Criminals are always discovering new ways to target ecommerce firms. Fraudulent exploitation of promotional incentives has increased massively over the past few years, for example. Attackers are also using AI tools to carry out sophisticated social engineering attacks at scale, generate deepfakes that can get around verification systems and automate credential-stuffing attacks. Chargebacks and refund abuse are an ever-present threat too. There are also recent examples of device takeover (DTO) attacks, primarily using Linux, that target high-value ticketed events. Meanwhile, other fraudsters are using various proxy IP addresses and credit card BINS to scam retailers into sending items to reshipper addresses.

All of this fraud comes at great cost. Indeed, one new study from Juniper Research revealed that the value of ecommerce fraud will rise from $44.3bn in 2024 to $107bn in 2029 – an increase of 141%. Retailers are facing a barrage of fraud attempts on multiple fronts – from returns fraud and promo abuse through to chargeback fraud and account takeover,” says Philip Plambeck, managing director at Computop UK, an international payment service provider. “It’s a huge challenge, as they often lack the resources to log and report every fraudulent transaction. The sheer persistence of modern fraudsters only compounds the problem. “Criminals know that if they get away with it once, they will get away with it again,” says Plambeck.