The holiday season is in full swing as consumers rush to buy gifts for loved ones before Christmas Day. With Boxing Day (or Boxing Week) to follow on December 26, retailers and independent online sellers are busy wooing customers to their websites to sell their products before people exhaust their budgets and start making New Year’s resolutions.

In this frenzied shopping season, it’s easy for retailers and online sellers to forget that e-commerce businesses risk falling prey to online scams and cybercrime. But cybersecurity should always be top of mind for retail businesses and side hustlers selling goods online. 

A recent survey of Canadians by credit reporting agency TransUnion of Canada finds a 40% increase in digital fraud attempts in this country during the first half of 2023. Furthermore, the Canadian Federation of Independent Business (CFIB) reported that 45% of small businesses experienced a random cyber-attack in 2022, and 27% experienced a targeted attack. Many attacks came through email scams, phishing attempts, and malicious software.

Online shopping scams

Download Our FREE Insurance Whitepaper

Learn everything you need to protect your small business.

Your email address will be used by Zensurance to provide latest news, offers and tips. You can unsubscribe at any time.

Zensurance - Small Business Insurance Guide

Every retailer selling online or online sellers using third-party marketplaces like Amazon, Etsy, Shopify, Wayfair, and Depop should ensure they have cyber liability insurance as part of their overall business insurance policies.

Insurance is vital, but it alone won’t shield you from online fraud. It’s necessary to be aware of various online scams that could affect your business. Here are seven scams to be wary of and how to avoid them:

1. Fraudulent Delivery Claims

You may have had someone claim they didn’t receive the product you shipped to them. Unfortunately, if you didn’t use package tracking, you’ll have to take their word for it because things can get lost in the mail. You can avoid this by offering real-time package tracking, improving the user experience because they can better understand when something will arrive.

Buyers can also claim the item was damaged or they received the wrong item. You can ask them to send pictures as proof. You should also ensure that product descriptions are clear and correct and that photos on your site are up to date.

If you notice a buyer making these claims regularly, stop selling goods to them.

2. Refund Abuse

Sometimes, consumers get buyer’s remorse. Other times, people buy an item for one use and send it back. For example, sometimes, a person needs a great outfit for an important event or wants to show off to their followers on Instagram. Either way, people can take advantage of your return policy.

You can reduce the abuse by shortening the return-refund window, not offering free shipping for returned items, charging a restocking fee (it can be higher for expensive products), and asking that the receipt be included for the return to be processed.

3. Promotion Fraud

Using referral and promotion codes or free trials is a good way to attract new customers. Unfortunately, some folks will take advantage of those offers by finding codes on social media or online coupon sites. They may use different email addresses to cancel free trials before they end or use promo codes repeatedly. Some consumers may also use a referral code they already used while pretending to be a new customer.

Prevent these scenarios from occurring by using expiration dates for promo codes. Also, limit the number of referrals a customer can get a credit for, such as five to 10 per year. And you can screen for free trial users to see if they’re coming from the same IP address or device.

4. Account Takeover Attacks

A cybercriminal can gain unauthorized access to a retailer’s accounts to make fraudulent transactions or exploit customer data. It might not be your company’s site that gets hacked but another site. And because some people use the same username and password for multiple sites, a cybercriminal can try using that information on different sites and begin shopping with linked payment methods.

You can take some steps to prevent this from happening by doing the following:

  • Check user behaviour: If a customer usually purchases no more than $100 worth of goods every month and then starts placing $500 orders every other week, that can be a sign something is wrong. Another sign might be they purchase different items that they haven’t typically bought in the past. A customer who uses a different IP address, device, or new contact information could also be a sign of fraud. However, in all cases, it can also be a legitimate customer. You can block future purchases to be on the safe side.
  • Use two-factor authentication (2FA): Accounts without 2FA are vulnerable to abuse by fraudsters. Automatically sending a one-time passcode via text message or voice after someone attempts to log in provides an additional layer of security. There are other forms of 2FA, such as app-based solutions or push notification-based authentication.
  • Use tokenization: If you’re worried about your site being hacked, you can protect customer data by using tokenization. It will replace sensitive information (such as their credit card number and expiry date, birthday, home address, and phone number) with alphanumeric characters. You can’t store, capture, or transmit this information with tokenization.

5. Social Media Scams

If you’re selling through Facebook Marketplace or Instagram, you should know how potential fraudsters will try to take advantage of you. Here are some tips to thwart them:

  • Review their profile: A profile set up 10 or 15 years ago will be more likely to be legitimate than a relatively new one.
  • Be wary of those trying to move the conversation to text: Moving to text may signify they’re trying to be less accountable. Also, anyone can get a temporary local number through various apps.
  • Verify you were paid: A buyer may claim they’ve sent you the money or overpaid you by accident. Confirm it’s true when logging into your bank account. Don’t trust any screenshots they send.
  • Meet in public: If you’re meeting a buyer, try to meet in a public place like a coffee shop. You can be even more cautious by meeting in a police station parking lot.

6. Dropshipping Scams

Some fraudulent dropshipping schemes involve poor-quality products, delayed shipments, or non-delivery of items to customers.

Avoid this scam by vetting potential dropshipping partners, checking product quality, and maintaining transparent communication with customers regarding shipping times.

7. Card Skimming

In traditional brick-and-mortar stores with point-of-sale (POS) systems, criminals can install devices on payment terminals to capture credit card information from unsuspecting customers.

To deter this from happening in your shop, keep your POS system out of reach from visitors to your store, regularly inspect the terminal, use secure payment gateways, and educate customers to cover their PINs when entering them.

Protecting Your Business and Customers From Fraudsters and Scammers

There are people out there who will take advantage and try to defraud your business and your customers. 

However, taking the necessary precautions and improving cybersecurity can help thwart fraud and online scams. Also, ensure you have cyber liability insurance to protect your business or side hustle from expensive losses.

Recent Posts

  • Online shopping scams

How to Avoid Scams When Selling Online

By |December 18th, 2023|

Every retailer selling online or online sellers using third-party marketplaces risks falling prey to fraud and cybercrime. During the busiest shopping season of the year, here are common scams to be wary of and the steps to take to protect your business.

  • Cyber insurance for small businesses.

What Is Cyber Insurance?

By |October 24th, 2023|

A majority of Canadians (88%) say they've experienced an increase in attempts to defraud them, and 63% of business owners admit their cybersecurity budget is less than 10% of their IT budgets. Small business owners should take action as more sophisticated threats emerge. Here’s how cyber liability insurance can help.

Share This Story:

About the Author: Brandon Bowie

Brandon Bowie is a Team Lead, Professional Lines at Zensurance.