mCommerce is a channel that is growing rapidly for consumers to buy and sell products. mCommerce fraud a.k.a. mobile commerce fraud is becoming a serious problem for online merchants.
People spend more time on the move these days; whether for work or leisure or just plain commuting. Hence, mCommerce is booming as users spend more and more time on their mobile devices. As a result, fraud attacks targeting mobile devices have increased in tandem.
Below, we will cover the types of mCommerce frauds.
Account takeover fraud
Phishing and other forms of social engineering have conned many legitimate users to provide their account login information. For example, forged emails from various marketplaces that state users must login via a link provided to keep their accounts active. The embedded link will send the panicky readers to a fake website resembling the actual online store. There, any login attempts by the users will allow the fraudsters to capture their credentials.
Hackers also have another favorite tactic, which is to get users to install a mobile app to make purchases. The users are told that if they purchase via a 3rd party app, they can get a substantial discount. The app in question is usually a spyware or keylogger that records all of the user’s login actions including their usernames and passwords.
Malicious actors then use these compromised accounts to make purchases. These accounts often have payment methods like credit cards stored, thus making it effortless to make purchases.
True fraud involves fraudsters making purchases from mobile devices using stolen credit card info. Unfortunately, this is the most common form of fraud. The main reason for this is because the dark web is flooded with hackers selling credit card info in bulk cheaply.
In recent years, many organizations have suffered data breaches either from their websites or having their Point-of-Sale (POS) terminals infected with malware. This has led to the customers’ payment information being stolen and resold on the dark web.
Loyalty app fraud
In this type of fraud, the fraudster hacks into the loyalty app to steal gift card credits or credit card credentials. They may also redeem loyalty points for its cash equivalent.
The merchants will suffer heavy financial losses due to chargeback claims filed by the real credit card owners. Merchants need to use fraud detection tools in their online stores to mitigate losses from fraudulent transactions.
Using the FraudLabs Pro fraud screening service, online merchants can severely limit the damage that fraudsters can inflict on their businesses. It is also advisable to utilize the FraudLabs Pro SMS verification as part of a 2-factor authentication prior to any financial transaction.
Best of all, there are ready-made plugins for the popular online shopping platforms.