Friday, 18 July 2025
28.2 C
Singapore
30.8 C
Thailand
21.4 C
Indonesia
27.3 C
Philippines

How to help prevent eCommerce fraud

As an eCommerce merchant, online fraud isn’t a threat you can afford to ignore. That’s because for every dollar in direct out-of-pocket losses, you may lose an additional $2 in indirect costs due to: Penalties and fees Litigation (and more fees) Hours spent disputing charges If customers learn your store has been compromised, decreased customer […]

As an eCommerce merchant, online fraud isn’t a threat you can afford to ignore. That’s because for every dollar in direct out-of-pocket losses, you may lose an additional $2 in indirect costs due to:

  • Penalties and fees
  • Litigation (and more fees)
  • Hours spent disputing charges

If customers learn your store has been compromised, decreased customer confidence may also account for lower sales. One study showed an estimated six out of 10 small businesses close within half a year of a cyberattack. Below, we’ll outline some of the more common types of eCommerce fraud – plus tips on how to help keep your small business and customers safe.

Stolen credit card fraud

As one of the more common types of online fraud, criminals use stolen credit card information to rack up large purchases and have the goods shipped to third-party addresses that can’t easily be traced.

A couple of ways to help prevent this type of fraud include:

  • Creating a policy of only shipping big-ticket items to the user’s billing address – and never to any other destination
  • Using Address Verification Service (AVS) technology to verify each cardholder’s “billing” address before letting any online orders go through

Although neither of these security steps will stop other types of fraud, they both help make it much harder for criminals to divert packages to untraceable warehouses or locations.

Card testing fraud

Before making any large charges, some cybercriminals test credit cards by running small transactions – usually of just a few pennies at a time. Although these fraudulent “purchases” might seem insignificant, the authorization fees can add up quickly. This is especially true when criminals test multiple cards back to back.

As an eCommerce merchant, you can help reduce this activity by:

  • Using an online velocity filter to prevent back-to-back transactions coming from the same device or location.
  • Using minimum threshold filters to automatically flag any purchases that are below the cheapest item in your inventory. If the least expensive product in your online store costs $2.95, there should never be any orders below that amount.

Chargeback fraud

Chargeback fraud involves your “customers,” which is why this scheme often goes by another name – “friendly” fraud.

Below is how chargeback fraud normally works:

  • A customer visits your online store and makes a purchase using his or her credit card.
  • After receiving the item, the customer claims that it never arrived or that the purchase was fraudulent (i.e., unauthorized).
  • That customer keeps the item and then reverses the charges through his or her card-issuing bank instead of requesting a refund from you directly.
  • After issuing a “chargeback” to the customer, the card-issuing bank comes to you to collect the amount.

You can (and should) try to dispute each chargeback, although the chances of winning this dispute are relatively low since most credit card companies offer “zero liability” protection to their users. You’ll likely lose the sale – not to mention delivery fees. With enough chargebacks on your record, you could be demoted to a more expensive payment processing level. In some cases, your merchant account could even be revoked. 

Although disputing chargebacks is difficult, there are steps to take to help make your case much stronger:

  • Publish a clear, hassle-free refund policy. This won’t discourage bad actors, but it should make it easier for honest customers to resolve issues with you – instead of their credit card issuers.
  • Eliminate “guest” checkout. Instead, require that all users log in – preferably with two-factor authentication (2FA). Doing so makes it harder to claim a purchase was truly “unauthorized.”
  • Add tracking to all outgoing packages. Even better, consider adding a signature requirement on the receiving end. Both of these tips can help dramatically reduce false claims that items never arrived.

Cybercrime appears in many forms – from merchant identity theft to phishing attacks to overpayment fraud. Each comes with an inherent “defense” strategy – many of which are covered in the accompanying resource. However, it is critical to work with a PCI-compliant payment processor before exploring any specific fraud prevention strategies. 

How to help prevent eCommerce fraud - Infographic

Hot this week

Singapore shoppers embrace cross-border eCommerce, prioritise trust and clarity at checkout

Singaporean shoppers lead cross-border eCommerce adoption, with a focus on transparent fees, payment security, and fast checkout experiences.

Salesforce expands Hyperforce services in Indonesia with local data residency

Salesforce brings local data residency and AI-driven services to Indonesia with the expansion of Hyperforce and new platform tools.

Singapore’s SingAREN taps Ciena technology to support AI, big data, and advanced research

SingAREN partners with Ciena to power AI, big data, and genomics research through high-speed, low-latency optical network infrastructure.

Google focuses AI investment on technical infrastructure to stay ahead

Google prioritises AI infrastructure with US$75B investment, aiming to stay competitive and avoid falling behind in the fast-moving AI race.

Microsoft will stop new Office 365 features on Windows 10 in 2026

Microsoft will stop new Microsoft 365 features for Windows 10 users starting August 2026, with full support ending by early 2027.

Grok chatbot now barred from referencing Elon Musk or calling itself Hitler, says xAI

Grok chatbot no longer allowed to reference Elon Musk or call itself Hitler, as xAI enforces new rules to stop offensive replies.

Tenable uncovers remote code execution flaw in Oracle Cloud Code Editor

Tenable discovered an RCE flaw in Oracle Cloud Code Editor that allowed attackers to exploit Cloud Shell; the issue has since been fixed.

Garmin introduces Descent S1 buoy to enhance dive communication and safety

Garmin launches the Descent S1 Buoy in Singapore to improve diver tracking, messaging and safety through advanced sonar technology.

Salesforce expands Hyperforce services in Indonesia with local data residency

Salesforce brings local data residency and AI-driven services to Indonesia with the expansion of Hyperforce and new platform tools.

Related Articles

Popular Categories