How to Avoid Frauds & Scams Targeting Ecommerce Businesses
You have worked hard to build up your online business, so the last thing you want to see is thieves and scammers cutting into your hard-won gains. Competition in the world of online business is tough enough without that kind of annoyance to distract you.
Unfortunately people have discovered many illicit ways to separate you from your money, and there’s a huge number of people out there running these scams. Many of the attributes that make ecommerce attractive to merchants also make it attractive to scammers.
Sometimes merchants lose money through inattention, sometimes due to technical issues where the fault is unintentional but still has consequences, and sometimes due to foolishness. The good news is that there are things you can do to cut down the risks.
In this article, we’ll take a look at a few of the more common scams, how they work, and some possible remedies or safeguards.
Case 1 – The Old Switcharoo
How it works: The customer buys something from your EBay store, but requests that you send them an invoice directly from PayPal, citing some weird reason like a problem in the past with EBay. If you fall for this, you lose your EBay seller protection and that’s just the start of your troubles. What happens next is that you receive an email that looks like it’s from PayPal. It tells you the buyer has made the payment but PayPal is holding the funds until you provide a parcel tracking number to the buyer. At this point many sellers send the item out so they can get the tracking number to send to the customer and then collect the money PayPal has on hold. Except that PayPal doesn’t have any money on hold and has no idea what you are talking about.
How the scammer benefits: They get free goods.
How it can hurt you: You lose at least the value of the transaction.
What you can do: Don’t send packages until you receive payment in full. If any kind of escrow is involved, this is organized before the transaction takes place, not during the transaction. PayPal doesn’t like surprises any more than you do. Also you should do as much of the transaction through EBay’s internal transaction system as you can, so that you don’t lose your seller protection.
Case 2 – The Altered Purchase Order
How it works: The buyer saves a copy of your checkout form to their hard drive and modifies the link for the submit button so that it will send the data to their own PHP program which catches all the data your form sends. Next they simply make adjustments to the data and send the modified data to your payment gateway. The customer is invoiced by the payment service for the wrong amount, they pay it, and wait for you to send the goods.
How the scammer benefits: They could potentially get some goods at substantially lower cost and at almost no risk to themselves. If the scam doesn’t work, they can still get a refund.
How it can hurt you: If you don’t notice the “discount”, you’ll be losing money. If you do notice it and take any other action than providing an immediate refund, the scammer can report you to the payment service for fraudulent conduct. The payment service normally takes the buyer’s side in these disputes and may freeze your account while they conduct a lengthy investigation.
What you can do: Always check the order and make sure the price shown is correct. Scammers may try to avoid detection by ordering a long list of inexpensive items at the correct price, and burying the expensive discounted item somewhere deep in the third page of the order. It’s a gamble that you won’t notice the discrepancy. If you detect the scam, send a polite email stating that due to an apparent system error, you are refunding their money and that if they wish to complete the purchase, they will need to make the transaction again. If you do anything else, like reporting them, they can turn it around on you.
Case 3 – The Fake Return
How it works: You have tremendous faith in your products, so you offer a 30 day money back guarantee. A customer make a repeat purchase and then claims that the item was delivered in faulty condition and demands a refund. When they return the goods to you, they send the item they purchased originally, not the one you recently sent to them.
How the scammer benefits: They get a free replacement for a worn out or damaged item that they haven’t taken good care of.
How it can hurt you: You lose the value of the item, and perhaps it could harm your reputation as a seller if you use a service such as EBay to sell your goods (assuming they make the request for a refund official, rather than contacting you privately). Because the item is damaged, you probably can’t even make use of it yourself.
What you can do: This is not an easy scam to combat because it’s hard to prove what they have done. For a start, you shouldn’t issue the refund until the item has been returned, unless there is a policy in place through some service you use which forces you to make the refund before receiving the return. If your product is large enough that you can add a serial number to it, you probably should add a serial number to it. Even if you know for a fact that the customer returned the wrong product, there is not much you can do unless you can prove it to a certainty. Then the customer will say they made a mistake because the products look identical, they will break the second item on purpose and send that back to you for the refund and to avoid prosecution.
Case 4 – The Phony Audit
How it works: This scam can take many forms and can affect any kind of business, but online businesses are more susceptible to it because there are always stories in the media about tax authorities cracking down on ecommerce sites. Thus if you run such a site, you are more likely to believe that you’ve been singled out for an audit. The scammers can be very convincing. They may have spent months building up a dossier on you before making their move, so they’ll appear to know so much already, you won’t feel suspicious about handing over more information.
How the scammer benefits: They get detailed financial information about you, your customers, and your suppliers.
How it can hurt you: You can lose ALL your money. Every last penny. Gone. You could also be liable for loans borrowed in your name (you have to prove you didn’t borrow the money, which can be difficult), and if you’re a public company, your business will probably fold and you could face prosecution.
What you can do: Always verify the identity of a caller, government official or police officer who comes seeking information, threatening you, or accusing you. It may seem rude, but if they are legitimate, they won’t raise any objection to you checking out their credentials. If they have come to see you in person, don’t call the number on their business card, call the publicly listed number of the organization they claim to represent, and take it from there. If they are calling you on the phone, you have the right to ask them for their full name, who they work for, and their contact details. Say that you will call them back, and run a check on the phone number they have given. See if it is really linked to the IRS or the FBI or whoever they claimed to have been calling from. If it is, you can either call them back or start packing for that sudden urgent business trip to Rio.
Case 5 – The Intentional Overpayment
How it works: The customer makes a legitimate purchase from you but intentionally overpays the amount due by a large sum. They then call you and claim they made a mistake calculating the exchange rate and will ask if you can refund the difference. Up to this point, everything seems fine, except they will claim some kind of urgent need like a family emergency, and will request you to wire or transfer the money instantly instead of using the internal refund system of your payment service.
How the scammer benefits: They get your money.
How it can hurt you: You lose money.
What you can do: If you think catching this scammer is going to be easy, think again. That account they made the purchase from wasn’t theirs, and you wired the money to somebody other than the account holder. Your choice is either to not fall for their heart-wrenching tale of woe and insist on using the internal refund system, or insist on full photo ID validation, including a time-stamped selfie of the customer holding their identification.
header image courtesy of Justas Galaburda