Selling online opens up global markets but small business owners need to be prepared to identify fake orders, avoid credit card fraud and other e-commerce issues.

Business challenges:

  • Fake orders that cost your business time and money;
  • Credit card fraud and customer chargebacks;
  • Hacking attempts to access your customer data or payment records;
  • Attacks that harm your website or prevent it being used by other customers; and
  • Reputational harm caused by any of the above

How to avoid e-commerce fraud and credit card chargebacks

There are some obvious signs to look out for when trying to identify fake or fraudulent online orders:

  • International orders from less well regulated countries in Africa and Asia;
  • Large order quantities for expensive stock items;
  • Popular webmail services where accounts can be set up quickly for free;
  • Poor English or grammar in order emails or messages; and
  • Different credit card and delivery addresses, especially where the delivery is to a different country.

If you suspect an order is fraudulent check with your bank and/or payments processing firm for advice on validating a credit card to see if it has been reported stolen.

It may be some weeks before the card is reported so always try Googling the address for delivery as sometimes scammers use standard order instructions to speed up their payment scams.

Check to see if the name and country have been written about online by other retailers.

If you can, call the buyer and ask to speak to the cardholder about the order – do they sound genuine? Go with your gut feeling but also investigate credit screening services offered by your bank or payments service.

Protect your website

Make sure your website is secure and that customer data cannot be accessed and stolen.

If you have paid a developer for the website then ensure they are aware of common security vulnerabilities and tested the public facing website and backend order management system.

Popular off the shelf e-commerce platforms can become become targets for cyber criminals looking to exploit a large number of websites. Ensure you patch or update your sales software as soon as the provider notifies you of a known security issue.

Other things to consider are:

  • Use strong passwords on the sales or editing system – don’t leave in place a default password.
  • Make sure the server is protected and updated to patch known vulnerabilities – talk to your website host about this.
  • Monitor intrusion attempts made on the website, again ask your web host for advice.
  • Don’t store customer data in plain text on a public web server, especially credit card details. – your bank or merchant provider may require you to meet PCI Security Standards.
  • Consider getting a specialist security firm to penetration test your website.
  • Prepare a plan and investigate services that help you deal with DDoS attacks and ransom demands.

MORE INFORMATION