The 7 Types of E-Commerce Fraud Schemes

$17 billion was lost to fraud in the last year alone. But if you’re a business owner, you probably know that even small fraud costs like chargebacks can add up quickly! Read up on these top 7 fraud schemes so you can stay informed and prevent the next fraud attack on your website:

1. Classic Fraud:

This type of fraud is generally committed by unsophisticated fraudsters. Stolen credit card credentials are purchased on the dark web, and goods are sent to reshippers in an attempt to retrieve the stolen merchandise. Often, internet proxies are used to mask the international IP where a majority of this type of fraud originates.

2. Friendly Fraud (Or Chargeback Fraud):

An online shopper will make a purchase, then issue a chargeback and claim that their card was stolen. The chargeback usually occurs after the goods are delivered. This type of fraud is traditionally not carried out by hardcore criminals, but rather, by consumers who are clearly aware of what they are doing. It is often difficult to detect but can often be won via chargeback representment.


3. Triangulation Fraud:

This type of fraud involves 3 parties – the fraudster, the unsuspecting legitimate shopper, and the e-commerce store.

An online storefront is created by the fraudster, often on eBay or Amazon, that offers high-demand goods at extremely low prices. The store collects payment for the goods it sells. The fraudster then uses other stolen credit card data and the names collected in orders on his online storefront to purchase goods from a legitimate website and then ships them to the customers that purchased on his new online storefront.

Triangulation fraud can usually be identified by the products that are targeted, as well as some investigative work in locating the unsuspecting shopper who can identify the storefront where the stolen goods were purchased.

4. Interception Fraud:

With interception fraud, fraudsters will create orders in which the billing and shipping match the address linked to the card. Their goal is to intercept the package in any of the following ways:

  • By asking a customer service representative to change the address on the order before shipment
  • By contacting the shipper to reroute the package to an address where they can retrieve the stolen goods
  • In cases where the fraudster lives in close proximity to the cardholder’s billing address, the fraudster will physically wait near the address for the delivery to arrive and offer to sign for the package when the homeowner is not available.

5. Card Testing Fraud:

This is the practice of testing the validity of a credit card number in order to determine the valid credentials that can be used on another website to commit fraud. Fraudsters target websites that reveal a different response for each type of decline: for example, when a card is declined due to an incorrect expiration date, a specific response is given that tells the fraudster that they don’t have the right expiration date. This is generally done by bots so transaction attempts can happen quickly and in rapid succession. The data on these orders will often be identical— either all of the data or just a subset of data (for example, the shipping address).

6. Account Takeover Fraud:

This occurs when fraudsters get a hold of a legitimate customer’s login credentials and take advantage of stored credit cards to purchase goods. An update on the shipping address will usually occur shortly before purchase so that the fraudster can retrieve the stolen goods.

7. Fraud via Identity theft:

In this case, the fraudster assumes another person’s identity, creates credit cards in the victim’s name, and goes on a shopping spree. This type of fraud is increasing rapidly as the number and scope of data breaches increases. It is also the most difficult to identify, as the fraudsters behind identity theft are quite sophisticated.

Struggling to keep up with the latest fraud schemes? Fidelity’s FraudWatch can help. Contact us today to find out how easy fraud prevention can be.

Guest Post by Shoshana Posner of NoFraud