Just in time for the start of the holiday shopping season, two vendors released research last week detailing a rise in e-commerce fraud. CyberSource published the results of its sixth annual e-commerce fraud survey, while VeriSign came out with its fourth Internet Security Intelligence Briefing, which details Internet usage trends as well as threat, vulnerability and fraud patterns.

According to CyberSource's tally, businesses will lose $2.6 billion to online fraud in 2004 - a 37% increase over 2003, when fraud losses totaled $1.9 billion.

Retailers have had some success limiting fraud loss, but they're spending more time and money doing so, says CyberSource, which specializes in electronic payment and risk management services for retailers.

This year fraudulent orders account for 1.8% of online sales, which is statistically level with last year's 1.7%, CyberSource says. The $700 million swing in fraud losses is offset, in part, by corresponding growth in e-commerce revenue: The 348 merchants surveyed expect their e-commerce revenue to increase by 39% in 2005.

VeriSign, too, logged a healthy climb in e-commerce sales. According to its report, which covers July through September of this year, e-commerce dollar volume has increased more than 25% since the third quarter of 2003.

Fraud schemes increasing

However, fraud schemes are growing even faster, and the level of sophistication and potential damage from Internet attacks continues to climb, VeriSign says. In particular, new hybrid attacks, such as those that exploit a system vulnerability to launch an identity theft, are being initiated by more sophisticated hackers looking for financial gain.

One e-commerce executive finds the diversity of attacks to be one of the biggest challenges in the fight against fraud. "Every time we feel like we have our bases covered, the fraudsters find a new way to get through," says the manager of Internet operations at a $2 billion specialty retailer who asked not be named.

Online commerce is a relatively immature business, and it's still going through growing pains, she says. Determining best practices for fighting fraud is a work in progress. "Key to this industry is to set those good practices and standards, and get everyone to adhere to them."