Unmasking Fraud Patterns: How to Use Data to Combat Scam

In the world of e-commerce, where thousands of transactions are processed daily, Magento fraud protection becomes particularly important. Every unauthorized order and improper return not only causes financial damage but also undermines trust in the business. This is especially true for stores selling physical goods, where losses can be significant.

At Mirasvit, we encounter various types of deception—both personal and customer-related. In this article, we will share our experience combatting it, relying on our Magento fraud prevention extension—the Fraud Detector module.

Table of Contents

• Common Fraud Schemes in E-commerce
• Problems with Standard Return Policies
• How to Detect and Prevent Fraud
• Understand the specific fraud types in your business
• How to Handle High-Risk Orders
• Maintaining a Balance Between Security and Customer Experience
• Conclusion

Common Fraud Schemes in E-commerce

Fraudsters try to deceive store owners in many ways every day. Most often, we and our clients face the following.

Credit Card Fraud

This is one of the most common types. Scammers use stolen card data to make online purchases. For sellers, it is almost impossible to detect theft at the transaction stage: all customer data appears legitimate, and the payment goes through successfully.

However, later the cardholder discovers unauthorized charges and contacts the bank, which initiates a dispute and refunds the money to the client. As a result, the store not only loses the sale amount but also has to pay a commission for processing the dispute. This is where Magento chargeback protection becomes essential.

• Inevitable losses: Each dispute on PayPal costs the business $20-$30 regardless of the transaction amount.
• Limited influence: Stores have little impact on the dispute process, as payment systems and banks protect consumers.
• Difficulty in proof:It is hard to prove the legitimacy of a transaction, especially when selling digital goods without evidence.

Return Fraud

This type also remains one of the most common schemes. Customers, taking advantage of the store's lenient return policy, claim to return a product but do not send it back or return it in a damaged condition.

In our practice, we also encounter situations where a buyer purchases a digital product, downloads it, and then immediately requests a refund. We are obliged to refund the money according to our return policy, but we cannot verify whether the customer has deleted our software.

There are instances where, after a full refund, our system detects attempts to use the returned products. These cases do not occur frequently, but they clearly illustrate the overall issue.

Problems with Standard Return Policies

One way to combat fraudulent orders is to modify the return policy. However, there are nuances to consider.

Each company develops its return policy, typically including specific conditions: timeframes, the condition of the product, and the return procedure. For example, the product must be returned within 30 days of purchase, it must be unopened and unused. The customer is asked to fill out a form, specify the reason why the product was unsuitable, and receive a prepaid label for shipping.

Many large online retailers strive to provide a high level of service, so they simplify the return process. For instance, they include a prepaid return label in the package. This makes the process as convenient as possible for the client but simultaneously creates loopholes for fraudsters.

With a large volume of sales, verifying each product for compliance with the conditions becomes a complex and costly task. Manual processing requires additional resources, which increases the company's operational costs.

Malicious actors understand that the store is unlikely to meticulously check every package and exploit this to receive money without returning the product or sending the package inappropriately.

Yes, the return policy can be tightened. However, this would negatively affect loyal customers. If honest buyers encounter obstacles when attempting to return a product, it may reduce their satisfaction and trust in the brand.

Thus, companies are faced with a dilemma: on the one hand, they want to ensure a simple and convenient return process to enhance buyer loyalty. On the other hand, they need to protect their business from fraud and the associated losses.

Therefore, identifying recurring patterns is the most effective way to combat dishonest customers. Let's discuss this further.

How to Detect and Prevent Fraud

What is the most serious challenge in fighting deception? The inability to determine with absolute certainty whether a transaction is fraudulent.

If there were a way to determine this precisely, the problem would be solved. However, in practice, we can only identify potentially fraudulent transactions—those that carry a high risk.

Scammers often use similar methods while trying to disguise their actions as legitimate transactions. They may use real data, forge documents, or find loopholes in the system.

Under such conditions, the only way is to identify their similar behavioral patterns. This is exactly where our Fraud Detector extension—an advanced fraud prevention solution—can help.

When it comes to systematic deception, fraudsters are usually limited in their resources: they have certain physical addresses to arrange delivery, postbox numbers, etc. It is important here to find a common pattern that links these orders.

For example, if orders are placed from the same IP address, from the same geolocation, or are delivered to the same region, this may be a sign of deceit.

These common traits allow for the identification of similar orders.

The Fraud Detector operates as follows:

• Data Collection and Analysis: The module processes historical data and generates statistical indicators for your store.
• Risk Indicator Activation: The corresponding indicators are triggered if a new order deviates from the average values in one or more parameters.
• Order Scoring: Each order is assigned a risk score. A single triggered indicator may be insignificant, but if there are multiple, the score increases.
• Additional Verification: Orders with a high-risk score undergo manual verification. This may include contacting the customer, verifying the address, payment information, etc.

When the module's system indicates a high risk for an order—for example, 58 out of 100 points—it signals the need for a more in-depth check. In such cases, you can contact the customer by phone to clarify details and ensure the accuracy of the information.

If you are a new store, you may not have a sufficient database for analysis. But if you have been operating for a year, two, or three, you have accumulated an order history. This allows you to identify the average check, the average number of items per order, the average time between orders, and other indicators.

When a new order falls outside these average values, it becomes suspicious—a single risk factor is triggered, one scoring point. If two to three such factors accumulate, it is a clear indicator that something is wrong with the order.

Understand the specific fraud types in your business

It is important to understand what types of fraud occur specifically in your company. Usually, stores deal with a particular problem.

For example, if you frequently experience dishonest returns, you can analyze the history of such orders and look at the characteristics the module has already highlighted.

Suppose the Fraud Detector noted that a certain address was used five times in the last month. This characteristic alone does not necessarily indicate deception, but it may be significant in the context of your situation.

Thus, even if a customer places another order with a new address, the system will identify it on the second or third time—the module will again show suspicious signs.

We had cases where clients encountered certain combinations of products in one order that often coincided with dishonest attempts. Perhaps these products were particularly attractive to fraudsters, or their resale was highly profitable.

We responded promptly to this situation by adding the ability to configure rules in the module to identify such specific product combinations. Now, when these combinations are present in an order, the system automatically assigns it an increased risk score. As a result, the client reduced the level of fraud associated with these products significantly.

It is important for the administrator to pay attention to these signals. For some of our users, for example, orders from other states are considered high-risk because they usually sell products in their region.

The Fraud Detector highlights this so that employees can give them additional attention and not overlook a potential problem.

To effectively combat scams, it is necessary to understand which types you encounter most frequently. For example:

• Dishonest Returns: If you notice that certain customers frequently return products without valid reasons.
• Payment Fraud: Repeated payment issues from the same buyers or regions.
• Suspicious Product Combinations: Certain products or their combinations are more often associated with deceptive orders.

By analyzing the order history and the characteristics identified by the module, you can better understand where the weak points are and take measures to eliminate them.

Utilizing an online fraud prevention tool can further enhance your strategy.

How to Handle High-Risk Orders

It is important to understand that a high-risk order is not necessarily fraudulent. It means that certain indicators have been triggered.

This is similar to how banks assess borrowers: even without a credit history, you fill out an application, your data is entered into the system, processed through algorithms, and the bank decides whether to grant a loan or not.

Similarly, stores process an order through the module's algorithms, and the system shows its risk level. The administrator decides whether to block the order or continue processing it.

For example, you have a business partner who always purchases goods in large amounts. Of course, the module will flag this as a suspicious order. But you can choose to overlook it or call the client back.

In the settings, you can specify which deviations are most significant for you. There are many parameters; the main thing is to configure them according to the specifics of your business: make some parameters highly important, and others ignore them if they are not significant.

Based on this, the module calculates the total risk score for each order.

If the score exceeds a certain value, the order is considered high-risk; in the average range, normal; and in the lower range, most likely a regular order.

Therefore, the general recommendations for working with Fraud Detector are:

• Identify Critical Parameters: Decide which indicators are most significant for you—for example, order geography, amount, and product combinations.
• Ignore Insignificant Deviations: If some parameters are insignificant for your business, you can configure them so they do not affect the overall risk score.
• Regularly Update Settings: Fraudsters change their tactics, so it is important to review criteria and adapt to new threats regularly.

Maintaining a Balance Between Security and Customer Experience

It is important to remember that our goal is to protect the business from fraud and maintain a high level of service for honest clients. Too strict measures can deter loyal buyers.

How do stores achieve this balance?

Flexible Settings

They can configure the module according to the specifics of their business, determining which risk factors are most significant. This helps avoid false positives and does not complicate the purchasing process for most customers. This approach allows focusing on real threats without creating unnecessary obstacles for loyal buyers.

Additional Verification Instead of Blocking

Instead of automatically blocking orders, additional verification can be conducted for transactions with a high-risk level. This provides an opportunity to clarify details and ensure the customer's legitimacy.

For example, staff can contact the client by phone or email to confirm the information.

Continuous Updates

Stores regularly analyze new types of fraud and adjust the module's settings accordingly. Feedback from customers and employees helps improve the tool and adapt to changing market conditions.

Suppose one of our clients noticed that certain addresses consistently appear in problematic orders. To address this issue, we implemented a feature that allows blocking specific addresses or even ranges of addresses before purchase.

Now, the system automatically prevents orders from being placed to these addresses, and the buyer has reduced the number of repeated dishonest attempts, protecting their business from further losses.

We strive to regularly enhance the Fraud Detector and implement features that will be useful to all users in e-commerce.

Conclusion

Combating fraud in e-commerce is an ongoing process that requires attention and adaptation. By using tools like the Fraud Detector module, you can significantly reduce risks and protect your business from losses.

It is important to understand that eliminating cheating is impossible. However, stores can minimize its impact while maintaining a high level of service for our honest customers.

The task is to create a system that not only identifies potential threats but also allows for prompt responses without disrupting the positive shopping experience for trustworthy clients.

We continue improving our module by implementing new features and remaining open to collaboration.

Staying one step ahead of fraudsters is a challenging but achievable goal. The key is to combine technological innovations with a flexible approach and a willingness to learn and adapt continuously.