Fraud abroad: How SMBs can expand globally and stay secure

February 14, 2022 10:36
Photo: Reuters

One in four consumers will continue to shop from foreign online stores, even after the pandemic, according to a recent Ipsos survey of 13,000 respondents across the world’s biggest eCommerce markets. This shift illustrates that the time is now for all merchants to ensure their business is adaptable to the new digital economy, and ready to compete for the more than 4.28T USD global online retail market that’s expected to rapidly grow in the coming years.

The COVID-19 pandemic greatly accelerated a digital wave of change across almost every industry by three to five years. At the same time, this digital wave also presented an almost ideal scenario for online fraudsters to exploit the fear and confusion created by the pandemic as an opportunity to prey on both vulnerable consumers who are new to online shopping and the companies who are serving them. A recent survey of 632 business leaders in the U.S. by the Ponemon Institute and sponsored by PayPal revealed that businesses were losing an average of $4.5 million a year due to fraudulent transactions. Other studies have even noted that cybercrime has become the third-largest economy behind the U.S. and China and will grow to cost the world $10.5T annually by 2025.

While there are various fraud scenarios and tactics plaguing businesses, most efforts by fraudsters are simply taking advantage of the lack of cyber hygiene. For example, criminals use basic techniques like phishing and smishing to attack both small and large companies and illegally acquire financial credentials or personally identifiable information. Unfortunately, SMBs are frequently the target of these kinds of attacks due to lack or limited resources dedicated to fraud protection, and those that sell internationally can be exposed to even greater threat vectors if they do not take the necessary precautions.

What SMBs Can Do to Help Protect Their Customers And Their Business?

Although the potential for fraud is high in online transactions, by putting the right tools and processes in place, merchants can help keep their business and customers secure, while also reducing chances of drowning in chargeback fees and lost revenues. Below are seven tips to help get started.

Stay Alert. Watch out for suspicious signs, such as an order being larger than normal or receiving an unusually large number of international orders within a short period of time. Other red flags include orders consisting of multiple requests for the same item or several orders from different customers shipping to the same address.

Use an address verification system (AVS). AVS compares the numeric parts of the billing address stored within a credit card to the address on file at the credit card company. This is a fraud tool included in most payment processing solutions but check with your payment processor to be sure it is supported. Be suspicious if a customer asks to change the shipping address after the order has been paid for. Criminals may ship orders to freight forwarders, shipping companies, P.O. boxes or vacant properties so they can remain anonymous.

Require the card verification value (CVV). You are familiar with this three- or four-digit security code printed on credit cards. What you might not know is that Payment Card Industry standards prevent you from storing the CVV along with the credit card number and card owner’s name. That is why it is so effective – it is virtually impossible for fraudsters to get it unless they have stolen a physical credit card. Most processors include a tool to require CVV as part of their checkout templates. Use it.

Use up-to-date software. Make sure you are running the latest version of your operating system (OS), as OS providers continually update their software with security patches to protect you from newly discovered vulnerabilities, as well as the latest viruses and malware. Similarly, install and regularly update business-grade anti-malware and anti-spyware software (free, limited-feature and consumer-strength anti-virus software are not sufficient) to prevent attacks that exploit outdated software vulnerabilities. Leverage software that triangulates customer location with the delivery and billing address.

Educate your customers and your employees. Educate your customers on how they can shop safely with you by not using the same password on multiple sites and prompt them to use a complex password on your site. New online shoppers can be very inexperienced and need to be reminded of security basics. Also educate your employees on the importance of protecting customer data, as criminals look for weaknesses both in systems and people.

Choose the right payment provider. Find the balance of consumer trust, hassle-free experience and protecting your business.

Collaborate. Fraud protection should be done in partnership with in-house expertise and industry partners. Collaboration can improve the time to detection, ultimately reducing the financial and brand costs. If you are affected by fraud, do not hesitate to report it to the authorities.

Ultimately, fraud management is not only about managing your financial exposure or loss of goods. In today’s economy built on consumer trust, it is critically important that your customers can feel confident and safe when they shop with you.

-- Contact us at [email protected]


SVP, Head of Global Fraud Risk, Digital Identity, and Platform-as-a-Service at PayPal