E-commerce, or electronic commerce, can include any type of transaction which requires electronic transmission of data. Fraud, in this respect, can include the most obvious type being online transactions, as well as a far range of other activities from the swiping of a stolen credit card at a grocery store to the electronic embezzlement of money by an employee within a company. E-commerce fraud is different than that of other specific industries or situations.
It encompasses such a large span of industries, activities, and data types; it is a relatively new concern since the internet has become prominent In most households only within the past 15 years resulting in lack of education and security concerns for many users especially since verification of identity is difficult without face to face encounters. As with many types of fraud, E-commerce fraud targets the consumer as its primary victim, leaving many individuals at risk.
Fraud may occur within organizations as well as outside organizations; it can be perpetrated by a business, a consumer, or a person posing as someone they are not. Within an organization, management or employees can perpetrate a fraud. Since they are inside of the company, they have the advantage of being inside the company’s computer network, meaning they do not have to get through external security to access information.
This type of fraud can compromise accounting information, company confidential data, or personal information relating to both customers and employees. Sniffing may be used to view data passing along the network, where an employee can gain access to a wealth of information which they are not authorized to access, and this data can be used for personal advantage. Fraud from outside an organization can be perpetrated by consumers, hackers, or others who may pose as someone who they are not.
This may include illegitimate vendors, organizations, or individuals, as well as consumers impersonating someone whom they have stolen identity from. As mentioned before, fraud in e-commerce has become such a great concern largely because of the inability to verify the identity and location of those who are dealing with each other, as well as security risks that may be not be recognized. Fraud outside organizations may or may not be against organizations, and the lack of education associated with risks is often the greatest opportunity presented to perpetrators.