New Articles

Realities of eCommerce Fraud – Can you Protect your Business?


Realities of eCommerce Fraud – Can you Protect your Business?

Commerce businesses have a long history of dealing with fraud. Since the first retailer decided to open its business, a malicious actor was there waiting to exploit them and steal their profit. Even though the industry has evolved and expanded to the digital world, the threat remains the same. 

Fraudsters and cybercriminals are constantly looking for new opportunities for their malicious actions, and the development of eCommerce has opened new doors for them. This is why online security needs to become a priority for every eCommerce company that wants to stay in business and protect themselves and their customers from online dangers. By learning to recognize the signs of eCommerce fraud and developing proper strategies for mitigating the problems, you will be able to stop them before they can cause any damage. 

What is eCommerce fraud? 

The term covers different fraudulent activities in which fraudsters and scammers exploit merchants and their customers for their gain. While this causes significant financial loss for the merchant, this is not the only consequence they will experience. Falling victim to an online commerce scam can also cause reputational damage and loss of trust from current or potential customers. Nobody wants to interact with a company they don’t trust can keep them or their data safe. 

With global eCommerce constantly growing and sales expected to reach $5.55 trillion in 2022, the danger will only become greater. As stated, predictions for e-commerce fraud total losses in 2022 were already high at $41 billion, but 2023 will bring a record high with $48 billion in losses globally.

Before you can start protecting yourself from malicious actors, you must know what you will be dealing with. Let’s look at the most common types of eCommerce fraud online retailers will most likely experience.

1. New cybercrime trends taking over the eCommerce world 

Ecommerce is continuously changing, implementing new technological developments to reach as many customers as possible while providing the best service they can and maximizing their profit. But, unfortunately, they are not the only ones changing. Fraudsters and scammers are also constantly evolving their malicious activities. While there are types of fraud that have been present since the beginnings of e-commerce, such as account takeover or card testing fraud, that will most likely remain one of the biggest online threats; new threats are slowly taking over. From application fraud, BNPL fraud to the use of synthetic identities to commit fraudulent actions, new cybercrime trends will soon start presenting more significant danger than we thought possible. 

2. Chargeback fraud

This type of fraud happens when customers purchase a product or service from your website but request a chargeback from their bank soon after. This might be an example of friendly fraud when the item wasn’t what they were expecting or it wasn’t delivered, but more often, it happens due to fraudsters trying to scam you.

Regardless of the reasoning behind the chargeback request, chargeback fraud has a severe financial impact on the company. They will have to pay the chargeback fees, administrative costs, and banking fees while accepting the loss of merchandise and shipping costs. Sometimes, when a business receives many chargeback requests, their account provider might cancel their contract, considering them high risk. 

3. Card testing fraud

Card testing fraud happens when fraudsters gain access to stolen credit card information and use your website to determine if they work and if there are any funds on it. They use stolen credit card details to make small and low-value purchases, which are harder to notice by either a merchant or cardholder. Once they confirm the card is working, they continue making bigger purchases on your and other eCommerce sites.

Because they are making small purchases, they often go undiscovered until they start making bigger purchases. When anyone gets the chance to react, they can already get away with a significant amount. 

4. Account takeover fraud

Account takeover is a type of identity theft that happens when fraudsters gain access to a customer’s online account and use it for their own advantage. Once they manage to get access to the account through illegitimate means, such as a phishing attack or buying their details from the dark web, they will have their hands free to do anything they want with it. Their options are limitless, from using the account details to breach other accounts that might share the same login details to making purchases or withdrawing funds. 

5. Triangulation fraud

This type of fraud is a severe issue for any kind of eCommerce business. It happens when fraudsters create a fake site or ads that sell your products for a lower price. After the customer purchases that item, fraudsters gain access to their payment details they can use for further fraudulent actions. They use a separate stolen credit card to buy the item from your site and ship it to the customer. Customers receive the item without realizing their payment details are compromised; fraudsters get away with the money while the merchant needs to deal with the aftermath. 

How can you protect your business?

A prevention strategy in place is a must-have for any business dealing with online payments as it takes the whole payment ecosystem to fight it. By detecting and preventing fraud before it even happens, you can ensure your customers’ safety while avoiding any financial loss. 

1. Familiarize yourself with warning signs

The best step for protecting your business from fraud is to identify it before it can cause any damage. Keep an eye on the following red flags, and you will have a better chance of doing it: 

  • Low-value transactions that might indicate credit card testing
  • Customers using different cards for several purchases 
  • Several declined transactions
  • Higher order volumes
  • Billing and shipping address not matching
  • Unusual IP locations

While these potential red flags might just be a legitimate customer having a problem with their card or purchasing a present, it is always better to be safe than sorry when it comes to cybersecurity. 

2. Make sure you have clear and easy-to-understand policies on your website

While you might think that nobody reads your security policies, the truth is that fraudsters are very much interested in them. For example, a badly worded return policy can open the door to various fraudulent activities. Your policies need to clearly state how your business works and your terms and conditions without leaving any space for misunderstanding, especially regarding the refund policy and password policy.

3. Use fraud detection solutions.

Cybercrime is constantly evolving, and it is becoming harder and harder to stay ahead of cybercriminals. To keep up with them and fight back, you must also evolve to give yourself a fighting chance. Many businesses simply do not have time or resources to conduct their own cybersecurity procedures, such as manually checking every transaction, and luckily they don’t have to. Implementing efficient fraud detection solutions can detect, identify, and prevent fraud in real-time.

4. Limit your orders.

Determine your standard order quantity and amount of money spent on average transactions, and limit any order that goes over those numbers. You can either block them entirely from purchasing on your site or contact them with the request for additional verification

5. Request proof of delivery 

Request proof of delivery from your delivery partner for every product you sell to ensure your customers have actually received their items. This can significantly reduce the number of chargeback requests from customers claiming they never received a product.


Ecommerce fraud is here to stay, especially with the growth the eCommerce industry will continue to experience. Start taking steps in the right direction to protect yourself from fraudulent activities, especially new cybercrime trends. 

About the Author

Ana Galic is a freelance writer with interests in all things technology such as IoT, fintech trends, big data, machine learning, and cybersecurity. In her free time, Ana is an avid bookworm who enjoys traveling and exploring new places and activities while staying busy with her lifestyle and parenting blog.



Business Betrayals: Protecting Yourself From Workplace Treachery

Betrayal in business can come in many forms.
A supervisor who gives specific directions for a project, then lays the blame squarely on you when things go awry. An employee who fails to inform you of a high-end client’s unhappiness, leaving you blindsided and feeling the CEO’s wrath when the client cancels a contract.
In such scenarios, the person betrayed can feel angry, devastated and perhaps unsure whether to ever trust anyone again, say Elaine Eisenman, PhD, and Susan Stautberg, co-authors of Betrayed: A Survivor’s Guide to Lying, Cheating, & Double-Dealing. These two successful business women say they themselves have experienced betrayal professionally and personally.
“In all relationships we trust others, believing that while they will look out for their own best interest, they will also respect ours,” Stautberg says. “Unfortunately, that’s not always so.”
In business, there’s no guarantee that even a good friend or family member deserves your confidence.
“Regardless of how well you know someone, treat any business arrangement with due diligence,” Eisenman says. “Motives can be hidden, even with the best of friends.”
So, how can business leaders and their employees avoid betrayals that can harm them and their organizations? And how should they handle the fallout if they are betrayed? Eisenman and Stautberg offer a few suggestions:
Learn to trust wisely. Blind trust can make you an easy target because you ignore the potential for human nature’s darker side, Stautberg says. But it’s also ill-advised to assume no one can be trusted ever. What you’re after, she says, is “wise trust,” which allows you to weigh each situation, assessing whether there is low or high probability of betrayal.
Listen to what your gut tells you. So-called “gut feelings” act as an early warning system. “Ignore those feelings at your own peril,” Eisenman says. She shares the story of a woman named Ingrid, a chief finance officer in the public sector who was involved in the recruiting of a comptroller who came highly recommended. Ingrid preferred to handle reference checks herself, but that was HR’s job so she backed off, even though something told her this job candidate’s credentials were too good to be true. She shouldn’t have ignored her instinct because after he was hired the comptroller was charged with white-collar crimes committed in another state. For Ingrid, this became a triple betrayal – by colleagues who tried to make her the scapegoat, by HR, who didn’t perform a thorough background check, and, of course, she was betrayed by the man she hired.
Don’t seek revenge immediately – if at all. Planning revenge continues to provide the betrayer with power over you rather than allowing you to take that power into your own hands. It’s more productive to distance yourself from the betrayal and shore up your emotions with rational thoughts. That will help you begin to derive lessons from the traumatic event.
If you are betrayed, there is no need to beat up on yourself. “It is critical to recognize that what you are feeling is completely normal,” Eisenman says. “If you blow the event out of proportion, exaggerating its impact on all aspects of your life, you’ll only postpone your recovery.”
“The key to moving forward is self-compassion,” Stautberg says. “Get yourself to a safe space, both physically and emotionally, and get some sleep. Being rested will help you think clearly and you’re going to need your wits to survive.”
Reactions to stress differ. So, don’t worry if your immediate reaction includes anger. Try to balance it  and take the energy to hold onto your power. Surround yourself with friends. Have the courage to move forward and leave the past behind. Learn to pivot. Eisenman and Stautberg discovered that the formula for success is creating a new positive, self-confidence about work and informed risk taking.  Learn how to BOUNCE – Be Bold, Optimistic, Undaunted, Nimble, Courageous, and Empowered.
Elaine Eisenman, PhD, co-author with Susan Stautberg of Betrayed: A Survivor’s Guide to Lying, Cheating, & Double Dealing, currently serves as an independent Board Director for DBI, Inc. (NYSE), as well as for AtmosXR and Miravan, both privately held companies. She is the Managing Director of Saeje Advisors, LLC, an advisory firm for high growth ventures. Former Dean of Executive and Enterprise Education at Babson College, she works closely with CEOs and their executive teams to create cultures that accelerate growth. She is a frequent speaker on the topic of turning risk into opportunity.
Susan Stautberg is Governance Advisor to the portfolio companies of Atlantic Street Capital, a private equity firm. She is also President and CEO of PartnerCom Corporation and Chair Emeritus of the WomenCorporateDirectors Education and Development Foundation (WCD). Susan addresses groups around the world, including leading business schools and CEO conferences. She has written or been featured in numerous articles including The New York Times, The Wall Street Journal, and The Financial Times and her on-air experience includes Oprah, The Today Show, CBS Evening News, CNN and many others.

4 Limitations of the Three-Way Match You Need to Consider

The three-way match, which cross-references invoices, purchase orders, and receiving documents before issuing payments, has been considered the industry-standard procedure in accounts payable departments for years—until now. As businesses become more sophisticated, there are far more data points to confirm the validity of an invoice. Does it include all early payment discounts? Are the payment terms (net 30, net 60) enforced? Unfortunately, many accounts payable departments don’t have the time or resources to manually check these items, and are unknowingly being overcharged for services that they didn’t receive, or products that aren’t for the negotiated rates or terms.

Below are four reasons the three-match is no longer enough to prevent overpayment or fraud.

1. The three-way match can’t check multiple data points

Again, the three-way match only verifies price and unit numbers across invoices, purchase orders, and receiving documents, but it doesn’t check critical information like volume discounts, payment terms, delivery times, transport conditions, chain of custody, service-level agreements, and more. These data can affect your bottom line: longer payment terms help you improve cash flow and maximize profits.

2. The three-way match doesn’t confirm that services were actually performed

Because of its limited sources of data, the three-way match doesn’t integrate with business systems to verify key fob swipes, messages sent, or software licenses. This data is important for creating a profile of contractor and service provider activity levels so you can make sure you’re actually receiving the work you’re paying for.

3. The three-way match still leaves you open to fraud

And outright fraud is a big problem. Aware of the sheer volume of invoices many business receive, clever criminals can thwart the three-way match by creating fictitious companies, enacting phishing scams, billing for products that were never delivered, overcharging for products, or inflating shipping charges. The three-way match won’t catch fake merchants, billing errors, or violations of payment terms.

4. The three-way match doesn’t check employee expense reports

Even if the three-way match works fine for your purchasing department, it won’t catch employee expense reports, which are processed through their own system, completely separate from AP. The average enterprise deals with thousands of expense reports each quarter, often overwhelming human auditors who may miss high-risk expenses and common misconduct like duplicate charges and mileage padding. The three-way match offers no visibility into questionable employee spending.

Address the shortcomings of the three-way match with artificial intelligence  

The good news is that there is a solution for the limitations of the three-way match: Star Match, which uses artificial intelligence to cross-check the accuracy of documents and transactions—including expenses, invoices, —against AP systems, contract management, and expense reporting software; internal business systems data; and external signals from online sources.

To help ensure that you’re receiving the products and services you paid for, Star Match cross-references business data from email, messaging, badge access, sensor data, and system logs, as well as external online data to verify work activity, software license usage, shipping documents, and more. We match these data points to your contracts, invoices and any other documents to verify everything is correct. Because AppZen integrates with your expense automation system, Star Match matches across expense reports as well—the only solution to do so—helping you spot errors, waste, and fraud.

With AppZen and our AI platform powered by Star Match, you can enforce contract terms every time you receive an invoice, helping you better manage contracts and control spending.

Josephine McCann is a Senior Marketing Associate at AppZen, the world’s leading solution for automated expense report audits that leverages artificial intelligence to audit 100% of expense reports, invoices and contacts in seconds.