Fergal Parkinson
Published on: August 22, 2021
Whilst scam calls and texts are not a new phenomenon, what has been is the massive sudden increase in individuals and companies being targeted over the past year and a half. The aims of the bad actors and the harm acted out upon innocent victims bring into play almost every single one of Dante’s named circles of hell in one fell swoop.
Millions of people have been forced into switching from brick-and-mortar shops to online and so many are totally new to this online game — both perfect factors for bad actors looking for some easy fraud action.
The COVID-19-led explosion in online sales has resulted in huge growth of the eCommerce market, both in terms of revenue and the number of users. The revenue of the European eCommerce market alone was expected to hit US$465 billion, some 30% more than before the pandemic struck. By 2025, Europe’s eCommerce segment was forecast to reach almost US$570 billion.
But without the wisdom of experience, and throwing a lack of confidence into the mix — heightened further by the fear created by the pandemic — you have a recipe for millions of confused people. Faced with unfamiliar threats, consumers are more vulnerable than ever and enterprises too are at ever-increasing risk.
As online shopping continues to grow, so does the risk of eCommerce fraud. Cybercriminals use sophisticated tactics to exploit vulnerabilities in digital transactions, leading to financial losses and reputational damage for businesses. Understanding the most prevalent types of eCommerce fraud is essential for implementing effective fraud prevention strategies.
CNP fraud occurs when a fraudster uses stolen credit or debit card information to make online purchases without physically presenting the card. Since eCommerce transactions do not require a physical card, merchants must rely on authentication measures such as 3D Secure 2 (3DS2) and mobile identity verification to detect unauthorised transactions.
Chargeback fraud happens when a customer disputes a legitimate transaction, claiming they never made the purchase or did not receive the goods. This leads to forced refunds from the merchant, even if the order was fulfilled. Implementing strong authentication, real-time fraud monitoring, and dispute resolution tools can help businesses reduce chargeback fraud.
In ATO fraud, cybercriminals gain access to a customer’s eCommerce account using stolen credentials from data breaches or phishing attacks. Once inside, they can make unauthorised purchases, change shipping details, or steal stored payment information. Multi-factor authentication (MFA) and mobile number verification are critical in preventing ATO fraud.
Refund fraud occurs when a fraudster manipulates a retailer’s return policies to obtain refunds for items they never purchased or returned. Some tactics include using fake receipts, stolen payment details, or falsely claiming an item was never delivered. Retailers can combat refund fraud by implementing order tracking, proof of delivery requirements, and transaction monitoring.
Synthetic identity fraud involves criminals creating fake identities using a combination of real and fabricated personal information to open eCommerce accounts, apply for store credit, or make fraudulent purchases. Detecting synthetic identities requires advanced identity verification techniques, such as mobile intelligence and AI-powered fraud detection.
Fraudsters exploit eCommerce promotions, discount codes, and loyalty programmes by using multiple fake accounts or automated bots to claim benefits repeatedly. Businesses should implement customer verification tools and fraud prevention algorithms to detect and prevent abuse of loyalty and promotional offers.
Cybercriminals are targeting organisations they consider to be less well defended in hopes of securing larger ransomware payments. Most highly prized are sensitive customer and employee records containing personally identifiable information such as medical files, credit card numbers, social security numbers and driving licence numbers. According to the Identity Theft Resource Center (ITRC), professional services and manufacturing and utilities have seen the most significant rise in data compromises. These can catastrophically damage brand image as well as the bottom line.
Educating consumers and other stakeholders is definitely a start but only gets you so far. To have any real chance of reining in data breaches and related fraud, stakeholders from across the ecosystem must work together in a concerted, cohesive manner. To stay one step ahead of the dynamic threat vectors at play, mindsets need to change and systems need to be made available that even the smallest of organisations can understand and implement.
Our Verify range of products offers a low-friction route to protect yourself from the ever-increasing dangers of fraudulent transactions and account takeover. Using data from live network queries and direct from mobile network operators, Verify provides you with critical intelligence around a mobile number, allowing you to match real-world attributes such as a name to a supplied mobile phone number.
Talk to us today about how TMT ID can help protect your business.
Last updated on June 24, 2026
We provide the most comprehensive device, network and mobile numbering data available
Contact us > Chat to an expert >
