Global data mining firm LexisNexis released its annual True Cost of Fraud Study for Ecommerce and Retail earlier this year. 该报告试图量化欺诈造成的损失.
它通过计算欺诈损失的每一美元的总成本,包括欺诈本身和与欺诈相关的所有组织成本来实现这一点, including but not limited to investigation, remediation, legal, etc. 报告中确定的趋势可以为我们提供线索,让我们了解欺诈形势的变化以及未来的趋势.
In this year’s report, LexisNexis发现,电子商务和零售业的欺诈成本和数量在2022年大幅增加. Every $1 lost to fraud costs retail and ecommerce merchants $3.75, compared to $3.13 prior to the pandemic and $3.仅去年就有60例,这标志着自大流行开始以来增加了近20%.15 increase over the past year alone.2 据称,这一增长与移动商务的广泛使用有关,并且恰逢2020年至2021年期间在线/移动交易同比增幅最大3尽管疫情正在消退,但这种情况基本持续到2022年. Given the increased convenience of transacting digitally, this trend may slow but is unlikely to reverse.
What kinds of attacks are online merchants increasingly facing?
- Card testing/credential stuffing 当攻击者获得被盗的信用卡信息或帐户凭证时,就会发生这种情况. 欺诈者试图使用这些信息访问客户帐户并进行未经授权的购买. While consumers are the targets of this fraud, 当发现欺诈行为时,商家最终可能会向客户进行赔偿.
- Return/refund frauds These occur when fraudsters request refunds for items, claiming that the merchandise never arrived, is broken or that they intend to return the merchandise. These kinds of frauds are on the rise. CNBC发现,零售商的平均预期回报率约为16%.6% of merchandise during 2021 compared to 10.6% in 2020. It also found that for every $100 in returned merchandise, $10.30 is lost to fraud.1
- Interception fraud 欺诈者使用被盗的帐户将商品运送到欺诈者可以访问的地址. This can be their own address, an address near them, or it could be the actual customer’s address, 在哪里欺诈者打算从顾客家门口拦截商品.
- 许多其他攻击,主要是欺诈者冒充客户.
有哪些策略可以对抗这些类型的欺诈行为? Lexis Nexis recommends several potential solutions:
- Assess the transaction risk. 监视单个帐户的交易模式,查看当前交易是否与以前的模式相匹配,并识别异常情况. This is otherwise known as transaction scoring.
- Authenticate the individual. Verify names, addresses, dates of birth. Use two-factor authentication.
- Authenticate the account. 利用生物识别、数字指纹、面部识别、地理定位等.
Other potential mitigation strategies include:
- Maintain Payment Card Industry (PCI) standards
- Monitor IP addresses; flag and/or block those that appear suspicious
- Make CVV codes mandatory at purchase
所有迹象表明,在未来几年,这类入侵将变得更加普遍,攻击者将开发新的策略来获取敏感的客户信息. 如果商家希望杜绝欺诈行为,他们就必须发挥创造性.
Schneider Downs offers risk advisory, 法务会计和其他bet9平台游戏的零售商和其他业务的消费者组织. For more information, please email us at contactSD@3111427.com.
About Schneider Downs Cybersecurity
施耐德唐斯网络安全实践由提供全面信息技术安全bet9平台游戏的专家组成, including penetration testing, intrusion prevention/detection review, ransomware security, 脆弱性评估和一个健壮的数字取证和事件响应团队. In addition, our Digital Forensics and Incident Response 如果您怀疑或正在经历任何类型的网络事件,团队可以拨打1-800-993-8937,24x7x365.
Want to be in the know? Subscribe to our bi-weekly newsletter, Focus on Cybersecurity, at rainierbeachhs.3111427.com/subscribe.
To learn more, visit our dedicated Cybersecurity and Forensic and Investigative Accounting pages.
1CNBC: 1月25日,梅利莎•雷普科的文章《bet9平台游戏》, 2022
2LexisNexis风险解决方案:“电子商务和零售业欺诈的真实成本研究”. 2022 US & Canada Edition
3US ecommerce grows 14.2% in 2021. Jessica Young, Digital Commerce 360. February 18, 2022
Additional Sources:
LexisNexis风险解决方案:“电子商务和零售业欺诈的真实成本研究”. 2021 U.S. & Canada Edition
Statista:•英国:2019冠状病毒病对杂货购物的影响