Fraud is a harsh, unfortunate reality for many online platforms, particularly traditional ecommerce sites (single vendors selling directly to customers) and ecommerce marketplaces (hubs that sell products from a variety of vendors and connect buyers and sellers around the world through auctions). An estimated one in every 25 online identity verification attempts occurring in the world today is fraudulent, with ecommerce marketplaces being the most severely impacted industry.
Across the landscape broadly, research suggests that ecommerce fraud rates will skyrocket over the next several years, growing 141% between today and 2029. This surge is being driven by advances in AI tools and AI-generated data, which are increasingly being folded into widespread Fraud-as-a-Service (FaaS) offerings that essentially enable anyone to become a fraudster.
Not surprisingly, the ecommerce industry is a top target for these threats, putting them at huge risk for diminished brand reputation and financial loss. Customers are well aware of these risks, with one recent survey finding that 43% of shoppers don’t think e-commerce platforms are sufficiently securing users against fraud. That’s why, as AI-driven fraud explodes, trust is resurfacing as a vital consideration.
Escalating Fraud Risk
Ecommerce platforms are particularly vulnerable to fraud because many merchants lack the protections found in more regulated industries like financial services. Unfortunately, emerging AI technology is only heightening these risks. Complex fraud tactics that may have taken months to develop in the past can now be generated in hours or even minutes with the assistance of AI. Here are several ways that sophisticated hackers are incorporating AI-driven fraud into their playbook:
● Phishing: Hackers can write communications that look like they’re from a trusted online retailer, which can be used to steal sensitive information from shoppers. In the past, this may have taken days to analyze a single online retailer’s language, study its web design and write realistic communications. However, with the help of AI, hackers can generate eerily realistic chat messages and emails in a short period of time – meaning that they can scale their scams more quickly than ever.
Moreover, deepfake audio and video allow scammers to impersonate company representatives without exposing their own identities. Regarding deepfake visual content specifically, new research shows that while half of the U.S. public expresses high confidence in their ability to detect AI-generated images and videos, the average U.S. person is virtually guessing when attempting to identify deepfakes, performing only a tiny fraction better than “chance level,” or a coin flip.
● Fake Websites: Using AI, fraudsters can build a website that looks nearly identical to a real, well-known ecommerce site. Once they drive traffic to the site, they then create a sense of urgency or incentive – like ‘limited time deal’ – to get unsuspecting victims to act quickly. The fake site builds and maintains trust just long enough for victims to provide data or payment, which fraudsters can then use to make purchases on the real site, or sell on the dark web.
● Automated Attacks: Fraudsters can use AI to try millions of stolen username/password pairs, probe checkout flows for weaknesses, and more. With this technology, hackers are much faster and more efficient than a human ever could be.
● Account Takeover: AI can also be used by fraudsters to impersonate real shoppers. By fabricating photos or mimicking voice audio, fraudsters can gain access to legitimate customers’ accounts to place fraudulent orders or steal sensitive information.
● Synthetic identity fraud: Fraudsters also have generated realistic, AI-fabricated identities (fake names, addresses, credit profiles, even deepfaked selfies and identity documents) to open new accounts, exploit promotions (for example, one-time, first-purchase deals), and more.
● Return & refund fraud: AI tools can help create fake receipts, shipping labels, or product images to trick automated return systems into issuing refunds or credits without legitimate returns. Moreover, one individual can use AI to create multiple accounts, making it harder to detect abusers.
These are just a few of the many ways that AI is helping fraudsters ramp up their attack posture. Perhaps even more frightening: much of this technology is still in its early days, and fraudsters will only continue to find new ways to advance their nefarious acts as AI progresses.
Protecting Customers & Building Trust
These days, it’s no longer enough to have great products: to motivate consumers to shop, online retailers must now prove that they take privacy and security seriously. So, how can these sites fortify trust in the age of AI?
The solution is two-fold. First, online retailers must change their mindsets: any storefront that handles and stores sensitive information like credit card numbers must operate as if it were a financial institution (when it comes to security). That means at every stage of the business – from checkout flows to account management – online retailers should be thinking proactively: how could a hacker exploit this? And what steps can we take to tighten security?
Second, ecommerce storefronts should implement robust cybersecurity technologies. Online identity verification technology, for one, helps confirm that a shopper is who they say they are before a transaction is ever completed. Not only can this thwart fraudulent purchases, but it also reassures customers that their sensitive information is being handled securely. In fact, consumers now view security measures like identity verification and biometrics as equally important on e-commerce marketplaces (96%) as they are on financial services sites (97%).
When combined with other tech tools and techniques like two-factor authentication, real-time transaction monitoring, behavioral biometrics (such as analyzing keystroke dynamics and device movements), technical signal assessment (like device and network fingerprinting) and more, online identity verification can help online retailers consistently stay one step ahead in the AI fraud creation/detection arms race while also solidifying trust and loyalty with shoppers.
The message for ecommerce sites and marketplaces is clear: human judgment is becoming an increasingly unreliable safeguard, and automated, technology-led verification, independent from the end user’s self-assessed ability to distinguish real from fake, is becoming critical.
As hackers continue to step up their game with AI technology, online merchants cannot afford to be lax. Trust is turning up once again as a critical foundation; those who fail to prioritize security risk losing not just customer confidence, but revenues. Conversely, those who choose to be proactive by shifting their mindsets and investing in advanced security technologies will have a competitive edge.
Iryna Bondar-Mucci is a Fraud Platform Lead at Veriff with more than five years in fraud prevention and a master’s in cybersecurity. She steers Veriff’s overall fraud posture, leads scalable defense initiatives and is also one of the authors of the annual Veriff Identity Fraud report. Ira serves as strategic lead for fraud mitigation across Veriff.





