Fraud is growing faster than revenue in eCommerce. That’s one of the first things PwC and Forter point out in their new report, and it’s a wake-up call for online retailers.
Fraud is rising faster than ever
Right now, eCommerce leaders are dealing with a mix of challenges: economic ups and downs, political uncertainty, more cyber threats, and new fraud rules kicking in on 1st September.
The report focuses on what’s happening outside the business. These are things that fraud teams can’t always control but need to prepare for. The idea is to give retailers a picture of where fraud is coming from and what’s pushing it forward.
Some of the drivers won’t be surprising. Financial pressure is causing more people and businesses to take risks. Political shifts are making some companies rethink or even cut fraud prevention budgets. And with remote work and supply chains still causing security gaps, cyber risks are growing too.
Biggest fraud trends in 2025
Remote access attacks: A type of cyberattack where an unauthorised individual gains access to a computer or network from a remote location. Forter recorded an 8% increase in remote access attacks during the 2024 Black Friday/Cyber Monday period compared to 2023.
Card testing: A fraudster tries to determine whether stolen card information is valid so that they can use it to make purchases. This attack fraud type predominately affects low-value transactions and is commonly seen in crowdfunding or charitable sectors, digital goods, food delivery services and subscription services.
Fraud attacks on Quick Service Restaurants (QSRs) or fast-food restaurants: Attacks on QSR platforms surged by 45% from 2023 to 2024. Over 85% of fraud attempts on QSR sites involve returning fraudsters.
Loyalty points fraud: This occurs when individuals exploit loyalty programmes, either stealing points, manipulating transactions, or creating fake accounts to redeem rewards. Accounts involved in loyalty programs face 4-5 times higher rates of attacks compared to regular accounts, and those holding stored value or points are 6-7 times more vulnerable to fraud.
Fake accounts: This involves the creation and use of fraudulent accounts on platforms such as social media, financial institutions, e-commerce sites, and other online services, with the intent to commit fraud. Forter’s data indicates that 90% of fake accounts on digital commerce platforms are often created by a small subset of disciplined fraud users.
“These fraudulent activities are rife and growing in retail. Not only is fraud costly and a drain on already-pressurised resources, but it can irreparably damage a retailer’s reputation. It is essential for eCommerce fraud leaders to maintain a holistic perspective – not only understanding the underlying drivers of fraud risk but also meeting new compliance needs and the current external threat trends. By staying vigilant and continuously reviewing their fraud prevention strategies, merchants can better protect themselves and their customers from ever-changing eCommerce fraud risks,” Doriel Abrahams, Principal Technologist at Forter.
Three key actions to tackle fraud issues
Many forward-thinking merchants have begun to adopt innovative strategies to tackle the growing complexity, sophistication, and volume of fraud. Three key elements for a future-proof fraud management strategy include:
Fraud risk assessment: Dynamic assessments reflecting the latest threat intelligence and regulatory guidance. To be effective, these must identify and address risks across the entire supply chain and checkout process.
Building a culture of fraud prevention: A culture of fraud prevention must start with the C-suite and filter through every level of the business. Leadership must champion awareness, training, and accountability, ensuring that all employees understand their role in supporting fraud risk management across the organisation.
AI-based fraud management platform: Machine learning-based detection models can transform account protection by enabling more accurate, real-time identification of anomalies and suspicious behaviour. Continuously learning from new data, these models inform advanced fraud techniques and ensure that merchants can detect and respond to threats with exceptional speed and accuracy.
Supply chain fraud is on the rise
Looking across the retail supply chain, from manufacturing to store shelves, the report outlines common types of fraud. These include kickbacks and bribes during procurement, counterfeit goods from suppliers, and theft during shipping, often hidden by fake documents or inflated fuel and expense claims. In inventory, fraud shows up as stock manipulation or phantom inventory that appears in records but isn’t actually there. On the finance side, issues like duplicate payments, fake invoices, or diverted payments are also common.
Cyber threats tied to the supply chain are another concern. These include data breaches, phishing emails aimed at staff to steal information, and ransomware attacks that shut down operations until a ransom is paid.
