Stop Ecommerce Fraud in its Tracks

As an ecommerce business owner, it has never more critical to protect your business against fraud than now. 

Ecommerce fraud cost retailers $3.5 billion dollars last year, according to CyberSource.  Scam artists and fraudulent marketing schemes are popping up left and right, so it is important to stay on guard against these threats to your business.

By simply being aware about the potential scams that your business might encounter, you will be better prepared to identify if you are falling prey to a detrimental scam.

The Better Business Bureau listed some scams that that commonly target small businesses, such as:

• Directory Scams
• Office Supply Scams
• Overpayment Scams
• Hackers & Data Breaches
• Award Schemes
• Phishing Emails
• Stolen Identities
• Fake Invoices

“Small business fraud can come from internal threats, such as employee fraud, or from external full-time scammers,” said Alison Southwick, BBB spokesperson. “Because small business owners often lack the time and resources to fight fraud, they are a popular mark for any number of different scams.”

The Big, Ugly Affiliate Marketing Scam

Small business owners can be especially susceptible to Affiliate Marketing Fraud.

Kogan.com’s Founder and CEO, Ruslan Kogan, recently wrote about his experience with affiliate networks in order to expand his digital marketing reach.  After much investigative research, Kogan found out that using the affiliate marketing program was actually the same as if he were to hire a salesperson and pay them commission to sell to people in his checkout queue.

Kogan advises small businesses, “Be very careful when you sign up to affiliate networks. Do all your analysis. Profile the traffic, and then make an educated decision for yourself.”

How To Protect Your Business Against Fraud

The FBI put together the following steps in order to help small businesses avoid all kinds of fraud:

1. Educate yourself and your employees—especially frontline and accounts payable and receivable personnel—about common fraud schemes;
2. Always ask for offers in writing, and require a written contract or purchase order for ANY transaction;
3. Carefully review all invoices and compare them to expense records to make sure they are legitimate (and keep all records!);
4. Use a credit card for purchasing supplies and services (if the vendor fails to deliver, you can dispute the charges);
5. Don’t give out full names of employees, as fraudsters can obtain an employee’s name and then later claim this individual authorized the purchase of a product or service; and
6. Be wary of accepting checks, because in some cases perpetrators have conducted a series of smaller, legitimate transactions to enhance their credibility and then used a counterfeit check to pay for a large order.

The Fundamentals for Fighting Fraud

Fraud Monitoring

As an ecommerce grows, the level of fraud will grow accordingly.  US ecommerce merchants using an automated fraud detection system will reject 2.9% of all orders, on average, according to CyberSource’s fraud studies. However, Ethoca found that 19% of those rejected orders were actually good.  This is why it is important for small businesses to plan on both manual and automated fraud monitoring.

Secure Payment Gateway

One of the most valuable ways ecommerce stores can increase their security is by choosing a secure payment gateway, such as Authorize.net.  By doing so you will help protect your business from fraud.

SSL Certificates

Additionally, choosing an ecommerce platform that is SSL certified will secure all credit card information. Miva offers strong SSL certificates that are 128-bit or 256-bit capable to accommodate all security needs.  It is also crucial that online storeowners ensure that their SSL certificates are up-to-date.

PCI Compliance

PCI-DSS Compliance (Payment Card Industry’s Data Security Standard) was developed by the PCO Security Standards Council and is required for all ecommerce sites.  The goal of this standard is to protect the security of online transactions.

Layer Your Security

“Start with firewalls, an essential aspect in stopping attackers before they can breach your network and gain access to your critical information,” says Sarah Grayson, Senior Marketing Manager for the Web Security Group at McAfee. “Add extra layers of security to the website and applications such as contact forms, login boxes and search queries. These measures will ensure that your ecommerce environment is protected from application-level attacks like SQL (Structured Query Language) injections and cross-site scripting (XSS).”