Secure, before authorising the payment can be an additional layer of security for existing accounts that are at risk of being hacked.

4. Triangulation Fraud

This is when a fraudster acts as a secret middleman between the shopper and the online retailer. There can be slight variations in Triangulation Fraud, but ultimately the cardholder’s detailers are stolen by a fake website. 

The scammer sets up a fake website to get customers to buy (often heavily discounted) goods, as a means of stealing their card details. In some cases the website may try to replicate an existing brand or they’ll build a temporary online store. Shoppers will often get enticed to the website by online ads or emails.

For example:

A shopper is directed to a fake website showing designer trainers for a very low price. The customer enters their card details to make the purchase (at which point their details are stolen).

The scammer will then use another set of stolen details to buy the designer trainers on a legitimate website and ship them to the shopper.

Variations of Triangulation Fraud

  1. For more sophisticated set ups, the scammer may not charge the card themselves, and simply use this as an opportunity to steal the card details. In this instance they’ll forward the purchase directly to the legitimate website. This variation means the customer only gets charged once, receives their goods and likely has no idea they’ve had their details stolen until the scammer starts making purchases.
  2. OR, scammers may pretend to be a legitimate brand and while the shopper thinks they’re buying a real item they’ll actually be shipped a knock-off by the scammer instead, causing reputational damage for the real brand. 

This type of fraud inevitably leads to chargebacks despite the legitimate merchant having done nothing wrong. Triangulation Fraud involves quite a few steps so it can be difficult to prevent, but some ways you can tackle it are:

  • Address & Location Verification. Ensure the person making the purchase is the real cardholder. 
  • Website Checks. Educate customers on how to check that they’re buying from a legitimate website e.g. spelling errors in a website’s URL and looking out for “not secure” notifications from browsers. 
  • Device fingerprinting (or Device DNA). This can identify devices connecting to your business’ website. It can identify a device with suspicious activity and allow you to blacklist them from making additional purchases.

As technology evolves and we can continue to shop more and more online, instances of fraud will inevitably continue to rise. And while you can't prevent fraud 100% there are multiple steps you can take to minimise the number of cases and reduce the impact it has on your business. Get in touch, to speak to one of our payment advisors about tackling fraud.

Recent posts.

Product

Mobility taxi image for payments

Best practices for implementing 3DS2: Keeping your online payment secure.

Read morePurple background blob

Engineering

Judopay and Mobo2Go case study imageTeal background blob

Creating a data analytics powerhouse...

Read more

Engineering

Strong Customer AuthenticationPink background blob

Payment Services Directive 3 - An Evolution: not a Revolution...

Read more
Judo logo
Trustpilot

Our solution

Online paymentsFraud protectionReporting tools

Company

AboutCustomersPartnersCareersBlogPress

Developers

DocumentationDeveloper hubChangelogAPI referenceStatus pageComms archive

© Judopay 2024. All rights reserved.

Alternative Payments Limited (Company Number 07959933) t/a Judopay is wholly owned by Fabrick S.p.A., part of the Banca Sella Group.

Service agreementCertificatesLegal hubPrivacy policy
Terms & conditionsPrivacy notice for job applicantsCookie Policy
Great Place to Work logoCrown Commercial Service Supplier Logo