With the ever-expanding digital sphere and its increasing complexity, ecommerce account takeovers have increased by an eye-watering 347% while shipping fraud spiked 391% in a year, according to data from the Global E-Commerce in 2020 report by TransUnion, a fraud company with its headquarters in the windy city.
These fraudsters are using a number of techniques to gain access to our accounts, such as romance scams, phishing, hacking, social engineering and the usage of credential stuffing, all of which have been connected to mass data breaches over the last decade.
“We’ve gotten to a critical mass,” according to Angie White, a senior manager at TransUnion, who told the E-Commerce Times. With stolen personal information increasingly being used for the takeover of accounts, criminals are also realising that these types of account takeovers can also be used for much more than just ecommerce sites.
The report highlights that “customer accounts are loaded with valuable personal information” as well as being a prime target for criminals. And as such, ecommerce has become the fastest growing area of fraud, above fraud in gambling, insurance, and banking.
Vulnerabilities
One weak spot within the ecommerce landscape is that a core businesses strategy for online focusses on smoothening the friction between user engagement and user purchases, aiming to squeeze the rates of cart abandonment — a touchy area for almost all companies.
And to make matters acute, issues emanating from the COVID-19 pandemic are compounding the vulnerability of being victim to an account takeover. In a scenario where enormous numbers of people are either working from home or having to simply stay at home, it’s much easier for distractions to arise that fraudsters thrive on. Think about it: if you move from the office to home, that security tech provides protection among the office networks that cannot be replicated at home.
Tightening the vulnerability, manufactured shortages in certain products may cause concern — from the widely reported Toilet Paper Shortage of 2020 to lesser reported goods such as laptops. As a customer, if you know that Recognized Retailer A is restricting purchases of hand sanitizer to one per person, you are likely to reach out to Unrecognized Source B, as you attempt to buy via alternative sites. This is where fraudulent websites thrive, harvesting credit card data.
Mobile
Let’s face it, shopping via mobile phone is just more convenient. It’s more often than not both faster and easier. And ecommerce is increasingly being undertaken via mobile, while the risks of fraud move from desktop to the small screen. According to the report, there has been a year-on-year 118% increase in risky transactions on mobile devices.
The ease of mobile is where it can be more vulnerable. Smaller screen sizes could be associated with less scrutiny of websites. Besides, malicious adware can just as easily send mobile users to a scam site as a legitimate ad network can send them to a legitimate website.
Get UV protected
In order to effectively deflect fraud and account takeovers with as much strength as possible, it’s vital to remember that old adage which is: you’re only as good as your weakest link. If your company works with a tech consultancy to deliver your ecommerce needs, who aim to take tender loving care of your site, are those potential weak links, considering that it is them that handle fraud and security setups and installations.
That is why as a tech consultancy that specialises in Salesforce Commerce Cloud, here at United Virtualities we have cultivated a climate of trust, and know how to handle the delicate processes of payment security and anti-fraud setups. We obsess about security because we know how vital it is for business.
We know that our dev teams are at the forefront of keeping your website as guarded and as safe as possible via up-to-date implementations and close-eye management. We have dedicated a whole article to how we safeguard sites on Salesforce Commerce Cloud through its safety and security functionalities. And we implement very stringent anti-fraud measures everywhere we venture.
We also recognize the speed and vulnerabilities to which mobile ecommerce presents, which is why we specifically focus on the latest version of SFCC, called SFRA Architecture, that optimizes a customer-first, mobile-first approach.
There is no magic formula for 100% security. But the best SFCC tech teams construct the strongest possible shields.
PS: UV is one of the world’s leading Salesforce Commerce Cloud (Demandware) dev teams. Contact us to see how we can work together.
