Skip to content

Most ecommerce merchants have heard of the “dark web.” If you’ve ever wondered where a stolen credit card turns up after a cyberattack against a company or financial institution, the dark web is often the destination. What exactly is the dark web? What does it look like? How do you get there? Most importantly, do you know what risk it poses to your ecommerce business?

Welcome to the Digital Underground

The internet is composed of billions of web pages spread across millions of web servers worldwide. Only a small percentage of those pages are accessible through conventional search engines like Google. Known as the “open web,” this collective of data makes up about 5% of the total internet.

The other 95% is called the “deep web” and consists of web pages that are designed to evade a search engine’s algorithm. Think of your email inbox or your online banking account—a Google search won’t pull them up. Everything from internal business networks to confidential academic journals are out of reach. Web pages on the deep web aren’t necessarily nefarious or illegal. They’re mostly where private user activity goes on daily.

What is the Dark Web?

Then there’s the “dark web.” The dark web is a very small, hidden part of the deep web made up of sites accessible only with specialized web browsers and other software. Although the dark web has legal uses, it also attracts cybercriminals and fraudsters who wish to conduct activity beneath the radar of law enforcement. Hackers often sell stolen personal identity and company information, as shown in this screenshot of a page featuring a menu of consumers’ payment data for purchase. Notice how they may also provide a card holder’s ZIP code, SSN (social security number), DOB (date of birth) and other intimate details that’ll fool an inexperienced fraud analyst into thinking nothing is amiss when the card is used.

Image of carding on the dark webA Screenshot from the Russian Market, a forum that specializes in carding and related services. Picture: VMware Carbon Black Source: Supplied

Is the Dark Web a Danger to Your Business?

Although it isn’t a direct threat, the dark web is where fraudsters acquire stolen credit cards so they can attack your online store. NoFraud helps ecommerce businesses thwart this threat, using a combination of human intelligence and AI-powered, multi-layered fraud screening technology to instantly detect and block fraudulent orders in real-time, eliminating chargebacks and boosting order approval rates.

Want to learn more about how we’re fighting fraud? Visit www.nofraud.com.

In the episode Protect Your Shopify Brand From The Dark Web And Sophisticated Fraud Attacks, listen as Shoshanah Posner, NoFraud’s Director of Business Development, joins the ecommerce Fastlane podcast to discuss the fraud trends impacting ecommerce.

In this podcast, you will learn:
– What you need to know about the fraudster landscape, as it relates to data breaches, stolen card data, and synthetic identities.
– What the Dark Web is and what are people doing there
– More about reshipper fraud, triangulation fraud, mule fraud, and how you can protect yourself

Shoshanah also covers how using NoFraud fraud protection for Shopify can provide greater protection than Shopify’s Fraud Filter alone and:

The podcast can be found here. Enjoy!

Online sellers are sure to get a generous slice of the holiday shopping season pie as online sales are predicted to exceed $260 billion by year’s end. While retailers prepare their inventory and cross-train reliable staff members to meet rising demand, they must keep tabs on consumer expectations and buying trends. Additionally, being aware of how to keep fraud costs down will ensure a successful season.

Holiday ecommerce Trends and Tips

Emodo’s Annual Holiday Shopper Survey for Marketers finds that concerns related to Covid have decreased significantly, while financial concerns have surged 153%. 

Health concerns have been replaced by fear of inflation and supply shortages, leading consumers to begin shopping earlier than usual. Nikki Baird, VP of strategy at Aptos, suggests rolling out promotions early to take advantage of the early shopping trend.

Consumers have largely returned to prevalent pre-pandemic expectations, like two-day delivery guarantees and free shipping. Including these offers on the part of ecommerce retailers remains a significant factor in whether or not shoppers will complete a purchase. Additionally, a general pandemic-weariness has given rise to nostalgia-driven purchases.

Financial concerns are compelling many customers to opt for BNPL (Buy Now Pay Later) payments, and the gifting of Gift Cards, as opposed to gift items, is also on the rise.

An increase in sales invariably increases fraud costs–either in the form of increased preventative measures, such as more time spent on manual review, or an increase in fraudulent transactions and chargebacks.

Cutting Holiday Fraud Costs

The first step in cutting fraud costs is identifying the sources of revenue loss. The more calculable expenses are the value of your chargeback losses, chargeback fees, and labor costs spent manually reviewing orders for fraud. 

The less quantifiable costs are the rate of false declines and checkout abandonments due to excess friction during the fraud review process. It is common to assume customer satisfaction due to a lack of negative feedback. However, research indicates that only 1 out of 26 dissatisfied customers will reach out to the company and report the negative experience. Unless you prioritize your customer experience in your fraud prevention approach, you will likely lose customers.     

Holiday Online Shopping

Decreasing Holiday Fraud Costs: A Two-Pronged Approach 

  1. Eliminate Fraud 

Businesses need to learn about common fraud tactics and how to detect and prevent them. Any indication of deception or disguise should raise a red flag. Fraudsters will attempt to mask their true identity, so using a proxy, a burner phone, creating a new email address, or shipping to a freight forwarding company are often telltale signs of fraud, and those orders should be carefully scrutinized. 

Another area of concern is identifying fraudulent chargeback claims. Dissatisfied customers may dispute a charge out of disregard for the merchant, out of spite in response to a negative experience with a business, or as an easier alternative to returning an unwanted item. Good customer service and an easy-to-follow return policy are reliable defenses against this type of fraud. Repeat offenders should be put on a customer block list and effort must be invested in gathering evidence and composing compelling chargeback representments to win fraudulent chargeback disputes. 

  1. Improve Customer Experiences 

The second objective in effectively reducing fraud-related costs is ensuring that your fraud prevention solution is not rejecting legitimate customers or causing shoppers excess friction. An easy way to improve customer satisfaction is by offering a guest checkout for new customers and autofill options for returning customers. This will save customers time and effort at checkout. Not burdening your customers with unnecessary data collection or necessitating the registration of a store account can increase conversions. 

However, if you suspect that your approval rate could be improved and that your fraud prevention solution may be blocking legitimate customers, you may want to explore a more advanced fraud prevention solution or try a side-by-side comparison with another solution. 

Holiday Online Shopping

Effective Holiday Fraud Prevention Solutions 

A full-service fraud detection and prevention solution combines machine learning with expert oversight, allowing human insight and system flexibility to be applied on a scenario-to-scenario basis. Decisions on a transaction, instead of risk scores, will remove the burden of manually reviewing orders from your internal resources. A full-service solution may also offer a financial guarantee for chargebacks and a chargeback management service to dispute chargeback claims using proven techniques and industry best practices. Ease of use and multiple integration options are crucial to eliminating losses during the transition. When all is said and done, a fraud prevention solution should decrease your fraud costs, increase conversions, and relieve you of all your fraud-related manual tasks. 

Takeaway

Make the most of the upcoming Holiday Season by being prepared to roll out promotions early, offering free shipping, providing a great customer experience, and staying ahead of the fraud curve. Learn how NoFraud can alleviate all your fraud tasks and concerns, freeing up your time and resources to build your business and focus on your customers during this busy time.

This article was written by our director of business development for Entrepreneur.com.

As an ecommerce seller, there are multiple responsibilities juggled between you and your team — sourcing product, quality control, customer service, SEO, HR. One of the tasks that is often overlooked, until it is too late and very costly, is fraud prevention.

With the frequency of data breaches recently — 1,253 reported breaches in 2017 alone — stolen credit card data is readily available to cybercriminals. According to a recent Javelin study, $16 billion was lost to fraud last year. While the credit card companies identify and stop some of the credit card fraud that occurs, any fraudulent charge that slips through their fingers and makes its way to your website is your responsibility to stop. If you miss one, you will know about it, in the form of a fraud chargeback from your bank.

1. Classic fraud.
This type of fraud is generally committed by unsophisticated fraudsters. Stolen credit card credentials are purchased on the dark web, and goods are sent to reshippers in an attempt to retrieve the stolen merchandise. Often, internet proxies are used to mask the international IP where a majority of this type of fraud originates.

2. Triangulation fraud.
This type of fraud involves three parties — the fraudster, the unsuspecting legitimate shopper and the ecommerce store.

An online storefront is created by the fraudster, often on eBay or Amazon, that offers high-demand goods at extremely low prices. The store collects payment for the goods it sells. The fraudster then uses other stolen credit card data and the names collected in orders on his online storefront to purchase goods from a legitimate website and ships them to the customers that purchased on his new online storefront.

This type of fraud can usually be identified by the products that are targeted as well as some investigative work by locating the unsuspecting shopper who can identify the storefront where the stolen goods were purchased.

3. Interception fraud.
Fraudsters will create orders where the billing and shipping match the address linked to the card. Their goal is to intercept the package in any of the following ways:

Asking a customer service rep to change the address on the order before shipment.
Contacting the shipper to reroute the package to an address where they can retrieve the stolen goods.
In cases where the fraudster lives in close proximity to the cardholder’s billing address, physically wait near the address for the delivery to arrive and offer to sign for the package as the homeowner is not available.

4. Card testing fraud.
This is the practice of testing the validity of a credit card number, with plans to use valid credentials at another website to commit fraud. Fraudsters target websites that reveal a different response for each type of decline. For example, when a card is declined due to an incorrect expiration date, a different response is given, so they know they just need to find the expiration date. This is generally done by bots, and transaction attempts happen quickly, in rapid succession. The data on the orders will often be identical, either all the data or just a subset of data — like the shipping address.

5. Account takeover fraud.
This occurs when fraudsters get hold of a legitimate customer’s login credentials and take advantage of stored credit cards to purchase goods. An update on the shipping address will usually occur shortly before purchase so the fraudster can retrieve the stolen goods.

6. Fraud via identity theft.
In this case, the fraudsters assumes another person’s identity, creates credit cards in the victim’s name and goes on a shopping spree. This type of fraud is increasing rapidly as the number and scope of data breaches increase. It is also the most difficult to identify as the fraudsters behind identity theft are quite sophisticated.

7. Friendly fraud, also called chargeback fraud.
An online shopper will make a purchase, then issue a chargeback, claiming their card was stolen. The chargeback usually occurs after the goods are delivered. This type of fraud is traditionally not carried out by hardcore criminals but rather by consumers who are clearly aware of what they are doing. This type of fraud is difficult to detect but can often be won via chargeback representing.

As we make more cashless payments for retail purchases, restaurants, and transportation – not to mention the increase in online shopping – wallets loaded with legal tender may become a thing of the past. According to 2018 research by BigCommerce, software vendor and Square payment processing solution provider, 51 percent of Americans think that online shopping is the best option. Last year, 1.66 billion people worldwide bought goods online. And the number of digital buyers is expected to exceed 2.14 billion.

Unfortunately, growing sales may mean not only greater revenue but also bigger losses due to fraud. For instance, 63 percent of businesses that participated in the 2018 Global Fraud and Identity Report by Experian claim to have the same or higher levels of such losses over the last year.

Fraud Investigation

Originally posted on Altexsoft.com. Read the article here.

Payments companies and retailers have a sobering forecast to ponder for online fraud. By 2023, global online fraud losses from e-commerce, airline ticketing, money transfer, and banking services will grow from $22 billion projected in 2018 to $48 billion, says Juniper Research in a new report.

Thanks to the proliferation of synthetic identities—when fragments of real identity information is used to create a new identity—and account takeovers, criminals are increasingly skirting anti-fraud measures retailers and payments companies use, Juniper says.

Fraud Prevention Image

Originally posted on Digital Transactions by Kevin Woodward. Read the rest of the article here.

Originally posted by CardNotPresent.com.

New research from the Minneapolis Fed indicates that retailers are more concerned with fraud in their online channels than any other kind of fraud. Across nearly every size business, Fighting Fraud in the E-Commerce Channel: A Merchant Study found that not only was CNP fraud considered their greatest threat, but half worry about their systems’ abilities to handle fraud as the nature of data breaches changes and attacks at the online account level increase. More than three-quarters of those polled expect increased attacks on their e-commerce channels in the next 6 to 12 months.

Read the full article here.

One of NoFraud’s partners, iTristan Media Group, asked our Director of Business Development to talk about the fraud landscape and how that impacts merchants. The recording can be found here.

Contribution from freelance writer Jenny Holt

According to the Association of Certified Fraud Examiners, a typical organization loses 5% of revenue every year to fraud. For businesses, online fraud typically manifests itself in the form of credit card fraud, identity theft, mobile phone transaction fraud, international purchasing fraud, phishing scams, and downloaded malware that collects credit card information from customers. To protect your business and customers from this very prevalent and increasing threat, take the following steps into consideration. (more…)

Ready to learn more?

Book a demo and see our accurate real-time fraud screening for ecommerce in action.

We offer Starter Plans for even the smallest sized businesses, including a free plan and plans that include chargeback protection for companies that process less than $50,000/month.

Businesses that process more than $50,000 in revenue/month qualify for custom pricing. Book a demo and see our accurate real-time fraud screening for ecommerce in action.

— or —
complete the form for us to reach out to you