Skip to content

Am I being hacked right now?

Join our mailing list

Signifyd regularly publishes free reports packed with business insights, commerce trends and data from our massive Commerce Network. We’ll only email when we have something meaningful to share, no more than once per week. And of course you can unsubscribe any time.

After several prominent data breaches, including the 2013 infiltration of Target’s database that affected 40 million customers and resulted in a $39 million settlement, brick and mortar retailers face a heightened level of liability when it comes to fraud. While the implementation of EMV credit cards provides increased security with regards to card-present fraud, it’s forced cybercriminals to branch out digitally, attacking eCommerce businesses through online measures.

With the myriad of daily decisions that go into running a business, it’s fairly easy to overlook the subtle signs that indicate you’ve been a victim of a data breach or a fraudster. Like any seasoned criminal they’re professionals at what they do and they want to steal from you without getting caught. It’s the classic tale of the hard-worker trying to make an honest living versus a digital predator hunting for the next shortcut to take it away. By understanding what signs to look for in your operation that indicate you may have been hacked and learning some of the ways cybercriminals operate, you can arm yourself with some tools necessary to minimize any damage and prevent future occurrences.

Figure out your normal. Establish a baseline.

If you haven’t done so already, immediately take steps to assess your current ecommerce operation and determine what your definition of “normal” means. What does it look like when all cylinders are functioning at full capacity? This involves breaking down your end goals to a fundamental standard of policies and guidelines to get you there. Data breaches can occur in a matter of minutes. Ideally you should have 24/7 monitoring of your network and protect all transactions. But even a dedicated internal fraud prevention unit can miss something in the blink of an eye. By setting a base pattern for your operational flow you can detect anomalies easier and more efficiently.

1. Know your files

Whether storing information in the cloud, on an in-house server or on your desktop, make mental note of your business files, from naming systems to dates created, size, location and which employees have what level of access.

2. How fast is your Internet?

Consider the speed your provider promised you and how each of your devices perform via LAN or Wifi. Keep in mind the type of bandwidth your business requires. If you notice lags of time between network applications, chances are something rotten is eating at the core. Without first setting a benchmark for speed, you risk not recognizing a bump in the road.

3. Make a list of obvious oddities (no matter how obvious)

Sometimes the answer is as plain as the nose on your face. Say you notice your machine keeps running after you power down or your homepage comes up as an entirely different page. Sometimes these things can seem so obvious, one holds back from drawing attention to them thinking someone else must have authorized such a change, or a ghost has taken residence in the office. For whatever reason silence rules and a breach goes undetected. By setting a basic list of no-brainer scenarios for employees to look out for you’re adding an extra layer of protection.

4. Keep user accounts current

Compile a list of user accounts, with detailed admin roles, passwords and ongoing access requests. If a certain password stops working unexpectedly, a user ends up blocked from an account or you find evidence of sensitive files being retrieved without approval,  you should immediately take steps to further investigate and guard your business.

5. Not all traffic is good traffic

Decide what level of traffic is the average present norm for your ecommerce site and add a separate standard for projected growth according to your marketing plan. Sudden bursts in traffic may indicate cybercriminals are using your network to coordinate with each other or siphon off crucial company data.

Signs your customer is using a stolen credit card

Data breaches result in thousands if not millions of credit card details floating through the black market, accessible to fraudsters everywhere. As an ecommerce merchant you need to be proactive in preventing fraudulent purchases by recognizing important signs.

1. Large quantity orders of one product

While compulsive and impulsive shopping are very real things, if you suddenly notice a large sum of a certain product being ordered, you should take warning. Fraudsters need to get as much merchandise as they can from a stolen card before the card owner realizes it has been stolen. If you see an order for 25 pieces of jewelry or 100 electronic tablets, chances are these aren’t legitimate sales.

2. Fledgeling shoppers

At this stage in the digital economy, it’s rare to find a legitimate buyer with no previous shopping or online history. Cybercriminals often test credit cards using phony emails solely generated for that purpose. If you notice an order with little-to-no buyer history, make a note to investigate further.

3. Unusual shipping requests

From the moment a fraudster activates a stolen credit card, he/she is on a mission to use it as much as possible before the theft is reported. If you notice unusual orders with expedited shipping, double check the rest of the order’s details, especially with international destinations since a majority of online gangs prowl from overseas.

4. Conflicting user data

With the holidays approaching, merchants will see an influx of orders with incongruent billing and shipping addresses but it’s important to give these orders the attention they deserve. If one card number spans multiple accounts, there could be one criminal with a stack of stolen cards. If one account number spans multiple emails and shipping addresses, it could be a sign of cybercrime at a much larger scale. Mismatches in customer data such as auto-generated email addresses, phone numbers and shipping addresses or a discrepancy between AVS and CVV details are classic signs of credit card testing. A key tactic used by fraudsters to determine if a stolen credit card is still working for them is to test it on small and sometimes trivial purchases. When testing, the items purchased matter much less than the details and patterns the fraudster is learning of how you approve orders.

5. Numerous credit cards tied to the same IP

While many people max out their credit card limits, they don’t always max out the number of cards they can fit in their wallet. Americans who own credit cards own an average of 3.7 cards per person. If you see several card numbers tied to one purchaser, be sure to check the order and payment details thoroughly before approving these transactions.

Which merchants are most at risk for credit card fraud?

1. Instant Deliverables

Due to the lack of review time available, merchants providing instant goods such as gift cards, tickets or downloads, where the customer expects to receive what they paid for upon completing the transaction, are at the highest risk.

2. International Merchants

Identity validation becomes increasingly difficult when dealing with overseas transactions due to spotty verification capabilities, time-zone differences and privacy laws.

3. Click and Collect

Merchants that offer a buy online, in-store-pickup option deal with fraud on a regular basis. Cybercriminals are con artists who can easily impersonate a legitimate buyer. The best way to avoid this type of fraud is to establish a strict protocol for these orders that includes multiple levels of verification.

Think like a criminal … because they’re already thinking like you

Cybercriminals run a business so it’s important to recognize you’re not dealing with just one individual. Working more like a hive, fraudsters comprise an intricate network of workers linked to a corrupt, black market for stolen data like credit cards and shipping information. Criminals buy and sell stolen data in various carding forums like Uncle Sam and Popeye. They have a target market comprised of easy targets. Don’t let yourself become one.

Prepare for the worst to ensure the best for your business. Many fraud prevention and chargeback prevention companies use technology to identify fraudulent transactions and provide scores and recommendations. Signifyd take things one step further with their real-time machine learning by offering a 100% financial guarantee against fraud and chargebacks for any orders they approve. With Signifyd you can accept more orders without the fear of fraud with our guaranteed fraud protection.


Sourabh Kothari

Sourabh Kothari

Sourabh is the former Director of Merchant Advocacy at Signifyd, where he brought over 18 years of experience defining, designing and delivering content through stories, events and video.