Ecommerce fraud trends and how to prevent them

The rise in ecommerce sales has led to an increase in ecommerce fraud — which is when fraudsters use stolen or fake information to conduct an illegal commerce transaction online. New technologies and alternative payment methods have also contributed to growing risks of fraud.

According to the Federal Trade Commission, consumers lost more than $392 million to fraud in 2021 — a nearly 60% increase from 2020.1 Looking ahead, Juniper Research predicts that ecommerce fraud will cost merchants over $48 billion globally in 2023 — up from $41 billion in 2022.2

That's why it's so important to understand different types of ecommerce fraud. As a result, you’ll give yourself the best chance at keeping your transactions secure and protecting your business and customers from potential risks.

Common types of online fraud

Fraud can come in many forms, especially when digital transactions and ecommerce platforms are involved.

Common types of online fraud include:

  • Account takeover fraud
  • Interception fraud
  • Friendly fraud
  • BNPL fraud
  • Buy online, pick up in store fraud
  • Promotion abuse
  • Card testing fraud
  • Chargeback fraud
  • Refund fraud

Account takeover fraud

Account takeover (ATO) fraud occurs when fraudsters use stolen login credentials to make unauthorized transactions and change customer information. Fraudsters may steal login credentials through data breaches, phishing, or hacking.

ATO attacks can be difficult to detect since fraudsters operate under the guise of existing customers. According to a study from Sift, ATO attacks increased by 131% from 2021 to 2022.3

Interception fraud

Interception fraud is when a scammer makes an ecommerce purchase using stolen credit card information with matching shipping and billing addresses. They intercept or reroute the delivery by contacting the customer service department or shipping company to change the address.

Buy now, pay later fraud

Buy now, pay later (BNPL) fraud can take a few forms:

  • A fraudster creates a BNPL application that requires minimal customer information. After their application is accepted, they receive the products but avoid paying for them.
  • A fraudster places a BNPL transaction using stolen customer credentials.
  • A fraudster hacks into an existing customer's BNPL account and places an order.

Buy online, pick up in store fraud

Buy online, pick up in store (BOPIS) fraud occurs when someone makes a fraudulent purchase and retrieves the product before the merchant can flag the illegitimate transaction.

For example, a fraudster may use stolen credit card information to place an order at a store nearby. They then pick up the item at the store and flee. By the time their transaction is screened for fraud, they're gone.

Promotion abuse

Promotion abuse occurs when fraudsters take advantage of a special promotion by creating multiple accounts using stolen customer data. Merchants can flag promotion abuse if they see multiple accounts created in a short period of time with the same email address or phone number.

Card testing fraud

Card testing fraud occurs in three key steps:

  • A fraudster obtains a batch of stolen credit or debit card information through hacking or phishing.
  • They make small fraudulent purchases with the cards in order to determine which ones are still active and not yet flagged as stolen.
  • They use the still-active cards to make larger fraudulent purchases.

Friendly fraud

Friendly fraud occurs when a cardholder or someone the cardholder knows places a legitimate order and then later disputes it as an unrecognized transaction.

Friendly fraud is tricky to detect and resolve because it relates to a legitimate transaction. The customer may intentionally try to dispute the charge because they do not recognize the purchase – or they may do so because a child or other family member used their card without their permission.

Chargeback fraud

Chargeback fraud is when a scammer makes a purchase and then contacts their bank or credit card issuer for a refund — which is known as a chargeback.

Chargeback fraud is similar to friendly fraud because they can both result from a legitimate purchase. The big difference is that chargeback fraud is usually committed by fraudsters looking to abuse company refund policies, while friendly fraud may be the result of a customer mistake.

Refund fraud

Refund fraud occurs when a customer purchases a product, uses it, and then returns it — or a counterfeit version of it — for a refund. Friendly fraud and chargeback fraud are also types of refund fraud.

Another popular type of refund fraud is “wardrobing". This occurs when a customer buys clothes, wears them with the tag, and then returns them for their money back.

How to prevent ecommerce fraud

Learn how to prevent online fraud with these fraud management techniques:

  • Maintain password hygiene by using unique usernames and strong passwords on every site. Also, use multifactor authentication when available and leverage a password management tool to keep track of your passwords.
  • Install updates and virus protection regularly on all devices so they have the latest security features.
  • Leverage a fraud protection tool to automatically verify payment information and flag suspicious transactions.
  • Audit systems and accounts on a consistent basis to make sure access points are secure and permissions are updated.

New schemes happen all the time. It's important to monitor fraud trends, educate your team, and work with partners that can help prevent fraud.

Get built-in fraud detection with PayPal

PayPal helps businesses detect online fraud and protect their ecommerce sales with Seller Protection for Merchants on eligible sales (limits apply).

With Seller Protection, you can have the peace of mind to set up shop and keep growing your business.

Was this content helpful?

Related content

Sign Up for the PayPal Bootcamp

In partnership with three expert business owners, the PayPal Bootcamp includes practical checklists and a short video loaded with tips to help take your business to the next level.

*Required fields.

We use cookies to improve your experience on our site. May we use marketing cookies to show you personalized ads? Manage all cookies