Ecommerce Fraud Prevention

Online retail transactions continue to set new year-over-year records. From ordering online and same-day pick-up to on-demand streaming, the global pandemic has accelerated ecommerce to triple digit percentage growth, which is years in advance of previous predictions for both tangible and digital goods and services.

At the same time, this new reality and accelerated growth has also created one of the fastest-growing opportunities for bad actors and cybercriminals to perpetuate fraud. This has led to retailers and consumers worldwide experiencing annual losses in the tens of billions of dollars each year.

As consumer account takeover (ATO) methods grow increasingly sophisticated, it’s more important than ever to incorporate anti-fraud tools into your transaction processes. Every dollar lost by a retailer to fraud is truly equal to $3.36 after total losses are calculated, which is something very few retailers can afford.

By layering in fraud prevention methodologies powered by breach data, you increase the ability to easily pivot your cybersecurity strategies to protect against attacks that impact profitability and consumer confidence in your brand.

Learn more about Consumer ATO Prevention


ATO rates for physical ecommerce businesses (those that sell physical goods online) jumped 378 percent since the start of the COVID-19 pandemic.1


Based on a survey of 1,000 U.S. adult consumers, 28 percent of respondents would completely stop using a site or service if their accounts on that site were hacked.2


Of consumers who confirmed being victims of ATO attacks, 61% said their e-commerce (both physical and digital goods and services) accounts were hacked.3

The SpyCloud Difference

SpyCloud proactively helps retailers identify new and emerging fraud activity while reducing friction and false positives. Its flexibility of implementation provides the greatest impact for improving the security for your most precious assets – your customer relationship and your profitability.

We understand that:

  • A lack of effective cybersecurity measures can put your merchant account in jeopardy of being shut down or charged at a higher interest rate.
  • Unaddressed security flags from credit card processors can lead to a retailer losing ground in profitability.
  • Any additional cybersecurity responsibility forced on the customer can lead to diminished brand loyalty and loss of sales.
SpyCloud human intelligence researchers have recovered billions of data breach assets, including stolen passwords and emails that can put enterprises at risk of account takeover


How a Top 10 Travel Booking Site Thwarts Online Fraud with SpyCloud

Read the Case Study

Account Takeover Prevention & Beyond

The surge in account takeover attacks means that merchants can’t leave the burden of account security to their customers alone. At SpyCloud, we believe companies should treat account protection as part of the overall customer experience, which allows for seamless transactions and customer satisfaction while also preventing fraud. Preventing ATO is at the core of SpyCloud’s solution, but it’s the deeper dive we take into the underground that gives your organization the leg up in its fraud prevention strategy.

SpyCloud helps ecommerce retailers:

  • Prevent ATO

    On underground marketplaces, many criminals advertise sales on illegal wares such as stolen credentials. SpyCloud helps you monitor exposed Personally Identifiable Information (PII), such as email addresses, passwords, phone numbers, name, address and even more sensitive information.
  • Stop Fraud from Fabricated Digital Identities

    Criminals get creative by taking bits and pieces of consumer identities, completely fabricated synthetic user profiles, opening the door to fraudulent activity. SpyCloud spots the abnormalities and user information disparities.
  • Identify “Warmed” Accounts

    Criminals setting the groundwork to create synthetic identities generate new emails and password combinations. They are loaded en masse to open accounts and aged (that is, “warmed”) to seem more reliable, often bypassing anti-fraud tools. Over time these warmed accounts are sold on underground marketplaces. SpyCloud can flag transaction risk that is related to these accounts in real-time.
  • Reduce Consumer Friction

    Retail transactions need to be as seamless as possible. The potential of adding barriers to the transaction driving customers to abandon the process and losing business is one of the greatest concerns voiced by Merchants. Friction can be avoided with periodic offline batch processing to securely identify at risk accounts using exposed passwords. This is a common method used by SpyCloud clients to reduce friction by proactively identifying high-risk password reuse.

Additional Resources

Malware Infected User Guide
Infected User Response Guide

Handy guide to decipher what it means when your consumers’ information appears on a botnet log, and how to contact infected users with an action plan to re-secure their accounts.

Infographic: Retail Sector Breach Exposure

We examined SpyCloud’s database to see what breach data we could tie to companies in the Fortune 1000. Get details on the exposure of employees in the retail sector.

SpyCloud Gartner Cool Vendor
SpyCloud Named 2020 Gartner Cool Vendor for Fraud Detection

In Gartner’s analysis of the IAM & Fraud Detection market, SpyCloud was named a Cool Vendor.

Protect your high-value consumer accounts from fraud.