How to protect your online retail business from the growing threat of cybercrime

E-commerce crime is on the rise, with both the number and individual value of fraudulent purchases increasing during the pandemic

PayPal’s latest Digitise & Thrive e-book explains how businesses can protect themselves against cybercrime

Paid Post:PayPal

Reading Time:3 minutes

A boom in e-commerce has led to a rise in cybercrime, with fraud against online retailers on the rise. Photo: Shutterstock

Published: 11:00am, 8 Apr 2022Updated: 5:16pm, 8 Apr 2022

[Sponsored article]

The global pandemic has led to a boom in e-commerce as consumers embrace digital shopping channels. In Hong Kong, 50 per cent of consumers are more confident about shopping online than they were before Covid-19 struck, according to research by KPMG¹.

The surge in e-commerce has not only caught the attention of retailers, but also that of fraudsters, making the need to protect online business more important than ever.

A new breed of fraudster

While it may be tempting to assume online fraud is limited to isolated incidents conducted by hackers working alone, the reality is very different. Cybercrime is increasingly being carried out by sophisticated and coordinated networks of perpetrators.

Globally, fraudulent activities against e-commerce retailers soared by 18 per cent in 2021 compared with the previous year², while each fraudulent purchase was, on average, 70 per cent higher in value than before the pandemic³.

In Hong Kong, cybercrime resulted in HK$2.96 billion (US$380 million) of financial loss in 2020 (the latest year for which figures are available), a 2 per cent jump compared with 2019⁴.

The increase in fraud is leading to more audacious cybercriminal activities that are smart and highly sophisticated, with cybercriminals now having greater access to the requisite technological tools.

Fraudsters’ knowledge of the mechanics of e-commerce enterprises enables them to easily identify and exploit gaps in security systems. These gaps are more likely to occur in small and medium-sized businesses (SMBs) that do not have the same fraud prevention resources as their larger counterparts.

The dual challenge

The challenge for SMBs is further exacerbated by what can appear to be conflicting customer demands. Online shoppers expect e-commerce sites to have watertight security, yet they want a fast and frictionless experience.

If the process takes too long or security leads to a cumbersome customer experience, they simply go elsewhere. Customers are increasingly using their smartphones to access digital platforms, but as they migrate to mobile channels so do fraudsters, with the mobile attack rate reaching 24 per cent in the first half of 2021⁵.

Businesses can protect themselves from cybercrime by building security features into their online systems to protect their company and their customers’ data. Photo: Shutterstock

Staying one step ahead of the cybercriminals

The growth of e-commerce has prioritised the need for businesses to protect themselves from cybercrime; understanding the vulnerabilities of a business and the resources to identify, respond or prevent attack is critical. Building security features into an online business may seem daunting, so what should you do to protect it from cybercrime?

Watch out for suspicious activity

Monitor the online site for any suspicious activity, such as excessive chargebacks or unusual buyer activity, including undeliverable emails and unusually large orders, all of which could indicate unwanted, third-party activity. The PayPal Commerce Platform’s fraud prevention technology, which uses machine learning to adapt to business needs, can help identify suspicious transactions.

Stop cybercrime at checkout

According to research by FIS Global⁶, nearly six out of 10 businesses have seen an increase in fraud due to card-not-present transactions. Despite the risk, many SMBs struggle to put effective payment security solutions in place that could stop cybercrime at checkout.

Encrypt data to keep payments safe

Unencrypted data makes life easy for cybercriminals, giving them access to customers’ credit card details, passwords and other information. With fraudsters on the lookout for easy pickings, it is important to protect data using technology that converts it into secret code. Companies can take this one step further by using technologies such as PayPal’s strong transport layer security configurations.

Update your software

Running outdated software makes it easy for cybercriminals to hack into systems. Providers are constantly updating their systems to stay ahead of the latest threats, viruses and malware. Keeping operating systems up-to-date is one of the simplest ways of protecting your business.

Know your blind spots

While cybercriminals may use the latest technology to commit fraud, they can also behave like old-school pickpockets, targeting businesses when they are most distracted - they often strike on high traffic days, for example during peak seasonal shopping events. The best protection is to be informed and prepared – know the vulnerable spots and be on guard.

PayPal’s latest e-book, Protect Your Business Against Fraud: How to stay ahead in the cybersecurity arms race, offers tips to help SMBs improve their online security. Click here to find out more.

¹Source: KPMG, “Retail’s Realignment – The road ahead for Omnichannel in the Greater Bay Area”. Statistics based on analysis of data from research firms and banks looking at channels, supply chains, customer experience, digitalisation and consumer trust.

²Source: Juniper Research, “Online Payment Fraud: Emerging Threats, Segment Analysis & Market Forecasts 2021 - 2025”. Analysis of trends and challenges of major fraud detection and prevention vendors looking at sectors including air ticketing, digital banking and digital goods purchases.

³Source: Sift, “Digital Trust & Safety Index: Holiday Fraud and the Shifting State of E-commerce”. Data based on analysis of multiple consumer surveys conducted in 2020, and Sift’s global customer base representing over 34,000 sites.

⁴Source: InfoSec, Hong Kong Government Information Security, data collected from Hong Kong Police Force for the corresponding year.

⁵Source: Arkose Labs, fraud prevention and account security, “2021 State of Fraud Report”, analysis of transactions across its global network including trends in new account and account takeover fraud, and targeted industries.

⁶Source: FIS Global, payment services provider, “Mitigating Payment Risk in 2021”, based on analysis of data on payment card fraud, risk management, authentication methods and chargebacks from merchants across 11 countries.

Select Voice

Choose your listening speed

Get through articles 2x faster

1.25x

250 WPM

Slow

Average

Fast

00:0000:00

1.25x