If nothing else, bad actors perpetrating ecommerce fraud are clever opportunists, and a crisis like the ongoing coronavirus outbreak is proving a perfect opportunity for them to exploit and prey upon unsuspecting sellers and consumers, experts agree.
“The COVID-19 crisis is having an almost incalculable impact across the globe, and we’re still only just starting to understand the potential scope,” said Yinglian Xie, CEO and co-founder of DataVisor, a provider of AI-powered fraud solutions. “Exploitive fraudulent activity is one of the many critical concerns we’ll need to urgently address on an ongoing basis.”
Xie said it’s especially important to understand that when it comes to ecommerce transaction fraud attacks, “different industries and sectors are being impacted (by the coronavirus crisis) in different ways, and that there is no one-size-fits-all response.”
In a recent survey of 1,068 Americans aged 18 and older, payment solutions provider TransUnion found 22% have been targeted by ecommerce fraud related to coronavirus. Overall, TransUnion Global reported a 347% increase in account takeovers and a 391% rise in shipping fraud attempts globally against its ecommerce customers in 2019.
One particular avenue of exploitation is the new practice of contactless delivery, where parcel carriers are no longer requiring a live signature from recipients to help check virus transmission. “This is interesting from a fraud perspective,” said Colin Sims, COO of fraud protection provider Forter. “The shipping address is one of the pillars of data you have, and this chips away at that pillar.”
Sims said perpetrators of ecommerce fraud can access and manipulate the address and identity of a recipient easier when there’s no contact with the driver, and have the drop-off point rerouted, for example, to a different location at an apartment building.
Another problem is the increase in BOPIS as retailers and grocers are fulfilling more orders for in-store or curbside pickup within an hour from home-bound customers. “That turns transactions into much more immediate fulfillment, so retailers really need faster decisioning and more automation across their fraud prevention process,” Sims said.
With so many people working from home, Sims said, ecommerce fraud review teams doing manual checks on purchases to look for anomalies are scattered, making team cohesion and effectiveness more difficult. “From that perspective, work from home is having an impact, increasing friction and distraction,” he said. “We’ve definitely heard from retailers they’ve had difficulty with remote manual reviews teams.”
Gift cards are another problem area to watch, said Uri Arad, founder and VP of product for identity verification firm Identiq. As gift cards have been promoted as a way for consumers to help support struggling retailers with closed stores through the coronavirus crisis, they are a growing target for fraudsters, Arad said.
“Unfortunately, they’re one of the best avenues for fraudsters, as the codes are easy to transfer and get the money quickly,” he said. “It’s another case where both consumers and merchants need to be very careful.”
Arad suggested merchants establish a positive purchaser verification process vs. relying on negative signals. “Every (gift card) purchase can look like an anomaly, so it’s hard to tell the good from the bad,” he said. “This is where positive verification could be helpful. By looking for ways to prove the card belongs to the person making the purchase, it’s a more reliable way to protect from fraud.”
False declines of ecommerce purchase approvals are also on the rise, Arad said, as many fraud detection systems looking for data anomalies “are getting confused, because everything looks like an anomaly.” This leads to more negative customer experiences and often defections to another seller.
“Nothing looks like it did three of four weeks ago,” he said. “There are a lot of statistics and AI systems, resulting in a high number of false declines, which at the same time presents an opportunity for fraudsters.”