If you have an e-commerce shop, you know that keeping your online store safe from fraud and scams is critical to business. Vigilant digital security is more important than ever in order to protect your company and customers. In the post-COVID world, attempted fraudulent purchases increased by 69% in 2021 alone.
Unfortunately, there’s no one-size-fits-all solution to keeping your business safe from these threats. Small business owners need to take a variety of precautions to protect themselves.
As a business owner you have options and measures you can take to reduce the risk of fraud and scam attacks against your business.
What Is an Online Scam?
Simply put, an online scam is when someone tricks you or your business out of money on the internet. They are usually facilitated by cyber criminals and can range from credit card to identity theft.
Online scams have been around for a long time, but have spiked as a result of the increase in online sales due to COVID-19, as many small businesses were forced to rapidly create an e-commerce gateway to their stores due to restrictions. At the start of the pandemic, the FBI went as far as cautioning the general public against hackers and scammers.
Some scammers go as far as using social engineering tactics. These attacks use scare tactics to prey on users or employees to hand over confidential and sensitive information.
What Is the Importance of Staying Safe Online?
Business owners tend to store personal information on their computers, such as credit card data and passwords, which is the information cyber criminals hunt for.
Staying safe online will save your business from experiencing any significant loss that comes from being compromised. The damage from being scammed is not just about lost revenue or damaged goods, it could also result in a loss of valuable brand equity with potential customers.
The repercussions of your business getting defrauded can be serious. It can result in you needing to deal with:
- The cost of lost merchandise, handling or shipping on any fraudulent orders
- Chargeback fees
- Damage to your company’s reputation
- The loss of your business bank account
The fight against fraud is a tough one, but understanding the different types can help you identify where and when attacks might occur.
What Are the Types of Online Scams?
Here are some of the most common scams that target online businesses today.
It seems like every day there’s a new email scam emerging. Phishing emails appear to come from a legitimate sender but they’re intended to gain sensitive information from the recipient. For example, in Canada, there are regulations such as the Canadian Anti-Spam Legislation that have been put in place to protect against fraud and spam.
You may have received an email or text alert saying your business account has been compromised. Clicking on the link may make you vulnerable to hackers who may be able to target personal and business information. Always ensure you trust the sender before opening attachments or clicking on links.
Business owners should be aware that scammers continue to get more sophisticated in their delivery by masking as a legitimate brand. You can avoid receiving phishing emails by ensuring that your firewall and anti-virus software are up to date.
Outside of the business world, if you invest in cryptocurrency or non-fungible tokens, beware of NFT airdrop scams and other crypto scams as those are common in that industry.
Small business owners can also be deceived by scammers who send fake emails that contain invoices to try and collect payment from them.
You can avoid any potential loss by ensuring your business has a clear invoicing process. This way if your company receives an invoice, it can be traced back to approved expenditures in your database.
Card-Not-Present (CNP) Fraud
This type of fraud happens when a scammer is using either a stolen credit card, consumer’s identity or banking card data.
Usually, a CNP follows the process below:
- The scammer makes an online purchase using a stolen credit card.
- The issuing bank approves the purchase and the items are delivered to the scammer. The card owner doesn’t recognize the purchase and asks for a chargeback from their credit card issuing company.
- The merchant in return has to reimburse the rightful owner of a card and is left with a loss. In an extreme case, your store could be penalized and blacklisted.
Don’t be fooled by the name, this type of scam is anything but friendly. It occurs when a customer, who has paid and received their item, files a chargeback with their credit card company.
Sometimes it might be an honest mistake on the customer’s part, as they might not recognize the name of the store on their credit card statements. But there are times when friendly fraud is done with malicious intent. Some customers go as far as hiring professional refunders who report fraud and get their money back for a fee.
Friendly fraud is a growing concern. And, without meticulous record-keeping you might be on the hook for all the fees and penalties that come with chargebacks.
Government Agency Imposter Scams
There’s a recent trend in cyber criminals who are trying to scam businesses by claiming to be from government organizations like the IRS or Social Security Administration. The scammers scare victims with legal repercussions and ask for money upfront or demand to be paid in installments by phone or email.
The best way to avoid getting scammed this way is by calling the government agency and inquiring about the offer or benefit. Avoid the contact information in the ad, and instead seek out the official website of the agency.
Account takeovers (ATO) fraud is on the rise this year. Over 22% of U.S. adults fall victim to scammers hacking into insecure accounts. These cyber criminals use the stolen information to complete unauthorized transactions, which can seriously impact your business.
We can expect ATO fraud cases to keep rising in 2022, as cyber criminals become more creative with their schemes. Now there are automated methods, such as script creation, that are making this type of fraud easier than ever before.
As a merchant, you can protect your customers from ATO fraud by providing a two-step authorization or biometric passwords before customers complete their purchases.
How Do I Identify Fraud Online?
The process to identify potential fraud can be difficult. But nowadays merchants have the ability to do their own digging and investigative work to help catch any suspicious purchases and track down fraudulent activity.
- Take note of unusual account activity. It is important to take note of anything unusual. For example, take note of things such as multiple failed transactions. This can be an indication that there might be something going on and should be investigated further. Remember, if a fraudster is successful, they might attempt the fraud again, so make sure to blacklist their phone, email, IP and billing address.
- Check the addresses. Most secure transactions are the ones that have the shipping, billing and IP addresses in a very close proximity to each other. The further the distance, the higher is the chance that the purchase might be fraudulent. If the IP address is masked as well, it can also be a sign of a scam.
How Do I Protect My Business from Fraud?
Getting scammed is the last thing you want to do. Here are a few tips to avoid it:
- Provide fraud and theft prevention training to employees. It’s a good idea to train employees and encourage them to bring forward anything out of the norm. Business owners can host awareness sessions about cybersecurity to stay updated on some of the most recent scams on the internet.
- Don’t share passwords and sensitive information by email. Make sure that passwords and sensitive information are not being sent by email. This is because emails are sent as plain texts, and therefore aren’t encrypted. If a hacker gains access to your or any of your employees’ inboxes, it could lead to loss of sensitive information.
- Verify invoices and payments. There’s a chance you could be dealing with scammers. Make sure that they’re who they say before approving payments or invoices.
- Perform security audits. This will allow you to identify any potential weak points that could make it easier for online scammers to acquire your customers’ information or commit future fraud. You could run some phishing tests or mirror your website.
Trying to keep your online store safe from fraud and other scams can be a challenge. Being aware of your online store’s security is the first step to keeping it safe. Staying vigilant can keep you from becoming a victim of fraudulent activity or losing money due to chargebacks.