As more consumers go online to make holiday purchases in November and December, so-called cybercriminals also increase their efforts to obtain consumer information fraudulently, observers say.
The potential for data theft and increased attacks by fraudsters, however, does not deter many consumers from completing online transactions, according to recent survey data.
For ISOs, increased criminal activity targeting payment transactions during the holiday shopping season means they should spend additional time educating their merchant clients about the potential danger to their businesses and customers, says John Bodine, vice president of sales and marketing at Authorize.Net. “ISOs are missing sales opportunities if they don’t know how fraud happens and how they can prevent it,” Bodine says.
Cybercrime activity typically spikes on the Friday after Thanksgiving, known as Black Friday, and the following Monday, known as Cyber Monday, according to Tampa Bay, Fla.-based Sunbelt Software Inc.
“Black Friday and Cyber Monday mark the beginning of the busiest time of the year for consumers, retailers and cybercriminals,” says Alex Eckelberry, Sunbelt CEO. “Cybercriminals feast on the fact that consumers are increasingly participating in e-commerce,” he says.
Indeed, “the overall activity on the merchant side is accelerated during the holidays,” says David Fish, an analyst with Maynard, Mass.-based Mercator Advisory Group. “Because there are so many card orders coming in at an e-commerce site, the law of percentages says the number of fraudulent transactions are also going up,” he says, noting it is the busiest time of year typically for sales and for fraud.
For many merchants, the Internet is not tangible, notes Bodine. “Merchants want customers to feel safe” shopping in their online stores, he says. ISOs without education about fraud and cybercrime, however, “can’t get a merchant to feel comfortable about taking their transactions online. If a merchant doesn’t feel safe, there is no way consumers will feel safe shopping with them,” he says, noting that merchants less likely will sign with ISOs that cannot educate them properly about online security.
Online Purchase
Many consumers will be making purchases online during the holiday season despite potential cybercrime hazards, notes industry data.
Most consumers, more than 90%, intend to shop online during the holiday season, and 60% intend to do more online shopping this year than they did last year, according to a Sunbelt survey of 650 consumers.
Indeed, most consumers prefer purchasing holiday gifts online despite concerns over potential payment-data theft and increased attacks by fraudsters, suggest the results of a recent survey sponsored by Webroot Software Inc., a Boulder, Colo.-based provider of Internet-security products.
Market-research firm E-Rewards Inc. conducted the online survey of roughly 1,600 U.S. consumers on behalf of Webroot in early November.
Most respondents, 66%, prefer to purchase holiday gifts online, but 47% cited concern about fraudsters stealing their payment card or bank-account information, according to the survey. Yet only 4% of respondents would reduce their online purchasing because of strong fraud concerns.
More fraudsters are using phishing Trojans, software that can steal consumers’ payment card numbers, passwords and other information, according to Webroot.
“We see a rise during the holiday season with these,” says Jeff Horne, Webroot director of threat research. Instances of one type of phishing Trojan, known as Stinkbreath, have risen 73% since August, he notes. “The chances of fraud problems are a lot higher during the holidays,” Horne says.
Merchants can help thwart phishing attacks by regularly updating their retail Web sites, says Horne. Phishers regularly send e-mail to consumers with links to fraudulent Web sites constructed to fool consumers into giving personal information. The fraudulent Web sites are intended to look like legitimate retail sites. If a merchant regularly updates its Web site, consumers may be less likely
to give their information to a similar fraudulent site.
Despite continued efforts by fraudsters to tamper with transactions, increased use of antifraud procedures has helped e-commerce merchants reduce the amount of revenue loss to fraud to $3.3 billion this year, an 18% decrease from $4 billion in 2008, according to a recent CyberSource Corp. survey.
CyberSource conducted the online survey of 352 businesses between Sept. 10 and Oct. 7.
This is the first decrease in revenue lost to fraud since 2003, according to the Mountain View, Calif.-based provider of electronic-payment and risk-management products.
“The e-commerce fraud picture has typically been one of worsening merchant losses,” says Doug Schwegman, CyberSource director of market and customer intelligence. “This year, [e-commerce] merchants have won back some ground.”
Roughly one-third of online merchants reported changing businesses procedures, such as implementing automated decision tools to sort purchase orders, to respond to fraudsters.
However, 21% of survey respondents report fraudsters are creating increasingly complex schemes, and 48% believe fraudulent orders appear more like valid orders compared with orders a year ago.
