The internet has been both a blessing and a curse to society and commerce alike.
And with the news Wednesday (May 8) that a criminal network of over 75,000 fake eCommerce shops has scammed over 800,000 shoppers in the U.S. and Europe, embracing digital innovation while at the same time ensuring payments security is top of mind for businesses, particularly smaller ones just starting their online journey.
That’s because there is a growing juxtaposition where many of the modern tools that are helpful in growing and scaling a small business, like creating an eCommerce site or building a presence across consumer review platforms, are also being used by fraudsters and bad actors for illicit purposes.
Per the report, the cybercriminal network’s fake eCommerce sites processed over a million orders with an aggregate order volume of $50 million during the past three years. Victims accessed the scam web shops hoping for deals on items like designer shoes and apparel, but instead had their credit card information stolen.
This tactic is known as triangulation fraud, and its mechanics are complex, leveraging the interconnectedness of global eCommerce platforms to exploit consumers and businesses alike. At its core, triangulation fraud involves a fraudster setting up fake storefronts on popular online marketplaces or creating standalone eCommerce sites that offer high-demand goods at below-market prices.
Of course, the goods — if they ever arrive — tend to be counterfeit, while equally counterfeit payment pages are used to collect victims’ contact and credit card details.
The sheer scale of the newly uncovered operation highlights the sophisticated methods employed by fraudsters to exploit the online retail ecosystem, as well as underscores the need for businesses to remain vigilant against today’s dynamic threat backdrop.
Read more: How Small Businesses Can Optimize Their eCommerce Efforts
For consumers, the immediate allure of below-market prices on high-demand goods can be tempting, but the risks are considerable. Not only do they end up indirectly supporting fraudulent activities, but they also expose themselves to potential identity theft and financial loss.
For businesses, the impact of this type of triangulation fraud can be devastating, and result in a surge of things like chargebacks that not only affect the bottom line but can also damage a company’s reputation and its relationship with payment processors.
Last week (May 2), PYMNTS spoke with Mike Lemberger, senior vice president, chief risk officer, North American Region at Visa, about triangulation scams as a growing problem. He explained that criminals are “using tools to automate this … They’ve got skimmers set up on their site.
“Larger businesses, they may have some tools inside to prevent fraud and scams … but smaller businesses typically have a little less sophistication,” Lemberger added, emphasizing that Visa is seeing smaller businesses across three main categories being vulnerable: traditional Main Street businesses; online-only stores; and businesses within the creator and content economy.
“If you’re taking payments online, there are vulnerabilities there,” Lemberger said.
Combating or protecting against triangulation fraud requires a multi-faceted approach. Enhanced security measures, such as improved verification processes and fraud detection algorithms, are becoming essential for identifying and preventing fraudulent transactions.
But consumers also play a critical role by remaining vigilant, reporting suspicious activities and avoiding deals that seem too good to be true — and that role makes education and awareness of web shop scams crucial.
Read more: Consumers Dissatisfied by Small Merchants’ Digital Presences
The rise in the industrialization and scale of online crimes is happening against a backdrop where more and more businesses are embracing online sales channels as a growth engine and business pillar.
As PYMNTS’ Karen Webster observed in a feature last fall: “It takes three minutes between meetings to place an order on Instacart — it takes 60 minutes or more to drive to and from the store and shop.”
And PYMNTS Intelligence has found nearly eight in 10 Main Street businesses use online channels, while an additional 16% are interested in implementing them. Moreover, the average Main Street small business generates half its sales via online channels. Main Street retail businesses lead the way, generating 54% of their sales from these channels.
At the same time, according to separate PYMNTS Intelligence in the report, “Fraud Management in Online Transactions, 82% percent of eCommerce merchants have experienced cyberattacks or data breaches in the last year. That’s likely why 95% of eCommerce merchants said they have either begun revamping their anti-fraud capabilities or are committed to doing so soon.
As for consumers, it’s important for them to remember to only give out their credit card and payment information to trusted and reputable vendors and websites.