The top fraud risks currently impacting the e-commerce market include remote access attacks, card testing, attacks on quick service or fast-food restaurants, loyalty points fraud, and fake accounts, a new report from Forter and PwC has found.

According to the study, the number of remote access cyber-attacks – whereby an unauthorised individual gains access to a computer or network from a remote location – jumped by eight per cent during the 2024 Black Friday/Cyber Monday period compared to the previous year.

Card testing, where a fraudster tries to determine whether stolen card information is valid so that they can use it to make purchases, was also revealed to be a common risk for e-commerce providers.

Attacks on quick service or fast food restaurant platforms increased by 45 per cent from 2023 to 2024, with Over 85 per cent of fraud attempts on these sites involving returning fraudsters.

The research also highlighted loyalty points fraud as a key issue for e-commerce retailers, where an individual exploits an initiative by stealing points, manipulating transactions or creating fake accounts to redeem rewards.

The report suggests that accounts involved in loyalty programmes face 4-5 times higher rates of attacks compared to regular accounts, with those holding stored value or points 6-7 times more vulnerable to fraud.

Additionally, fake accounts of platforms such as social media, financial institutions, and e-commerce sites have emerged as a challenge for online retailers. According to the study, 90 per cent of fake accounts on digital commerce platforms are often created by a small subset of disciplined fraud users.

The report is published ahead of an upcoming amendment to the anti-fraud legislation Economic Crime and Corporate Transparency Act 2023 (ECCTA).

The update, which comes into effect on 1 September 2025, will make it a corporate offence for ‘failure to prevent fraud’, or for an organisation to be held criminally liable if a specified fraud offence were to be committed by an associated person that either directly or indirectly benefits the organisation.

“These fraudulent activities are rife and growing in retail," said Doriel Abrahams, principal technologist, Forter. "Not only is fraud costly and a drain on already-pressurised resources, but it can irreparably damage a retailer’s reputation."

He said that it is essential for e-commerce fraud leaders to maintain a holistic perspective, not only understanding the underlying drivers of fraud risk but also meeting new compliance needs and the current external threat trends.

“Counter-strategies for fraud prevention must become part of the normal running of a business and not an optional extra – even some of the ‘smaller perceived’ fraud risks are too big now for any business to ignore at board level," said Harry Holdstock, partner at PwC. "Some of the most commonly overlooked measures are having a robust third-party risk strategy and ensuring fraud detection and prevention mechanisms appropriately match the scale and demands of your eCommerce business.”

The companies behind the report call on e-commerce retailers to roll out a comprehensive fraud risk assessment, build a culture of fraud prevention, and implement an AI-based fraud management platform to address the latest risks.

---