The Clearsale Blog

How Social Media Hacks Compromise Your Fraud Protection Efforts

How Social Media Hacks Compromise Your Fraud Protection Efforts

In January 2021, a cybercrime intelligence CTO discovered a database of leaked Facebook data that had been hacked two years prior. The database contains more than 533 million verified Facebook records from 106 countries, including over 32 million records on users in the US, 11 million on users in the UK, and 6 million on users in India.

The hacked data includes users’ phone numbers associated with IDs and full names, locations, birthdays, bios, and some email addresses. For cybercriminals, this is a treasure trove of information they can use to impersonate or scam the users in the database. And because it’s been posted on a low-level hacking forum that is both unlimited and ungated, anyone with basic technical skills will be able to access the data.

 

What Does the Facebook Data Breach Mean For Your Ecommerce Business?

The bad news? It’s very possible one of your existing or potential customers’ data has been compromised. But, short of looking each of them up in recently published utilities, you won’t know for sure. And while a recent ClearSale Consumer Behavior study reported that some consumers can be forgiving about fraud, your business could still be at risk.

In the study, all respondents indicated that transaction security was an important factor for their purchasing decisions, placing a high value on a merchant having fraud protection practices in place.

Data security perception

What’s interesting, though, is the same consumers didn’t seem to appreciate the value of data privacy – a key factor in preventing data breaches – as much as fraud protection. This may indicate a disconnect in understanding the link between their compromised data and online fraud.

Why ANY Data Breach Spells Danger for Ecommerce

Data breaches like this one, where payment data isn’t compromised, naturally have less of an impact on ecommerce than a bank data breach.

That doesn’t mean you’re in the clear, though: Customers often use the same login credentials (or at least the same passwords) across accounts, whether it’s social media, bank accounts, or ecommerce accounts.

Customers often use the same login credentials (or at least the same passwords) across accounts, whether it’s social media, bank accounts, or ecommerce accounts.

Fraudsters program bots to use those credentials for account takeovers (ATOs), one of the most common types of ecommerce fraud. They can impersonate legitimate account-holders using those bots to replicate legitimate user behavior, change passwords, and redirect all communications away from legitimate users.

From there, the sky’s the limit. When banks and credit card companies call or text “account holders” to notify them of these changes, everything checks out. And in the meantime, fraudsters are ordering as much merchandise as they can, and may even sell the account data to other fraudsters so they can get in on the action.

So, how do you keep your customer data safe?

 

How to Protect Your Ecommerce Site from Hackers

The tricky thing is that hacks can take different forms. You might have your customer database locked down tighter than Fort Knox…but then a hacker gains access to your main page and launches a redirection attack, causing visitors and customers to click on legitimate-looking (but malicious) login links—resulting in your customers unwittingly giving their login credentials to cybercriminals. Hackers may also create and approve ads using your Ads Manager to promote malicious content, costing you thousands before you can take action.

If this all feels like a giant game of Whack-a-Mole, you’re not alone. Plus, a successful hack can cost you time, money, and the trust of your customers.

To protect your online business, you’ll need to put some measures in place.

Create A Data Breach Incident Response Plan 

First and foremost, create a clear plan with instructions to follow in the event of a security incident. This will protect all stakeholders – customers, employees, investors, etc.

Ideally, plan for a few different levels of severity, including the worst case scenario. If that worst case never happens, great. But if it does, you’ll be very relieved to not have to come up with a plan on the fly.

Keep in mind that your plan will need to include reporting any hacks to the Federal government if a recently proposed executive order is signed, which requires reporting by all companies, especially those in the public sector. The increase in data breaches and online fraud has been noticed and is being addressed at the highest levels.

Stay Aware of Other Data Breach Incidents

A breach on another ecommerce site can affect yours since people use the same e-mail and password for multiple accounts. When you hear about a breach, be on the alert for a spike in orders and consider ramping up your manual screening.

Don’t Forget About Your Business Social Medial Page

Make sure to protect your social media business page from hacking by following these steps:

  • Use Virus Protection - Make sure every page administrator has virus protection installed on your computers and keeps the software up-to-date.
  • Protect Access to Your Account - You’ve heard the warnings about password selection and making it unique. This is exactly the reason why. Take advantage of two-factor authentication wherever possible as well. Much like a good lock on your door, it may not keep the most determined criminals out, but it will at least act as another layer of deterrence.
  • Pay Attention to Unusual Activity and Alerts - You may receive notifications about phishing attempts and security recommendations. Don’t ignore them – they offer valuable information to help you guard your page from hackers. On the same note, report any suspicious activity and flag users that behave unusually.

 

Overwhelmed? Consider Working With a Solutions Partner

With the technological advancements and criminal ingenuity we see today, data breaches will continue to happen and create more opportunity for online fraud.

The good news is you don’t have to fight this battle alone.

Your best bet to protect your ecommerce store is to work with a partner that not only has the experience to detect fraud and identify fraudulent patterns, but who also stays on top of global intelligence about fraudsters and hackers.

ClearSale’s solutions are used by online merchants around the world, giving us a unique view of the industry and a massive database of transactions that can be used to detect fraudulent patterns long before any single merchant could identify them happening to their online store. For assistance in protecting your ecommerce business, reach out to us for more information.

New call-to-action

You may also like

Ecommerce Platform 101: How to Select a Suitable Solution

Ecommerce Platform 101: How to Select a Suitable Solution

The ecommerce market is highly competitive and it can be daunting to start your ecommerce business. However, being aware of a few fundamentals can help you set the foundations for a successful..

How retail companies are reducing friction in online and offline transactions

How retail companies are reducing friction in online and offline transactions

For some time now, consumers have been moving toward demanding more frictionless payment methods across online and offline channels. 

How are online and offline transactions becoming more frictionless?

How are online and offline transactions becoming more frictionless?

For some time now, consumers have been moving toward demanding more frictionless payment methods across online and offline channels. The social distancing and sanitizing practices brought on by..

eCommerce Marketing Podcast – eCommerce Trends with David Fletcher

eCommerce Marketing Podcast – eCommerce Trends with David Fletcher

Welcome to the e-commerce marketing podcast, everyone. I am your host, Arlon Robinson. And today we have a very special guest, David Fletcher, who is the Senior Vice President at ClearSale, which..

How E-Commerce, M-Commerce and S-Commerce Are Setting New Customer Experience Standards

How E-Commerce, M-Commerce and S-Commerce Are Setting New Customer Experience Standards

After 2020’s big shift to e-commerce and a year’s worth of rising expectations for customer experience (CX), what’s the state of CX in digital commerce now? It’s a question worth asking because 87..

ClearSale Marks Commitment to Growing Online Jewelry Industry with Events and Guide

ClearSale Marks Commitment to Growing Online Jewelry Industry with Events and Guide

Fraud protection leader provides resources to support the rapidly expanding global ecommerce jewelry market.

The Difference Between CX and DX and Why They Matter in Ecommerce

The Difference Between CX and DX and Why They Matter in Ecommerce

This post was written by David Fletcher, a senior vice-president at ClearSale.

We talk a lot about CX (customer experience) and DX (digital transformation) in ecommerce, especially since the ..

What Effective eCommerce Fraud Screening Looks Like Now

What Effective eCommerce Fraud Screening Looks Like Now

We’re starting 2021 in a very different place from where we started 2020 in terms of ecommerce growth and fraud prevention. The fast shift to ecommerce and away from brick-and-mortar shopping in..

The customer experience: How the pandemic changed ecommerce

The customer experience: How the pandemic changed ecommerce

The pandemic changed how customers viewed shopping and spending. But as the world moves into post-pandemic, retailers are concerned with creating a positive customer experience. Rafael Lourenco,..

Want to write
for our blog?

Please review our writers' guidelines
https://www2.clear.sale/press/clearsale-guest-blog-guidelines
and then email guestwriter@clear.sale with your pitch!

Subscribe to our blog