Are you preparing for this year's Fraud Friday? Oops. I mean Black Friday. But actually, it is Fraud Friday now. The accelerated e-commerce growth puts the industry at great risk of digital fraud, especially during the holiday shopping season.

Source: Imperva

It has been a very difficult time for retailers in the past two years, no matter large or small. The pandemic-fueled transition to online has caught the security team of retailers off guard. A CROWE study in 2019 reveals that the annual fraud cost to businesses and individuals globally is over $5 trillion. The data was before the COVID-driven online fraud trend. It is more likely to see rising security threats at the end of 2021 as consumers gather online for a bunch of online shopping deals, from Black Friday and Cyber Monday to Christmas shopping.

1. Large and Small Retailers Are Targeted Alike

E-commerce fraud news is overwhelming. Victims range from top brands to startups. Fraudsters target them alike. E-commerce websites are prime targets for attackers, whether large or small.

Source: Forbes

Source: BBC


Big companies usually have a richer experience in risk control than SMEs. There are IT security teams and bot management teams in those companies, however, bot attacks can still damage their businesses, such as the famous PS5 scalping last year. So it is more difficult for SMEs to manage a small business when e-commerce fraud is on the rise.

2. Digital Fraud Is Often Done by Bots

According to an analysis by Imperva on e-commerce cybersecurity risks, 57% of all attacks recorded on e-commerce websites were carried out by bots in 2021, compared to 33% for other industries.

The most common e-commerce fraud that retailers encounter is listed below, based on OWASP Automated Threat Handbook.

  • Account Creation: Creates multiple accounts for nefarious purposes by acting like a different user when carrying out automated attacks.

  • Credential Stuffing: Reuse of stolen credentials via the mass login attempts to see if they match the ones used on the site, leading to account takeover.

  • Scalping: Obtain limited availability and/or preferred goods/services by unfair methods.

  • Sniping: Last-minute bid or offer for goods or services.

  • Denial of Inventory: An automated attack that depletes goods or services stock without ever completing the purchase or committing to the transaction. It significantly cramps online retail businesses by preventing customers from placing orders.

  • Spamming: Malicious or questionable information addition that appears in public or private content, databases, or user messages.

  • Carding: Fraudsters use stolen card information to access batches of credit cards and then repeatedly buy things with the cards on an online shopping platform.

  • Token Cracking: Fraudsters take away the benefit that retailers provide to real consumers through mass enumeration of coupon numbers, voucher codes, discount tokens, etc.

  • Card Cracking: Identify missing start/expiry dates and security codes for stolen payment card data by trying different values.

3. Anti-Fraud Solution for SMEs

SMEs are sometimes short of IT and security capability. They tend to choose an easier way to start their business. Website builders, like WordPress, Shopify, and Wix, etc, are popular e-commerce tools among small and medium retailers. There are multiple plugin options for them to choose from. Compared with self-developed risk control systems and comprehensive bot management solutions, plugins are ready for use and easy to integrate.

Concerning the security of e-commerce stores and SMEs' security capability, plugins are the ideal choice for them. As BFCM is approaching, preventing digital fraud and automated bot attacks becomes the priority of retailers.

GeeTest CAPTCHA Plugin for WordPress

GeeTest offers CAPTCHA v3 plugin for WordPress and it's free to download!

It can be used on

  • Login
  • Register
  • Comment
  • Gravity Form

With features like

  • Permanent free version with limited daily requests
  • Access to exclusive dashboard
  • Technical Support
  • Solution Consultancy
  • Data Retention

GeeTest CAPTCHA Plugin - Slide CAPTCHA

GeeTest CAPTCHA Plugin - Onc-Click CAPTCHA

GeeTest CAPTCHA Plugin - Operation System

Final Words

E-commerce retailers, small or large, are all equal in front of fraudsters. Small and medium retailers should even pay more attention to the potential security threats from digital fraud since they do not have the same security capability as large companies do. While website builders and their ready-to-use plugins offer timely help to them.

GeeTest provides comprehensive anti-fraud and bot prevention solutions to all online retailers alike and helps them to make BFCM a real success.

See our demos here. Or register to get a 30-day free trial.

Start your free trial
Over 320,000 websites and mobile apps worldwide are protected by GeeTest captcha