E-commerce scams are those scams perpetrated on online marketplaces or online buying and selling platforms. The essence of these scams is to lure the unsuspecting to part with their money either through theft of card information or the purchase of substandard/non-existent goods and services. E-commerce scammers have numerous methods to achieve their goals, below are the most common.
The use of fake websites. The rise of various e-commerce website builders such as Shopify, woo-commerce, Wix, and Magento has made this option more appealing for scammers as they can easily set up e-commerce stores with little or no technical knowledge. Once the website has been set up, the scammer will either put up pictures of non-existent goods or goods with a reduced market price. With regards to the former, the aim of the scammer is to get people to make purchases for goods they will never receive. With regards to the latter, putting up goods with a reduced marker price will drive traffic to the site as would-be buyers search for a bargain. Then their card details will be harvested at the point of purchase.
The use of hacked websites. In this scenario, scammers seek out an e-commerce store and compromise it. This can be done through social engineering an admin to get their login credentials or implanting malware on the admin’s device to harvest such credentials. Once they have access to the website they implant a code on the checkout pages that would harvest card credentials as they are entered. Neither the website admins nor the customers know what had happened.
Account takeover. This occurs on e-commerce websites that have poor security. In this scenario, a scammer takes over a user’s account on an e-commerce store. Since there is poor security, the scammer can use the user’s accounts to order goods after they have changed the delivery address. Once the scammers received the goods, they sell them and obtain the monetary value.
Steps for Protection
- Shop From Only Reputable Marketplaces and Retailers. If you see a deal or offer and the online store is unknown, it might be best to avoid such because cybercriminals have been known to set up fake online stores to hoodwink unsuspecting people. Naturally, any online store in which you want to make a purchase should have a good reputation and should be well known. Always do some research on the store and item and if you want to make a purchase.
- Do not store store your card details on any website. If you are not buying anything, don’t submit your card details.
- Check that the site you are buying from is secured, that is, check for a locked keypad icon on your browser or that the URL begins with https://
- When buying from an e-commerce platform, if possible, opt for cash payment upon delivery.
- Practice Good Cyber Hygiene. Use strong and unique passwords for all your accounts, this can be easily done if you’re using a password manager. You should also consider using a virtual card in which you can fund with only the amount needed for the items you wish to buy. Finally, make sure multi-factor authentication is enabled across all your online accounts.
- Monitor Your Bank Accounts. Make sure alerts are enabled and functional on all your accounts. Also, make sure you have the contact numbers or email of your bank’s customer support in case you need to reach them.
In conclusion, E-commerce frauds are pervasive because of the popularity of E-commerce. As the technology to edge out Cyber fraud develops, so does the technology to create new scams. Therefore, to protect yourself from Cyber fraud, one must remain vigilant and do everything possible to prevent it from happening or minimize its effect if it does happen.
Contributors:
- Oluwaseun Adio
- Abasiama Emmanuel Udo
- Blessing Oyekanmi