The Clearsale Blog

How Safe is Your Social Commerce Channel From ATO Fraud?

How Safe is Your Social Commerce Channel From ATO Fraud?

Social media shopping is booming in popularity, as platforms roll out new and creative ways for users to buy directly from posts and merchants use social marketing to attract new customers. From established tools like Instagram Shopping to Snapchat’s new augmented-reality tools for trying on shoes, shades and cosmetics, there’s a lot of creativity and opportunity in the social commerce space. In the U.S., social commerce was worth $26.9 billion last year, and globally it’s projected to grow to more than $604 billion by 2027. Those are appealing figures for retailers who want to grow their ecommerce revenue, as in-store traffic remains low in many places.

Unfortunately, there’s also a lot of opportunity for fraudsters to exploit social commerce through account takeover (ATO) fraud. Merchants who want to grow their social sales channels, protect their revenue and maintain a good customers experience must understand how social ATO fraud happens, how it can impact them and how they can prevent it.

Rise of social shopping

Why is social shopping so popular now? It blends two things most of us have been doing more often over the past year — spending more time on social media and buying things online. Among consumers who use social media, 40% say they’ve bought something through Facebook, while more than 10% also report buying from Instagram and Pinterest.

CMOs report a 24% increase in social media’s contribution to company performance since February of last year as well as a “historic return on their social media investments.” With a low barrier to entry for many shopping features, vast user bases and huge amounts of data on user interests and behavior, it’s easy to see why so many retailers are enthusiastic about social selling.

Where good customers go, fraudsters follow

Of course, when a new sales channel emerges—and especially if it becomes popular with consumers– fraudsters move in as well. And just as social commerce combines social media activity and online shopping, social commerce fraud exploits two potential areas of weakness – social login credentials and comprehensive order screening.

Part of the problem is human nature. Most people are not rigorous about choosing secure passwords. Consider that in 2020 more than 2.5 million people reported using the password “123456” for at least one account. Weak passwords are easy for malicious hackers to guess and easy for password-cracking bots to reveal in a fraction of a second. In practical terms, there’s virtually nothing keeping attackers out of these accounts.

Worse, 53% of people admit reusing the same password for multiple accounts like social media and email. That means that when someone’s login credentials for one account are exposed in a data breach, savvy fraudsters using automated tools can quickly attempt to credential-stuff that information into other platforms to see where else they can break in and take over.

The consequences are easy to see. A 2019 study found that 53% of social media logins are fraudulent, while 22% of internet users report that their online accounts have been hacked at least once and 14% reported they were hacked more than once

There’s another social media fraud risk on the user side: Fully ¼ of all new social media accounts are fake, created with synthetic, false or stolen data. Social media account takeovers put consumers’ personal and payment data at risk, and fake accounts create synthetic fraud risks for merchants.

When customers appear to be authentic, it can make it harder for merchants to detect fraud attempts at checkout. That means that if a fraudster gets past a social accountholder’s login, they may be able to commit fraud with impunity, at least until the accountholder notices and reports the charges.

The impact of social ATO fraud on merchants

Obviously, when criminals get access to victim’s social media accounts, they can use any payment methods on file to make purchases. Fraudsters can also add stolen payment data from the dark web to fake social accounts they create on their own. In both of these cases, merchants who don’t catch these fraudsters before the orders are approved can find themselves liable for costly chargeback fees, in addition to the cost of lost goods.

Overall losses from ATO grew by 15% from 2018 to 2019, according to Javelin’s 2020 Identity Fraud Report, with other reports indicating a dramatic jump in ATO fraud since the beginning of the pandemic. As social commerce’s popularity grows and more merchants sell through social platforms, it’s likely that fraudsters will continue to target the channel.

How can merchants protect themselves against social media fraud?

It’s important for merchants to keep in mind how common social account takeovers are and to avoid relying on a successful log in to authenticate the customer’s identity. Other real-time and historical customer information should factor into order decisioning on social platforms. For example, comparing the customer’s current location, device, behavioral biometric data and purchasing history can all aid in detecting ATO fraud. If a customer who always logs in from their laptop in Iowa and purchases clothing is suddenly logged in from Florida on a phone and buying electronics, the order should be flagged for manual review. That review can determine whether the order is from the Iowa customer, who is buying gadgets while traveling for work, or from an ATO scammer trying to buy items for resale.

Social commerce promises to help merchants grow their customer base, earn more repeat business and generate more revenue. In order to succeed in this channel, merchants need to make sure they understand the risks, know how to properly validate their customers and review flagged orders to ensure that they don’t turn away good orders, while stopping ATO-related fraud.

Original article at: https://www.paymentsjournal.com/how-safe-is-your-social-commerce-channel-from-ato-fraud/

You may also like

Ecommerce Design Elements That Drive Conversions

Ecommerce Design Elements That Drive Conversions

According to a study, 92% of consumers visiting a retailer’s website for the first time aren’t there to buy. About 75% of your visitors will judge your brand credibility based on the design of..

ClearSale Recognized with 2021 Comparably Award for Best Company Outlook

ClearSale Recognized with 2021 Comparably Award for Best Company Outlook

Fraud protection leader ranked among businesses for high employee confidence and successful outlook

Mobile Application and Microtransaction Fraud: What It Is, How to Prevent It

Mobile Application and Microtransaction Fraud: What It Is, How to Prevent It

The exponential growth in digital commerce has made it easier and more convenient than ever for consumers to engage with brands.

One way they’re doing this is through mobile applications. While..

Critical Pandemic Lessons in Mobile Payment Fraud Prevention

Critical Pandemic Lessons in Mobile Payment Fraud Prevention

As the world pivoted to online shopping, work, and learning last year, the timeline for mobile usage growth jumped ahead by two to three years in the first half of 2020. Many retailers rolled out..

QR Code Payments Are Convenient, Great for Distancing, and Targets for Fraud

QR Code Payments Are Convenient, Great for Distancing, and Targets for Fraud

QR code payments have finally caught on in the U.S. after lagging behind adoption in China and other Asian markets. Why the change? The need for contactless payments brought on by the pandemic..

ClearSale Nominated for “Best Business Process Outsourcing” in the NORA Awards

ClearSale Nominated for “Best Business Process Outsourcing” in the NORA Awards

Retail association recognizes ClearSale’s valuable fraud protection services for businesses worldwide.

Advance Strategies to Eliminate Ecommerce Chargebacks

Advance Strategies to Eliminate Ecommerce Chargebacks

What can we expect e-commerce to look like throughout 2021? There's still a lot of uncertainty in the economy, but some strong trends emerged last year that merchants can build upon now as..

Not-For-Profits and Charities Are High-Risk Targets for Costly BIN-Bashing Fraud. Here’s What to Do About It

Not-For-Profits and Charities Are High-Risk Targets for Costly BIN-Bashing Fraud. Here’s What to Do About It

By Ralph Kooi, Australia Country Manager, ClearSale and Matt Humphries, Head of Sales and Marketing, Bambora

As UK Stores Target a Global Audience, Here’s What You Need to Know About Security

As UK Stores Target a Global Audience, Here’s What You Need to Know About Security

The sharp rise of eCommerce has eliminated shopping borders and it's not unusual for hackers to target stores not in their local country to avoid outing themselves.

Want to write
for our blog?

Please review our writers' guidelines
https://www2.clear.sale/press/clearsale-guest-blog-guidelines
and then email guestwriter@clear.sale with your pitch!

Subscribe to our blog