What is Ecommerce Fraud?

What is Ecommerce Fraud?

The convenience of online shopping is converting even the biggest proponents of the physical shopping experience. To succeed among fierce competition, ecommerce business owners need to carefully manage all aspects of their business. That includes protecting the company and its customers from ecommerce fraud.

This article explains what ecommerce fraud is and how to recognize different ecommerce fraud types to be able to respond to potential dangers adequately.

Ecommerce fraud is any fraudulent monetary gain on an ecommerce shop. It usually involves using fake or stolen credit card information. The owners of compromised credit cards are typically reimbursed for their loss through chargebacks while the merchant bears the full burden of the scam.

Fraudsters generally target businesses with big profits. As an online business becomes more successful, it faces a greater risk of ecommerce fraud.

Ecommerce Fraud Types

Ecommerce fraud types

Cybercriminals are constantly coming up with new ecommerce fraud techniques so business owners must remain vigilant. Being able to recognize different types of ecommerce fraud helps in their prevention. We highly recommend investing in fraud prevention software, especially for profitable businesses that are more at risk of fraud.

Below we identify and describe 9 fraud types that commonly occur across ecommerce platforms.

Credit Card Fraud

Credit card fraud

Credit card fraud is the most common type of ecommerce fraud. It’s when people use a stolen credit card to make a purchase. Fraudsters also use their own credit cards on an ecommerce website without in fact spending their money. Instead, they manipulate the ecommerce shop and the online payment system.

Friendly Fraud or Chargeback Fraud

Friendly fraudsters are customers who want to get products for free. They use their credit card to make a legitimate purchase but then ask for a chargeback. The chargeback request is usually based on claims of undelivered goods, damaged goods, canceled purchases, or some other reason.

In some cases, friendly fraud is the result of an “honest mistake”, when the customer doesn’t remember the purchase or doesn’t recognize the vendor’s name on their bank statement and requests a chargeback.

Credit card associations track each merchant’s chargeback rate and have monitoring programs for merchants with a high chargeback ratio.

True Fraud or Clean Fraud

True fraud is a form of identity theft in which a fraudster makes a purchase on an ecommerce platform using a stolen credit card. It is also known as a “clean fraud” because the credit card is legitimate, making the fraud difficult to detect.

Account Takeover Fraud

Account takeover is a form of identity theft. The fraudster hacks into a customer’s ecommerce website account and uses it to make purchases, gain access to other user accounts, or withdraw funds.

In the case of account takeover, the customers bear the burden of losing money due to fraudulent purchases. However, retailers lose both credibility and customers due to poor security measures.


ecommerce phishing

Phishing is a type of scam in which fraudsters reach out to people via emails, text messages, or phone in an attempt to gain private information. The fraudsters often pose as a bank representative or other persons of authority and construct a circumstance in which it would be required for the victim to provide personal information.

The most popular types of phishing attacks are:

  • Email Phishing. Phishing emails mimic popular brands or widespread services and attempts to trick the recipient to enter their password or other account details. By providing account details, people allow scammers to gain access to their personal information and credit card data.
  • Clone Phishing. Fraudsters clone popular websites and attempt to trick people into providing personal information.
  • Phone Phishing. In this type of phishing, scammers reach out to their victims via phone calls. They make up a story about an issue with the victim’s online service or bank account. Then, the scammers try to gain personal information pretending they need it to resolve the issue.

Affiliate Fraud

Affiliate fraud occurs when fraudsters manipulate an ecommerce merchant’s affiliate marketing program to increase their commissions without making an affiliate sale. They use fake accounts and create fake websites that they redirect to the retailer website using the affiliate link. Then, the fraudsters employ online bots to click on payable links, or use other methods to manipulate the system and generate commissions.

If you think your online store needs improved security, see our guide on how to secure an ecommerce website.

Card Testing Fraud or Card Cracking

Card testing fraud is when fraudsters illegally obtain access to multiple credit cards but don’t have information about their validity or credit size. They batch test all the credit cards on a chosen ecommerce website, making very small purchases. The purchases are so minimal that merchants and customers often don’t detect them. If the credit cards work, the fraudsters make larger purchases.

Interception Fraud

Interception fraud is similar to credit card fraud, except that the fraudsters use the same billing and shipping address that is linked to the stolen credit card when they make the purchase. Afterward, they use one of two methods to intercept the package: they call the ecommerce store representative or the shipping company to change the shipping address or they wait for the package themselves at the original shipping address.

Triangulation Fraud

Fraudsters creating a fake website

Triangulation fraud takes a little more effort than simply getting a hold of stolen credit cards. First, fraudsters set up an online shop for phishing purposes and set up fake payment forms. Then, they offer expensive goods at bargain prices, attracting many customers.

When customers “make a purchase” through the phishing website, fraudsters use their credit card information to purchase the goods from a real vendor. The customers end up receiving their product but paying for it twice.

Merchant Fraud

Merchant fraudsters create fake websites that offer goods at low prices, but unlike triangulation fraud, they never bother to reorder the goods from the real retailer and send the purchased goods to customers. They just keep the payment.

Mobile Ecommerce Fraud

Mobile transactions make up the largest percentage of all ecommerce sales. They are particularly vulnerable to ecommerce fraud because many merchants haven’t adapted their fraud prevention strategies for small screens yet. Fraudsters exploit fraud possibilities with mobile payment channels that are not adequately secured, which has resulted in a rise in mobile commerce fraud rates.


Ecommerce fraud is rising faster than online sales. Fraudsters are exploiting the advantages of digitalization and an abundance of personal data available on the web.

To secure an online business, ecommerce merchants need to keep up with new ecommerce fraud techniques and continually improve the security of their shop and payment channels.