Online fraud: how to secure your online business?

Covery Blog / Antifraud, Chargeback prevention, Covery, Fraud prevention, Fraud types / Online fraud: how to secure your online business?

Online fraud: how to secure your online business?

Losses to online fraud amounted to nearly USD 20 billion globally in 2021, according to Statista. It is an increase of over 14% above USD 17.5 billion fraudulent losses reported in 2020. More to say, a recent FTC press release states that US citizens reported above USD 5.8 billion in online fraud losses in 2021. The COVID-19 pandemic left the world economy in turmoil, rapidly increased the intensity of online transactions, and lead to significant growth in online fraud rates. 

How to protect a business from fraudsters online then? Secure business operations are impossible without in-depth anti-fraud tools in place, because you need to minimize the opportunities for online fraud at your website. As an enterprise-grade antifraud system, Covery has in-depth expertise in preventing online fraud for companies from Belgium, Austria, Lithuania, and outside of the EU — USA, and worldwide.

Below you will find a brief list of the 5 most popular online fraud cases, and an overview of anti-fraud tools Covery gives at your disposal to secure your online business.

What is the most common type of online fraud?

Online payments happen with a customer’s banking Card Not Present, so online fraud is called CNP fraud, and the 5 main online fraud types are as follows:

  1. Pure fraud. Also called friendly fraud, it happens when somebody uses their card to order some products or services and then demands a refund claiming they did not authorize this purchase. A kid buying online (allegedly) without their parents knowing is a case of friendly fraud. While such purchases do happen without the customer’s concern in some cases, it is usually just an excuse to defraud a merchant of their products and money.

    The consequence of pure fraud is a chargeback, where a merchant has to refund the purchase and pay for all the expenses associated. While chargeback is not a fraud in itself, it can be quite often used as a tool in online fraud schemes.
  2. Synthetic identity theft. Scammers combine real-world details like SSN, phone numbers, and emails with forged data — fake names, photos, bios. This allows them to remain hidden in case they are caught stealing. Synthetic identities are used in a variety of online fraud scams — from bonus and referral program abuse to fake reviews, spear-phishing, bot attacks, and much, much more.
  3. Phishing. Speaking of which, to build synthetic identities fraudsters need sensitive information about real people. This data can be obtained through phishing (emails with fake links, SMS with links, or voice conversations with fake “bank support staff” or “government officials”). Phishing is as old as online emails and still poses a significant threat, with millions of stolen account details sold on the Dark Web.
  4. Account takeover. Essentially, online fraud of account takeover is the same as real-world impersonation — or robbery of a victim. A scammer gets hold of the account credentials through phishing or buys such details in bulk on the Dark Web, and then uses them to log into all available accounts. Email providers, social media, eGovernment portals, banking accounts, eCommerce shops — you’d be surprised to learn how often people use the same password for all their online accounts. 

    Once the access is gained, scammers can use this account for bot attacks, contacting other people on behalf of the victim, spear-phishing to gain unauthorized access to business-critical systems, producing fake content, etc. — or simply withdrawing the money from the bank.
  5. Triangulation fraud. A more elaborate online fraud scheme, where scammers create an exact copy of an eCommerce website and lead victims there using banners, PPC ads, etc. They can add various bait — lotteries, limited-time gifts, etc.

    Once customers try to log in, their credentials are stored in the database and they are forwarded to a real online store, where they continue to shop. The promised prize can be sent to their address (yet another hook to get more sensitive data for synthetic identities).

    Alternatively, scammers can offer huge discounts on valuable items (“win an iPhone 13 for $10”, yeah…). They will actually buy those items themselves and send them to a specified address. A customer is happy, they got an iPhone for $10. But a fraudster is happier still. After some time, they log in and rob the customers of their money.

Naturally, there are many more online fraud types, like affiliate fraud, where affiliate networks drive fake traffic to your website; or bonus abuse, where multiple sleeper accounts are created and left alone for some time. Then scammers log into all of them and transfer bonuses to one account, enabling them to buy the most expensive item on your referral program.

How can I protect my business online?

Being forewarned means being forearmed, and the best way to protect a business from online fraud is to invest in good fraud prevention software. While you can be aware and be on the lookout for potential signs of trouble, your customers can be much more reckless. You can’t be online 24/7 to protect them — and you will be the one to blame if their accounts at your platform get stolen.

This is why multiple anti-fraud tools like Covery exist. Such software helps protect your business using a variety of approaches. Let’s briefly describe how Covery deals with the online fraud types listed above.

  1. People who commit pure fraud try to stay anonymous, but they still leave various traces online. Covery tracks these patterns using Device Fingerprinting technology, which forms profiles of all devices used to access your platform. These profiles are continuously updated and checked against Trustchain — a global database of reputation records. Should any device identifier match a previously recorded fraudulent fingerprint, you are alerted, so you can make an informed decision. Sometimes it’s best to decline the transaction and block a potential fraudster than accept this payment and end up with a chargeback case.
  2. Covery provides automated synthetic identity theft prevention features. With live video verification tools and access to the latest Dow Jones databases, we are able to perform in-depth automated KYC/AML checks to ensure your customer is not under sanctions or is not a part of PEP/RSA blacklists.
  3. Covery can’t prevent phishing that happens in customer’s email inbox, but we can identify the result. If a fraudster uses stolen credentials to log in, their device fingerprint mismatches the one of a legitimate customer, which alerts a system that an account takeover might be in progress. In this case, Covery initiates an additional check — through 3D Secure 2.0 or any other means appropriate — to verify the customer’s identity.
  4. If an account takeover attempt is in progress (a login from an unusual device, attempt to change the password or initiate money withdrawal at once, etc.) – Covery can help block access to this account and inform a legitimate customer.
  5. With triangulation fraud, as well as bonus abuse, affiliate fraud, and other types of online fraud, Covery uses a behavioral analysis algorithm. This Supervised Machine Learning model coupled with a rule-based risk logic engine can provide granular risk scoring and act according to a variety of pre-configured scenarios, based on the transaction risk score. 

This way, you are immediately alerted of any potential online fraud scheme in progress on your website and have access to in-depth logs and analytics reports to help identify any scams you might have missed.

Conclusions

You should protect your business from online fraud at all costs. After all, even if it does not seem too important at first, a trickle of chargebacks can result in a flood that will dry out your merchant account. And massive data breaches with account takeovers can become tombstones of any successful business, as a plethora of companies learned the hard way.
Covery is an enterprise-grade antifraud system operating in the EU and USA since 2016. We have ample experience in dealing with various kinds of fraud — from Fintechs and dating platforms to eCommerce, microfinance, logistics, and more than 23 industries in total. Covery helps secure online business operations on all customer journey steps — from registration and profile completion to credit card management and payouts.

Contact us for more details — we will be glad to show how Covery can help protect your business from online fraud!