Cybercriminals take the holiday season seriously, banking on Black Friday, Cyber Monday, and every other part of the shopping season. Criminals try to take advantage of the increased flow of online transactions during the most wonderful time of the year.
This year, consumers spent 6.2 billion USD online during Black Friday, up 23.6% from the same day in 2017. Cyber Monday was again the biggest online shopping day in history, with 7.9 billion USD in e-commerce sales.
Cybercriminals take advantage of the holidays to exploit the poor security habits of unaware shoppers and of unprepared merchants. Online retailers should also heed these warnings to better protect their reputation and extend protection to their consumers. With online fraud, data leakage, and ransomware on the rise, online retailers have ample reason to redouble their focus on how their brands are being used fraudulently by external threat actors across the internet and global mobile app ecosystem to target their customers.
Fraud prevention tips
Prevention for each channel
Avoid approaching fraud prevention the same way across all sales channel. Each channel has its own unique risks. For example, synthetic identity fraud is an emerging challenge for m-commerce. Another example is how card-not-present (CNP) fraud occurs slightly more often on mobile channel.
It is therefore crucial to review your mobile and desktop fraud prevention strategies to make sure they're tailored to each channel's customers, frequently targeted items and most common fraud types.
Make sure that your online shop’s fraud screening capacity will be able to sustain the flow of holiday orders coming in. Avoid skipping manual review in favour of automatically declining flagged orders or letting orders pile up in the manual review queue. If you've had problems keeping up with manual review demands during past holiday seasons or if you'd like to avoid the possibility of delays, consider outsourcing some or all of your manual review to a third party, at least through the peak holiday season.
Fraud prevention programs should not make it more complicated for good customers to buy what they want. Take a look at your false decline rates during the past few holiday seasons to see if there have been spikes during that time. If so, look at how your fraud prevention program handles flagged orders. If you don't have historical data on false declines, make this the year to change that. Understanding your false decline rate and trend is critical to maximizing your revenue.
Ensure that your manual review team's training and skills are on point. Reaching out to customers to check the validity of their orders requires a savvy approach that makes the customer feel taken care of rather than treated as a suspect. Merchants with an international customer base need a manual review team available according to the customers’ time zones and speaking their language. In some cases, it may be more cost-effective and faster to outsource manual review than to hire and train an in-house team with all these capabilities.
Strict shipping procedures
Fraudsters are always looking for new weaknesses to exploit. Shipping is increasingly being targeted. Stolen customer data, including card number, billing address and shipping address, are used to place an order, avoiding raising any flags. After the order is approved, the fraudsters then attempt to get the merchandise re-routed to another address, either by asking the merchant's customer service team or by contacting the shipping company directly. To avoid shipping fraud losses, instruct your customer service team and your carriers to refer all re-routing requests to your manual review team so the order can be rescreened.
Count on cybercriminals to come prepared this year with tricks and wares on all levels of sophistication. From the shallow to the advanced phishing attacks, threatening new banking Trojans, and mobile malware apps designed to facilitate card and online banking fraud.