Fraud Prevention Glossary
Welcome to the NoFraud Fraud Prevention Glossary. We’ve curated an extensive list of commonly used fraud terminologies — and related resources — to arm you with the knowledge you need to safeguard your eCommerce business.
Welcome to the NoFraud Fraud Prevention Glossary. We’ve curated an extensive list of commonly used fraud terminologies — and related resources — to arm you with the knowledge you need to safeguard your eCommerce business.
Account takeover refers to the unauthorized access and control of someone else’s online account by a fraudster. It involves the fraudulent acquisition of login credentials, such as usernames and passwords, to gain unauthorized access to an individual’s or organization’s account across various platforms, including email, social media, banking, or eCommerce.
Address verification systems (AVS) are tools or services used by financial institutions to validate the accuracy and legitimacy of a provided address. The primary purpose of AVS is to help merchants prevent fraud. This used to be the gold standard and the banks thought that if a card was stolen, the thief would have no way of knowing the correct billing address. However, because of the explosion of data breaches, AVS verified addresses are often sold alongside stolen card credentials such as credit card number, expiration date, and CVV code. So while AVS data can be a helpful tool in fraud prevention, it can no longer be solely relied upon.
Affiliate fraud, also known as affiliate marketing fraud, refers to deceptive practices aimed at manipulating or abusing affiliate marketing programs for financial gain. In affiliate marketing, businesses reward affiliates (publishers or marketers) for driving traffic or generating sales through their promotional efforts. However, fraudsters exploit this system to fraudulently earn commissions or benefits without legitimate referrals or actions.
Similar to product swaps, boxing occurs when a fraudster submits a claim to return the purchased item, but the original item is not returned. A criminal committing return fraud by boxing will purchase a high-value item and then return an inferior product of significantly less or no value. For example, the fraudster may buy a TV and replace the original contents with plywood to maintain the weight of the original product, thinking they’ll automatically be credited their refund once the return label is scanned (prior to inspection).
A brute force attack is a type of cybersecurity attack in which an attacker attempts to gain unauthorized access to a system, account, or encrypted data by systematically trying all possible combinations of passwords or encryption keys until the correct one is found. This method is typically used when the attacker has no prior knowledge of the target’s password or key.
Buy Now Pay Later (BNPL) fraud refers to fraudulent activities or scams involving the use of Buy Now Pay Later services. BNPL services (e.g., Affirm, Klarna, Afterpay) allow consumers to make purchases and defer payment, typically in installments, instead of paying the full amount upfront. While BNPL options provide convenience and flexibility for consumers, fraudsters exploit these services by using stolen credit card information or avoiding repayment.
Buy Online Pickup In Store (BOPIS), also known as Click and Collect, is a retail fulfillment model that allows customers to purchase products online and pick them up at a physical store location. It offers convenience and flexibility to consumers by combining the ease of online shopping with the immediacy of in-store pickup. However, like any retail transaction, BOPIS can be vulnerable to fraud. Fraudsters use BOPIS to avoid having products shipped to a physical address, which could raise suspicion.
Card skimming is a type of credit card fraud in which criminals use a small, inconspicuous device known as a skimmer to steal card information from unsuspecting victims. Skimmers are typically placed on legitimate card-reading devices, such as ATMs, gas station pumps, point-of-sale (POS) terminals, and other payment systems. When a person inserts their credit or debit card into the compromised machine, the skimmer captures the card’s magnetic stripe data, including the card number and sometimes the cardholder’s name and other details.
Card testing fraud, also known as credit card testing or carding, is a type of fraudulent activity where fraudsters test the validity and usability of stolen or compromised credit card information. The purpose of card testing is to determine which stolen card details are still active and have available credit or funds. Card testing can be easily identified based on the velocity of attempts with a common trait being all orders are coming from the same IP address. If undetected, card testing can run up overwhelming gateway fees if basic bot prevention software is not installed on a merchant’s website.
A card-not-present (CNP) transaction occurs when a purchase is made remotely, typically online, without the merchant physically processing the cardholder’s credit card via a payment terminal.
Card-not-present (CNP) fraud is a type of payment card fraud that occurs when a credit or debit card is used for a transaction in which the physical card is not present. In CNP transactions, a fraudster uses the victim’s card without their authorization. The fraudster will make purchases using the victim’s card details, such as the card number, expiration date, and the card’s security code (e.g., CVV), but the card itself is not swiped, inserted, or physically presented to a merchant. CNP fraud is commonly associated with online and phone transactions, as well as mail-order and catalog purchases.
Cart abandonment, or checkout abandonment, refers to the situation where a website visitor adds items to their online shopping cart but leaves the website without completing the purchase. It is a common occurrence in eCommerce and can have a significant impact on a retailer’s revenue.
Chargeback management refers to the process of effectively handling and resolving chargebacks, which occur when a customer disputes a charge on their credit or debit card and requests a refund from the card issuer. Chargebacks can be a complex and time-consuming aspect of managing payment disputes, and effective chargeback management aims to minimize financial losses, identify business processes that need improvement and save on labor costs.
Chargebacks occur when a customer disputes a charge with their financial institution. Often, chargebacks are a result of an unauthorized charge due to fraudulent activity. Less frequently, a chargeback can also result from merchant error, such as accidentally running a charge through twice, or by a legitimate customer who is dissatisfied with the product or service.
Checkout abandonment, also known as cart abandonment, refers to the situation where a customer adds products to their online shopping cart but leaves the website or abandons the purchase before completing the checkout process. It is a common phenomenon in eCommerce and can result in lost sales opportunities for businesses.
Credential stuffing is a cyberattack method in which attackers use stolen username and password combinations from one data breach to gain unauthorized access to user accounts on various online services. This attack leverages the fact that many people reuse the same credentials (usernames and passwords) across multiple websites and services. When one of these websites is breached and user data is exposed, cybercriminals take these stolen credentials and attempt to access other accounts using the same username and password combinations.
Credit card fraud, also known as card-not-present fraud, refers to fraudulent activities that occur during the checkout process of an online transaction. It involves the unauthorized use of someone else’s payment information to make purchases without their knowledge or consent. Credit card fraud is particularly common in eCommerce and online shopping scenarios where the physical presence of the payment card is not required.
Often used in synthetic identities, credit grooming occurs when a fraudster opens a new account and starts by making small, legitimate purchases to build a positive transaction history and credit record. Once the synthetic identity has sufficiently established a credit history, the fraudster may use the fake identity to make other fraudulent purchases.
Curbside pickup (or “Buy online, pickup at curbside”) fraud involves deceptive practices aimed at exploiting the curbside pickup services offered by retailers. In this type of fraud, individuals may engage in various schemes to obtain goods without legitimate payment or to take advantage of the convenience of curbside services for illicit gains. Common tactics include using stolen credit card information to make online purchases for curbside pickup, falsely claiming non-receipt of items to obtain refunds, or manipulating the pickup process to deceive retailers. Curbside pickup fraud exploits the streamlined nature of these services, making it challenging for retailers to verify the authenticity of orders and prevent fraud. Retailers can respond by implementing stricter security measures, enhanced verification processes, and increased vigilance to protect against curbside pickup fraud.
The dark web is a part of the internet that is intentionally hidden and not indexed by traditional search engines. It is a subset of the deep web, which includes all web pages not indexed by search engines, but the dark web specifically refers to websites and online content that are intentionally concealed and typically associated with illegal or illicit activities.
Device intelligence refers to the use of data and analytics to gather information about devices used by individuals, such as smartphones, tablets, or computers, in order to assess their risk profile, detect fraud, and enhance security. By analyzing various attributes and patterns associated with a device, fraud solutions ingest device intelligence along with the other data they collected, or have at hand to identify anomalies, suspicious activities, or potential risks.
Digital wallet fraud refers to fraudulent activities that specifically target digital wallet services like Apple Pay, Paypal, Google Pay. Also known as mobile wallets or e-wallets, digital wallets are applications or platforms that allow users to store payment information, make online transactions, and conduct in-store payments using their mobile devices or other electronic devices. While digital wallets offer convenience and security, they can also be vulnerable to various types of fraud. Digital wallets obscure customer payment information and oftentimes don’t require standard authentication, making it easier for fraudsters to use stolen credit cards and harder for merchants to have the evidence they need to fight chargebacks.
A Distributed Denial of Service (DDoS) attack is a malicious attempt to disrupt the regular functioning of a network, service, website, or online application by overwhelming it with a flood of internet traffic. The objective of a DDoS attack is to render the target system or network unavailable to its users, causing downtime, slowdowns, or service disruption. Cybercriminals might launch a DDoS attack on a targeted organization’s network to divert the attention of IT and security teams while simultaneously carrying out a separate fraud scheme, such as attempting to steal sensitive data or conduct financial fraud. The DDoS attack serves as a smokescreen to distract from the actual fraudulent activities. This is a tactic employed by cybercriminals to create chaos and confusion, making it more challenging for security personnel to detect and respond to multiple threats simultaneously.
Fake Tracking ID (FTID) is a package redirection scam that involves manipulating the tracking information on a label. Shipping companies only require the tracking information on a label to scan it. Scammers will manipulate the label to maintain scan functionality, which often triggers a refund issuance, while ensuring it gets lost. This manipulation varies in sophistication, ranging from intricate alterations to simple “cut and paste” methods. The tracking will often show as delivered to a random warehouse, designated for pickup, or will get lost once it passes the label scan at distribution. Ultimately, the recipient (if there is one) will have no idea who the package belongs to as the rest of the label, including return address, has also been edited.
False declines, also known as false positives or wrongful rejections, occur when legitimate transactions are mistakenly declined or rejected as fraudulent. False declines can have a significant impact on both merchants and customers. For merchants, false declines result in lost sales, customer dissatisfaction, and potential damage to their reputation. Customers may experience frustration, inconvenience, and a loss of trust in the merchant’s payment system.
First-party fraud refers to deceptive activities conducted by individuals using their own identities during the online purchasing process. This type of fraud involves intentionally providing false or misleading information by the legitimate account holder to exploit the system and gain financial benefits. Examples of first-party fraud in eCommerce include submitting fake payment details, manipulating personal information, or falsely claiming non-receipt of goods or services to obtain refunds or chargebacks.
Flipping is a fraudulent scheme where criminals exploit online marketplaces to make illegitimate profits by making purchases using stolen credentials to flip or immediately list the goods for resale.
Fraud as a Service (FaaS) is a cybercrime model where individuals or groups offer various fraudulent activities or services for a fee. For return fraud, professional refunders are paid a percentage to guarantee a return. These fraudsters will use a variety of methods to carry out their crimes — including fake tracking ID, innys, or item not received/did not receive — for those willing to pay for these services. Fraud as a Service is really hard to detect as the customer service calls seem very legitimate.
“Fraud as an enterprise” refers to a systematic and organized approach to fraudulent activities conducted by a group or organization with the intent of generating illicit profits. This concept involves treating fraud as a business model, complete with organizational structures, roles, and processes designed to maximize financial gains through deceptive and unlawful means. In such enterprises, individuals or groups collaborate to orchestrate various types of fraud, including financial fraud, identity theft, and other illicit activities. These criminal enterprises often exhibit characteristics similar to legitimate businesses, such as hierarchies, specialized roles, and division of labor, aiming to optimize efficiency and reduce the risk of detection. The term underscores the sophistication and scale of modern fraud operations, which can rival legitimate enterprises in terms of organization and strategic planning. Law enforcement and cybersecurity efforts often target such organized fraudulent activities to disrupt their operations and prosecute those involved.
Fraud detection refers to the process of identifying and detecting fraudulent activities or behaviors within a system or organization. It involves using various techniques, technologies, and analytical methods to identify patterns, anomalies, or suspicious activities that may indicate fraudulent behavior. Effective fraud detection helps in early identification and mitigation of fraud risks.
Fraud prevention refers to the proactive measures and strategies implemented by individuals, organizations, and financial institutions to detect, deter, and mitigate fraudulent activities. Fraud can take various forms, such as identity theft, payment fraud, account takeover, or deceptive practices. Implementing effective fraud prevention measures is crucial to protect individuals and businesses from financial losses, reputational damage, and legal consequences.
Fraud risk management refers to the strategies, processes, and measures implemented by organizations to identify, assess, mitigate, and monitor the risks associated with fraud. It involves the proactive identification of potential fraudulent activities, the implementation of controls and safeguards to prevent fraud, and the continuous monitoring and detection of fraudulent behavior. Effective fraud risk management helps organizations protect their assets, reputation, and stakeholders from the financial and operational impacts of fraud.
A fraudster is an individual or entity that engages in fraudulent activities, intentionally deceiving others for financial gain or other malicious purposes. Fraudsters employ various tactics to deceive and exploit victims, often through dishonest or illegal means. Their actions may involve identity theft, payment fraud, account takeovers, or other forms of fraudulent activities. Fraudsters are skilled at manipulating individuals or systems to achieve their fraudulent objectives, and they often target vulnerable individuals, businesses, or financial institutions. It is important to stay vigilant, protect sensitive information, and report any suspicious activities to authorities or relevant institutions to combat fraud and protect against potential harm caused by fraudsters.
Friendly fraud, also known as chargeback fraud or friendly chargeback, occurs when a customer makes a legitimate purchase using their credit card or payment method but later disputes the charge and requests a chargeback from their bank or credit card company, claiming that the transaction was unauthorized or fraudulent. Unlike traditional fraud, friendly fraud involves the original account holder themselves initiating the fraudulent chargeback.
Identity theft refers to the illegal acquisition and use of someone else’s personal information, such as their name, social security number, credit card details, or other identifying data, without their knowledge or consent. The purpose of identity theft is usually financial gain, and it can have severe consequences for the victims.
Interception fraud, also known as man-in-the-middle (MITM) fraud, occurs when an unauthorized third-party intercepts and manipulates communication between two parties engaged in a transaction or data exchange. The fraudster positions themselves between the legitimate sender and receiver to eavesdrop on or alter the information being transmitted, or intercept a package during shipment.
IP address geolocation tracking is a method used to determine the approximate geographic location of an internet-connected device based on its IP address. Every device connected to the internet is assigned a unique IP address, which can provide information about the general location of the device. IP geolocation tracking is often used for various purposes, including fraud detection, targeted advertising, content localization, and website analytics.
A fraudulent ‘item arrived damaged’ claim occurs when a customer deceitfully asserts that a product they received was damaged during shipping or delivery. For example, falsely claiming a leaky battery was delivered to secure an instant refund or replacement that can be used for illegitimate resale or to gain two items for free.
“Item Not Received” (INR) fraud refers to fraudsters falsely claiming that they did not receive the purchased item with the intention of obtaining a refund or a replacement item without paying for it.
Manual review is a process in which a human reviewer assesses and evaluates certain transactions, accounts, or activities manually, rather than relying solely on automated systems or algorithms. Activities include looking up shipping addresses, spending time on Google, and sometimes reaching out to customers in an attempt to verify their identity.
Merchant fraud, also known as merchant-based fraud, refers to fraudulent activities committed by merchants or businesses themselves. It involves deceptive practices aimed at unlawfully obtaining financial gain or exploiting loopholes in payment processes. Merchant fraud can take various forms and negatively impact both consumers and other businesses. For example, a common merchant fraud scheme involves fraudsters creating a fake online store that sells products but never delivers them or delivers a cheaper item in lieu of the higher priced product the customer intended on purchasing.
Multi-factor authentication (MFA), also known as two-factor authentication (2FA) or two-step verification, is a security process that requires users to provide two or more different authentication factors to verify their identity when logging into an account, system, or application. MFA adds an extra layer of security beyond traditional username and password authentication by making it significantly more difficult for unauthorized users to gain access.
“Order missing some items” is a claim that customers assert when an item is missing from their order or that they received an empty box. Such claims are infrequent but can indicate potential return fraud. If such claims become more prevalent, consider it a red flag and possible that your business is being promoted by fraudsters on forums as an easy target. These claims pose a challenge to disprove, highlighting the importance of vigilant fraud detection measures.
Payment gateway fraud refers to fraudulent activities that target payment gateways, which are the technology infrastructure used to facilitate secure online payment transactions. Fraudsters exploit vulnerabilities in payment gateways to carry out unauthorized transactions, gain access to sensitive payment information, or manipulate payment processes for their financial gain.
Payments fraud refers to any fraudulent or unauthorized activity that occurs during a payment transaction, typically involving the use of stolen payment information or deceptive practices to gain financial benefit illegally. Payments fraud can occur in various forms, and it poses significant risks to both individuals and businesses.
Phishing is a type of cyberattack or social engineering technique where attackers attempt to deceive individuals into revealing sensitive and confidential information, such as login credentials, financial details, or personal information. This is typically done by posing as a trusted entity or individual through various means, often through email, but also through other communication channels like text messages, social media, or phone calls. The goal of phishing attacks is to trick the victim into taking specific actions that benefit the attacker, such as clicking on a malicious link, opening a malicious attachment, or providing sensitive information.
Post-gateway fraud prevention refers to the set of security measures and strategies employed to detect and prevent fraudulent activities after they have passed through a payment gateway or other critical points in an online transaction process. While pre-gateway fraud prevention focuses on identifying and blocking potentially fraudulent transactions in real-time before they are processed, post-gateway fraud prevention comes into play after the transaction has been approved and processed. Post-gateway fraud prevention is crucial for identifying and addressing fraudulent transactions that may have initially gone undetected during the authorization process.
Pre-gateway fraud prevention refers to a set of security measures and strategies designed to detect and prevent fraudulent activities before they reach a payment gateway or other critical points in an online transaction process. The objective is to identify and block potentially fraudulent transactions in real-time, reducing the risk of financial loss and protecting both consumers and businesses from various forms of payment fraud.
Similar to boxing, product swaps happen when a fraudster submits a claim to return the purchased item, but the original item is not returned. A criminal committing return fraud via product swap will purchase a high-value item and then return a similar, non-authentic item.
Referral fraud, also known as referral program fraud or referral abuse, occurs when individuals or fraudsters manipulate referral programs or systems to fraudulently gain benefits, rewards, or incentives. Referral programs are designed to incentivize existing customers or users to refer new customers or users to a business or platform. However, fraudsters exploit these programs by engaging in deceptive practices to generate fake or invalid referrals.
Representment, also known as chargeback representment, is the process by which merchants can dispute chargebacks. When a customer files a chargeback, claiming that a transaction was unauthorized, fraudulent, or unsatisfactory, the merchant has the opportunity to provide evidence and arguments to challenge the chargeback and recover the funds. During representment, the merchant gathers relevant documentation, such as sales receipts, shipping records, proof of delivery, customer communication, and any other evidence supporting the validity of the transaction. This evidence is then submitted to the merchant’s payment processor or acquiring bank, who acts on behalf of the merchant in presenting the case to the customer’s bank or credit card company. The goal of chargeback representment is to prove that the charge in question is legitimate and therefore should not be reversed.
Reseller fraud, also known as reseller abuse, is the unauthorized sale of products or services through online marketplaces. Reseller fraud happens when a reseller distributes a product without having an official relationship or agreement with the original merchant.
Return fraud, sometimes called returns fraud or refund fraud, is a type of retail fraud where scammers unlawfully exploit a return policy to gain a financial advantage or merchandise for free. It can involve returning stolen goods for a refund or store credit, using counterfeit receipts, or purchasing items to use temporarily before returning them for a full refund.
In eCommerce, a risk assessment is a critical process for online businesses to identify, evaluate, and mitigate potential risks associated with their online operations. Online merchants face various risks, including financial, security, legal, operational, and reputational risks. Conducting a comprehensive risk assessment helps organizations understand their vulnerabilities and implement strategies to protect against these risks.
Risk scoring is the process of assigning a numerical score to evaluate the level of risk associated with a particular transaction or customer within an eCommerce business. This scoring system helps businesses identify and prioritize high-risk transactions or customers, allowing them to take appropriate actions, such as approving, reviewing, or rejecting transactions. Risk scoring is a crucial component of fraud prevention and risk management in online retail.
Social engineering is a manipulative technique used by cybercriminals to deceive shoppers or employees of organizations into divulging confidential information, granting unauthorized access, or performing actions that compromise security. It exploits human psychology and trust to gain access to sensitive data or systems. Social engineering attacks rely on deception and manipulation rather than technical vulnerabilities.
A software trojan horse is a malicious software program that disguises itself as a legitimate and benign application to deceive users into unwittingly installing it. These cyberattacks predominantly target software capable of processing refunds, including returns and customer support applications, with the goal of facilitating swift refunds on behalf of professional refunders.
Subscription fraud, also known as subscription-based fraud or account takeover fraud, occurs when an individual or a fraudster gains unauthorized access to someone else’s personal or financial information to fraudulently sign up for subscription services or accounts. The fraudulent party takes advantage of the victim’s identity or payment details to initiate subscriptions without their knowledge or consent. With subscription fraud, attackers will also try to manipulate loopholes in the integration between subscription and fraud prevention solutions in an attempt to bypass fraud detection.
Synthetic identity fraud involves the creation of false identities by combining real and/or fictitious information to establish fraudulent accounts or conduct deceptive financial transactions. Unlike traditional identity theft, where an individual’s existing personal information is stolen, synthetic identity fraud fabricates entirely new identities. Perpetrators often use a mix of genuine and fictitious data, such as combining a real social security number with a fabricated name or address. The goal is to create an identity that appears legitimate to financial institutions, allowing fraudsters to open credit accounts, obtain loans, or engage in other financial activities without immediate detection. Synthetic identity fraud is challenging to detect because the identities involved may not correspond to real individuals, making it difficult for traditional identity verification methods to flag suspicious activities. This type of fraud poses a significant threat to financial institutions, businesses, and consumers alike.
Triangulation fraud involves three parties — the fraudster, the unsuspecting legitimate shopper and the eCommerce store. An online storefront is created by the fraudster, often on eBay or Amazon, that offers high-demand goods at extremely low prices. The store collects payment for the goods it sells. The fraudster then uses other stolen credit card data and the names collected in orders on his online storefront to purchase goods from a legitimate website and ships them to the customers that purchased on his new online storefront. This type of fraud can usually be identified by the products that are targeted as well as some investigative work by locating the unsuspecting shopper who can identify the storefront where the stolen goods were purchased.
Velocity checks, also known as velocity limits or velocity rules, in the context of cybersecurity and fraud prevention, are mechanisms used to monitor and control the rate at which certain actions or transactions can occur within a system or application. These checks are employed to detect and prevent fraudulent or malicious activities, such as account takeovers, card-not-present (CNP) fraud, or Distributed Denial of Service (DDoS) attacks, by limiting the frequency or speed of these actions.
Verification checks refer to the process of verifying the accuracy, authenticity, or eligibility of certain information or individuals. These checks are commonly used in various contexts, such as online transactions, account registrations, employment screening, identity verification, and more. Verification checks help ensure that the provided information is valid and reliable, reducing the risk of fraud or misuse.
Wardrobing refers to a form of fraud or unethical behavior associated with the misuse of a product return policy when the purchaser temporarily uses the item and then returns the goods for a refund. Wardrobing items are typically clothing or fashion items and the item is sometimes used for work, a special event, or even just for a photo op (think #OOTD posts on Instagram).
Ready to learn more?
Book a demo and see our accurate real-time fraud screening for eCommerce in action.
We offer Starter Plans for even the smallest sized businesses, including a free plan and plans that include chargeback protection for companies that process less than $50,000/month.
Businesses that process more than $50,000 in revenue/month qualify for custom pricing. Book a demo and see our accurate real-time fraud screening for eCommerce in action.
— or —
complete the form for us to reach out to you