Combatting E-commerce Fraud: Best Practices for Fraud Prevention in Online Sales

With the fast-paced growth of online sales, e-commerce fraud risks are higher than ever. Fraudsters attack online shoppers and e-commerce stores, causing customer dissatisfaction and revenue losses for merchants. Remarkably, the total cost of fraud is on average much greater than the value of the goods sold. Signifyd’s State of Fraud 2023 report claims that every $100 in fraudulent orders results in $207 in tangible losses for online retailers.

To achieve high e-commerce cybersecurity levels, online store owners should take timely and effective fraud prevention steps.

READ: How to Minimize Cybersecurity Risks and Balance Customer Friction for your Online Business

What is e-commerce fraud?

E-commerce fraud is an illegal, deceptive activity on an e-commerce website where a fraudster impersonates a legitimate user to achieve personal or financial gain. In contrast to fraud at brick-and-mortar stores, in e-commerce offenders can use personal and credit card information for online transactions without producing a physical card.

How to detect e-commerce fraud

To be able to combat fraud, e-commerce merchants first need to identify it. Here is a checklist of red flags to help spot fraudulent activities on your e-commerce website.

  • Inconsistent order data (e.g., mismatched zip code and city)
  • Larger than average order volume
  • Multiple orders from different credit cards
  • Repeated declined transactions
  • Orders coming from unusual locations
  • Different billing and shipping addresses
  • PO box shipping addresses instead of physical locations

8 best fraud prevention practices

Merchants around the world are increasingly relying on e-commerce fraud management, with almost 90% of companies finding it very or extremely important to their overall business strategy. By adopting the following best practices, retailers can minimize the risk of fraud for their e-commerce websites.

READ: The FTC Safeguards Rule — Why Your Business Needs to Improve Cyber Security in 2023

1. Implement fraud detection tools

E-commerce businesses can implement ready-made fraud detection solutions to identify red-flag transactions and protect themselves and their customers from fraud. In particular, fraud detection tools enhanced with machine learning capabilities can effectively recognize suspicious account activity, detect the most common fraud patterns and predict fraudulent actions.

2. Comply with the PCI standard

All businesses dealing with online payments have to adhere to the Payment Card Industry Data Security Standard (PCI DSS) to ensure that credit card and cardholder details are stored and processed safely. While the PCI compliance level can vary depending on a business’s transaction volume, all merchants fulfilling the principal requirements will be less likely to suffer from fraud.

3. Use verification software

The verification software helps merchants identify billing, shipping, or card details inconsistencies. For example, an address verification system (AVS) verifies the customer’s billing address against the cardholder’s address filed with the issuing bank. If the addresses don’t match, which happens when fraudsters use multiple stolen cards to order goods to a single address, the AVS declines the transaction or flags it for manual review.

Another verification method involves checking security numbers written on the back of payment cards, such as card verification value (CVV), card security code (CSC) and card verification number (CVN). Store owners can ask customers to submit the security code at the checkout page, making sure the customer has their physical card.

4. Limit order quantities

By analyzing previous sales data, merchants can define the average daily order volume and cash value to set purchase limits. Orders beyond this limit should be automatically blocked to reduce the risk of fraud.

5. Collect proof of delivery

To protect against false claims of non-delivery and refund abuse, e-commerce merchants can cooperate with reliable logistics partners that provide tracking numbers or proofs of delivery like a customer’s signature or photos of delivered packages.

6. Tighten your return policies

Ambiguous return policy terms and conditions can allow scammers to easily exploit the returns system. Therefore, a store’s return policy should describe in straightforward terms what qualifies as a return, what refund options the seller offers (e.g., a product exchange or store credit instead of cash) and how the seller handles the entire returns process.

7. Be particularly alert during peak shopping seasons

Since people buy more from e-commerce stores around Black Friday, Cyber Monday and December holidays, they often overlook security measures. Predictably, fraudsters become highly active during these busy times, hoping merchants won’t be vigilant enough to detect fraud among the skyrocketing number of orders.

Businesses should prepare the staff and fraud prevention system for peak shopping times and be careful when handling rush orders, numerous low-value purchases and possible foreign orders, which all can be a sign of fraudulent behavior.

READ: Top 5 Ways to Ensure Cyber Security During the Holidays

8. Create blocklists

A good practice for warding off repeat offenders is to add customers with unusual activity to blocklists and ban them from future transactions with the e-commerce website. Usually, blocklists contain names, credit card details, shipping, email and IP addresses spotted in suspicious transactions. When the information from a new order matches the list, such transactions will be automatically blocked.

However, this tactic requires caution because a legitimate customer can unknowingly use a credit card previously marked as fraudulent. In this case, blocking the order without explanation can discourage the consumer from returning to your online store.

The bottom line

Modern e-commerce fraudsters can employ an array of tactics, so merchants have to keep modernizing their security methods to keep payments and orders safe. The first step is to implement comprehensive anti-fraud technology to detect and avert malicious actions. Next, e-commerce companies should adopt and closely follow fraud prevention strategies to minimize risks. In the long run, these efforts will enable merchants to protect their customers and revenue as well as the future of their online business.


Stan PopovichStan Popovich is the author of the popular managing fear book, “A Layman’s Guide to Managing Fear”. For more information about Stan’s book and to get some free mental health advice, please visit Stan’s website at