Prime Day is a two-day online shopping event in the US that enables consumers to score great deals and save money. Yet, fraudsters use this opportunity to execute many types of attacks. As we near Prime Day, let’s take a look at fraud trends that eCommerce businesses must be aware of so they can take proactive measures to safeguard their revenues and customers.
Heightened eCommerce activities a cause of greater fraud
Online retail has always been an attractive target for fraudsters, as it provides them with ample opportunities to orchestrate many types of fraud – account takeover, new fake account registration, scraping, and more. The COVID-19 pandemic accelerated this trend with consumers transitioning to eCommerce platforms due to shuttering down of physical storefronts.
Fraudsters followed suit and adopted innovative techniques to take advantage of the increased traffic levels. Online retail was the most attacked sector in Q4 2020, due to high eCommerce activity owing to Black Friday, Cyber Monday, and holiday shopping. This trend continued well into Q1 of 2021 before easing out by spring. The traffic levels on eCommerce platforms – and fraud – have continued to be high since then.
With high-volume events such as Prime Day, fraudsters begin their preparations much in advance to be able to maximize their exploits. Credential stuffing, brute force, and botnet activities are some of the preparations that fraudsters undertake so they can orchestrate automated account takeover attacks. The volumes of account takeover attacks recorded on the Arkose Labs Network registered a 50% spike over the second half of 2020, and a 90% increase in Q4, 2020.
Double-up on efforts to combat eCommerce fraud
Just as businesses are prepping up deals to entice customers, they must double up on their efforts to fight fraud – especially during periods of elevated eCommerce activity. As consumers, especially millennials and Generation Z, increasingly use mobiles for online shopping, businesses must also adopt security measures that provide device-agnostic protection. This is because online retail businesses are obliged to keep user accounts safe as it can harm them through fraudulent transactions, payments fraud, and negative brand reputation, which can, in turn, impact their revenues.
Being aware of the emerging fraud trends and using proactive defense strategies, businesses can sharpen their fight against fraud. Some fraud trends that businesses must focus on include:
Automated attacks: Bots are the preferred means of attacks as they enable fraudsters to scale up their attacks with low investments. Bots can overwhelm networks, hoard inventories, and disrupt operations to cause loss of business.
Credential stuffing: Fraudsters use both bots and humans to drive credential stuffing attacks at scale in order to compromise accounts.
Human-driven attacks: Human-driven attacks have been aggravated with unemployment causing a rise in sweatshop activities. Businesses need to identify the sweatshop locations and activities to be able to better effectively fight them.
Account takeover: Businesses must focus on logins and make pre-authorization decisioning better. They must also focus their attention on identifying account takeover attempts quickly and accurately.
New account fraud: Fraudsters open new fake accounts using stolen credentials and synthetic identities to take advantage of increased traffic levels.
Identity management: The use of synthetic IDs and spoofed SMS verification can thwart authentication and fool defense mechanisms. Furthermore, abuse of Social Security Numbers (SSN) has rendered them unreliable as an identity. Going forward, businesses can use digital methods of ID proofing, especially for customer service.
Phishing: As phishing becomes more sophisticated, businesses must watch out for attempts to target employees and fraud teams.
Adopt a fresh approach to fraud prevention
Traditional fraud defense strategies, however, cannot adequately protect businesses from complex fraud and online abuse techniques. To counter eCommerce fraud trends, businesses need a fresh approach to stopping fraud while also being able to offer a seamless user experience.
Arkose Labs enables online retail businesses to screen every incoming user to spot and filter our bad actors. The Arkose Labs Fraud Prevention Platform uses targeted friction, in the form of adaptive, step-up enforcement challenges, to erode financial returns from the attacks, forcing attackers to move on. To learn how you can achieve a more robust and user-centric authentication to fight eCommerce fraud trends, book a demo today.
*** This is a Security Bloggers Network syndicated blog from Arkose Labs authored by Vanita Pandey. Read the original post at: https://www.arkoselabs.com/blog/be-vigilant-against-ecommerce-fraud-this-prime-day/