In a lot of ways, the internet is still the wild, wild West. With the right kind of skill and dedication, you can create your own little slice of paradise in the form of a booming eCommerce website. On the other hand, the world wide web is also full of danger. Cyber bandits and hackers lurk everywhere in hopes of breaching data stores and crippling networks. Yes, the wild West analogy seems to fit nicely.
A recent study reveals that identify fraud increased 16 percent from 2015 to 2016, impacting more than 15 million U.S. consumers at the cost of $16 billion. Yet the clear majority of consumers (96 percent) never pay a dime in credit card losses. This makes sense. Obviously, you don’t want to saddle victims with a huge phony payment. Unfortunately, the costs are being absorbed by banks and merchants (including online vendors).
This begs the question: How can eCommerce vendors face down cyber frauds?
Well, the first thing you ought to do is understand what you are up against. Below are a few of the most common attack used against e-stores and what you can do to stop them.
Rinse-and-Repeat Credit Card Theft: Whether you want to believe it or not, stolen credit cards are super easy to find. Thanks to the dark net, hackers can buy large batches of credit card information on the cheap. Once the cybercriminal has these credentials, they will visit your website and make a number of purchases until the card is declined. After that, the dump the defunct credit card and move to the next one. This is known as the ‘rinse and repeat’ scam and it could conceivable cost your business thousands of dollars.
To prevent this kind of thing from happening, be sure to inspect your orders for red flags including multiple orders shipping to the same location.
Distributed Denial-of-Service Attacks: Also known as DDoS, this attack cripples your network by flooding your eCommerce site with an overload of fraudulent web requests; thereby preventing real shoppers from seeing your site. This can lead to business losses and damages to your reputation.
Thankfully, most enterprise eCcommerce platforms offer a robust site infrastructure that can handle excessive traffic requests. Still, it wouldn’t hurt to invest in DDoS mitigation software which detects and blocks malicious traffic from reaching your e-store.
Brute Force: Another sneaky cyberattack launched by fraudsters is automated password cracking, also known as a brute force attack. Essentially, the hacker uses a program to guess at a user’s password hundreds or even thousands of times until – click – they’re in.
There’s basically two ways to stymie these attacks. The first is to advice your shoppers to make better decisions when crafting their password. Coax your customers to use capitalization, symbols, numbers and unique combinations to thwart brute force scammers.
Next, keep a close eye on your network. Be sure to flag (or automatically block) multiple failed login attempts.
Social Engineering Scams: Last but not least, is the social engineering scam. This attack is especially dangerous because it foregoes the high-tech route in favor of hacking you. This can happen in several different ways. Here’s just one example:
Let’s say a loyal customer emails you saying they are unable to complete their transaction “for some reason” and ask to call you over the phone. You chat for a while and agree to force the order using her information on file. You politely hang up, not even realizing that the caller was a fraudster! And you just okayed a big transaction on someone else’s card. Yikes!
If you want to avoid social engineering scams from nefarious actors, you have got to learn the signs. It also would hurt to adopt multifactor authentication (MFA) on all accounts in the form of an emailed or textable confirmation code.
Follow these tips and you’ll be sure to face down the frauds. Saddle up, partner!