Not only do companies need to do more to ensure their online commerce offerings are secure, they must educate their customers to help protect them against being defrauded by tricksters to maintain trust in their online brands.
The UK’s national reporting centre for fraud and cybercrime has disclosed new figures which showed £16 million has been lost to eCommerce fraud during the Covid-19 lockdowns.
Action Fraud statistics show 16,352 people fell victim to online shopping and auction fraud during lockdown.
The organisation has received reports of online shopping fraud totalling £16.6 million in losses since shops were forced to close on 23 March due to the coronavirus outbreak.
Members of the public bought the following products where the items never arrive:
- Mobile phones -19 percent
- Vehicles -22 percent
- Electronics (Eg consoles, AirPods and MacBooks) - 10 percent
- Footwear - four percent
Goods were bought on sites such as eBay (18 percent), Facebook (18 percent), Gumtree (10 percent) and Depop (six percent).
Almost a quarter of victims (24 percent) were between 18 to 26-years-old and lived in London, Birmingham, Manchester, Leeds, Sheffield, Liverpool, Bristol and Nottingham.
Ben Tuckwell, RSA Security district manager for the UK and Ireland, said: “The warning from Action Fraud is concerning but not altogether surprising. Unfortunately, fraudsters thrive in times of disruption.
"The recent shift to e-commerce has been critical for both consumers and the economy, but fraudsters have been quick to take advantage too. In fact, in the first three months of 2020, RSA recovered details of over five million unique compromised cards globally."
Tuckwell said that once credentials are stolen these card details are sold on the dark web to other fraudsters who can use them to buy goods.
He added: “During the pandemic, fraudsters also appear to have had growing success targeting mobile applications for fraud - 26 percent of fraud transactions spotted by RSA in the first three months of the year came from this channel, double that of the previous three months.
"As more retailers have guided consumers towards mobile apps as a means to transact, it seems fraudsters have also looked to exploit this shift."
Tuckwell pointed out that while the consumer advice issued by Action Fraud was absolutely correct, banks, card issuers and retailers alike must also step up the war on fraudsters, both in times of crisis and in the future as shopping increasingly moves online.
“Pioneering businesses are already applying machine learning to better predict whether a payment is likely to be fraudulent,” Tuckwell said.
“By looking at hundreds of different data points and assessing whether it is normal or suspect behaviour, banks and card issuers stand a better chance of stopping criminal activity in its tracks.
"As fraud detection gets increasingly smart, only the riskiest of transactions will require additional customer verification, meaning shoppers can purchase online with confidence and ease.”
Pauline Smith, head of Action Fraud, said she was not surprised that there has therefore been an increase in fraud. Smith said: “The global outbreak of coronavirus has seen all our lives turn upside down. With the lockdown being introduced, so many more people are now online shopping, including those who have never done so before.
"It is therefore unsurprising that there has therefore been an increase in fraud being committed.”
Ben Russell, deputy director at the National Economic Crime Centre, said it was working with our partners in policing, government and the private sector to look at ways to design out fraud and help protect the public.
Russell said: “But we all have a part to play in preventing fraud, and a big part of this is down to our own vigilance. When buying from another person online, don’t send money upfront, use a credit card if possible and remember, if something looks too good to be true, it probably is.”
Meanwhile, a recent fraud survey of 2,000 UK consumers that looked at attitudes and experiences around fraud found that:
- 76 percent believe shopping online puts them at a higher risk of fraud
- 50 percent regularly worrying about entering card information online
- 85 percent still made a purchase online in the last month
- 38 percent reported having been the victim of financial fraud, with one-in-five falling victim in the last 12 months
Ian Johnson, managing director of Europe of Marqeta said: “Some 92 percent of people who had been defrauded had been able to get fraudulent transactions removed from their account.
"This means the banks are often carrying the financial burden of fraud. Preventing fraudulent transactions in real-time - before the money leaves the customer account - needs to be a priority.
“The best way to do this is through having cards that have the capacity to ‘think’ and use contextual data to make judgements on fraud during the transaction process, rather than after the fact. The only way to do this is through a modern payment platform.”
Javvad Malik, security awareness advocate at KnowBe4 said that as more people have been turning to online shopping during the pandemic, criminals have increased their activities.
Malik said: "It's therefore, essential people remain vigilant. This includes validating any offer that seems too good to be true, whether that be on unknown websites or through unsolicited emails.
"Users should also be wary about where they sign onto accounts and provide passwords. They should navigate to websites directly and avoid clicking on links in emails to navigate to sites as they may take them to fraudulent sites designed to steal passwords or credit card details."
Martin Jartelius, CSO at Outpost24 said: “This is actually an old and extremely crude fraud. You put something up for sale, you make it sufficiently cheap to create an urgency to pay in advance to create a sense that otherwise this deal will be missed and then the item never arrives.
"The advice, such as using credit cards for payment, is viable for purchases from stores accepting credit cards, but does not work for the individual to individual purchases. Between persons, using escrow solutions such as online payment services that hold money until you confirm receiving the goods is an option if you cannot meet up in person."
Jartelius added that a simple piece of advice that saves a vast amount of those frauds is to require an image of the goods. "Then you use Google image search," he said. "If you find the image, and it’s the exact image you received that is claimed to be the goods, do not complete the transaction."
Paul Norris, senior systems Engineer for EMEA at Tripwire said: "The lockdown was an opportune time for cyber attackers to target vulnerable shoppers with almost everyone restricted to shopping online."