The spike in U.S. online shopping since the COVID-19 outbreak that forced many physical stores to close in March has created big sales opportunities for online retailers, but also challenges in deterring fraud.

Many website visitors are first-timers, which makes it harder for retailers to be sure they’re legitimate shoppers and not criminals. Curbside pickup also has exploded during the pandemic, posing special obstacles to fraud fighters.

And criminals are taking advantage of the billions of pieces of consumer data that have been exposed in data breaches—4.1 billion records were exposed just in the first half of 2019, according to Forter, a specialist in ecommerce fraud prevention. In some cases, criminals combine information, such as an email address they’ve allowed to “age” to make it appear legitimate with a credit card number stolen from an honest consumer.

Criminals hit athletic shoe brand Brooks Running with this kind of scam in March, just as the pandemic was taking hold. However, it took Brooks a while to spot it because of the high volume of legitimate orders, says Chad Funk, fraud specialist at Brooks Running, which is owned by conglomerate Berkshire Hathaway.

“There was an insane jump in orders, which meant more orders to review and more opportunity for fraudsters to get through,” Funk says. “All that combined worked against us.”

Once Brooks and its fraud-prevention provider Kount identified the fraud pattern, Brooks was able to shut down the scheme. Meanwhile, the brand has fought a second type of fraud and also modified its fraud filters to keep from rejecting good orders when a surge in consumers placing phone orders tripped an alert geared to pre-pandemic shopping patterns.

Not every online retailer faced the array of fraud issues Brooks did. But many have seen an increase in fraud attacks. This article provides a dozen tips on how to avoid ecommerce fraud amid the surge in online shopping driven by COVID-19. Among the tips are:

Encourage customers to add a second form of authentication to protect themselves from account takeover.

If there is spike in chargebacks, look for a pattern and create rules to block similar purchases.

When shopping patterns change, adjust your fraud-detection rules to ensure they are in line with current customer behavior.

If you’re selling high-value products, watch out for triangulation fraud in which criminals buy products with stolen cards to ship to consumers taken in by phony ads.

Make the website the primary line of defense against fraudulent in-store or curbside pickup orders, rather than relying on store employees to deter criminals.

To get immediate access to the rest of this article, sign up for a free Strategy Membership using the Join for Free button below. If you’re already a member, please sign in.

Want to read more? Unlock Free Strategy Membership