E-commerce has revolutionized the retail space. Unfortunately, however, it has also “evolutionized” fraud. Many criminals now target e-commerce merchants. Unfortunately, the faceless nature of the Internet in some ways enable bad-faith actors. That’s why we’re going to cover four of the most common types of online fraud and also suggest ways for merchants to reduce the risk of getting scammed.
Hostile Friendly Fraud and Customers Looking For Free Goods
“Hostile friendly fraud” may sound like an oxymoron and perhaps in some ways, it is. It’s also known as “chargeback fraud” and costs businesses billions per year. Hostile friendly fraud refers to a type of fraud perpetrated by legitimate customers. When it comes to fraud on the Internet you might first think of stolen identities and credit card numbers. However, in some cases, seemingly legitimate customers may try to rip you off.
In order to protect consumers, the U.S. federal government, and many other governments the world over, require banks and other financial institutions issuing credit cards to offer a dispute process to reverse illegitimate charges. Legislation paved the way for so-called “chargebacks,” through which cardholders can dispute charges. Sometimes chargebacks are legitimate and protect customers. However, in many cases, bad faith actors use the process to rip off merchants.
How? If the institution that issued the credit card sides with the customer (they often do), they will reverse a payment and return the money to the cardholder. Crucially, they can reverse charges without the merchant’s approval, essentially providing an unauthorized refund. Besides losing money from the transaction, merchants may lose any products or services delivered and will also have to pay chargeback fees.
Sometimes chargebacks are legitimate. Someone might have stolen your credit card information, say using a skimmer at a gas station pump. Next, criminals can use that information to make illicit purchases. Fortunately for the cardholder, they can file a chargeback and reverse the charge.
So when and how do chargebacks become fraud? A legitimate customer can make a purchase, say buying a pair of shoes from a website. This order then ends up delivered and the customer is happy with the product received. However, they file a chargeback anyway in an attempt to either force the merchant to refund their money or to get their bank to reverse the payment.
There are steps you can take to reduce friendly fraud. For example, requiring signed shipping receipts provides proof that products were delivered to the customer. Often, people filing for chargebacks claim that the products were never delivered. Also, an easy-to-understand and accessible return process is highly recommended. Not only can customers use the return process, but during disputes, you can point out to banks that customers could have filed a return if they were unhappy with their purchase.
Unfortunately, while hostile friendly fraud is one of the most common types of online fraud, it’s far from the only type. In fact, hostile friendly friend isn’t even the only type of friendly fraud. There’s also “benign” friendly fraud, which typically results from miscommunication rather than malice.
Benign Friendly Fraud: Clearing Up Confusion to Reduce Mistakes
Besides intentional hostile friendly fraud, merchants will want to watch out for benign friendly fraud. Not everyone filing a chargeback does so maliciously. If there’s confusion with the billing or other issues, a customer may think that they’ve been scammed and thus will file a chargeback.
For example, shipping for a product might end up delayed. This may be at no fault of the merchant themself. It’s possible that the shipping company misplaced the package and the delivery was thus slowed down. Customers may believe that their goods will never arrive, so they file a chargeback. Providing tracking information so customers can see where their purchase is may prevent confusion.
Another common cause of benign friendly fraud is unclear billing descriptors. If billing descriptors aren’t clear, then the customer may not recognize the purchase and think it’s fraudulent. As a result, they could file a chargeback. Clear billing descriptors will often clear up confusion.
Unfortunately, while friendly fraud is common, it’s not the only thing merchants should look out for.
Using Stolen Credit Cards to Make Illicit Purchases
Credit and debit cards offer a ton of convenience. These days, credit and debit cards make up more than half of all transactions, according to the U.S. Federal Reserve. Unfortunately, however, it’s relatively easy for criminals to steal credit card information. Someone might drop their credit card while shopping, for example. If a scammer picks the card up, he or she might try to make purchases with said card either at a brick-and-mortar store or online.
Data breaches could also expose sensitive data, including credit and debit cards. In some cases, millions of customers may be affected by a security breach. Often, once the data is hacked, it’s sold online on shady websites. Then, fraudsters buy that data and take it shopping.
Often, once criminals have stolen credit and debit card information, they’ll take the cards for a “test drive,” making a number of small purchases online. Many merchants and payment processors focus their anti-fraud effort on higher-value purchases as more money is at stake. As a result, it’s typically easier to get away with smaller illegitimate purchases.
Hacked Accounts Lead to Hacked Purchases
Rather than stealing a customer’s credit card information, some scammers will instead hijack someone’s account. Often, payment information, including credit card numbers, is saved to a profile. So if a criminal can access a customer’s account they may be able to make illicit purchases.
Unfortunately, many people use weak passwords and don’t update them often. This makes their online accounts more vulnerable to hackers. Some people also fall for phishing attacks. A criminal can pose as a legitimate authority, claiming to be a representative from Amazon or another website. Then they can request that the customer turn over their login credentials.
If a customer realizes that their account has been hacked, he or she may file for chargebacks to claw their money back. Unfortunately, this often leaves merchants on the hook for lost merchandise, refunded money, and chargeback fees. This is true even if a mistake on the customer’s part, say using a weak password, allowed the breach to happen in the first place.
Protecting Your Business From Scammers and Criminals
Unfortunately, crime is a fact of life and many if not most merchants will have to deal with criminals at some point. There are steps you can take, like requiring customers to regularly change passwords, asking to confirm billing information, and working with security companies to detect fraud before it happens. It’s also wise to use a dispute management platform to manage, deflect, and dispute chargebacks, among other things.
Add it all up and it’s wise to take proactive steps now to prevent friendly fraud and other types of online fraud. Doing so will help you protect your business and mitigate risks.