img 1

Alert: Here we tell you about the most prevalent Ecommerce Security attack

Online sales in any productive sector are indispensable. As consumers are more digital than ever before, the security of these online sales sites is fundamental in providing an excellent shopping experience. Physical stores will probably have safes, security cameras and alarms as security measures, so let’s see what can be implemented and what must be taken into account to ensure the security of an e-commerce.

 Direct fraud

This is the most common and difficult to control. The techniques used by cybercriminals are constantly evolving, making it a major challenge to stay up to speed with what they are doing to prevent it. 


  • Stolen credit cards: Any online business will inevitably encounter this type of fraud. The perpetrator will try to gain access to the product before the retailer detects that the card is stolen. This type of fraud is particularly dangerous in e-commerce which deals with digital products that must be delivered to the customer instantly.


The easiest way to mitigate this problem is to use the POS gateway offered by the bank. By doing so, it is the bank itself that assumes the responsibility and risk of validating the card.

img 2
img 3

However, if you use your own payment gateway, the onus is on you to detect and block possibly fraudulent payments. Some of the detection measures include ensuring that the card and IP country of the customer match or directly putting on hold all payments coming from suspicious countries.


  • Chargeback or reversal: It occurs when your bank or payment provider withdraws a payment received, usually as a result of having accepted a fraudulent card.
  • A web vulnerability: In this case the fraud is carried out by exploiting a weakness in the code of the web page, allowing the attacker to change the price of the products and considerably reduce their price.

From a legal standpoint, it is impossible to prove that the attack was carried out intentionally (and not as a result of a mistake) and, in most cases, the business will have to bear the cost, without being able to make a claim.

The first requirement to avoid this type of attack is to have a website whose code has been thoroughly examined for vulnerabilities by one or more people with the right know-how. If this is not an option, we recommend that you use third-party e-commerce platforms such as VTEX as they offer greater security guarantees for an e-commerce site.


Ultimately, it is a matter of rigorously assessing the resources you have and deciding how much risk you are willing to take. 


We hope you liked this article, leave us your comments, share it and know that you can always count on Doctus to implement or improve your e-commerce

img 4
carlos en

You may also like

Leave a Reply

Your email address will not be published. Required fields are marked *