Forter and PwC report flags top e-commerce fraud risks including remote access cyber attacks

A report launched today by Forter and PwC reveals major new emerging fraud trends for e-commerce companies.

While returns fraud holds its position from last year as the most prevalent risk, new emerging threats gaining traction in 2025 include: 

1. Remote access attacks – A type of cyber attack where an unauthorised individual gains access to a computer or network from a remote location. Forter recorded an 8% increase in remote access attacks during the 2024 Black Friday/Cyber Monday period compared to 2023.

2. Card testing – A fraudster tries to determine whether stolen card information is valid so that they can use it to make purchases. This attack fraud type predominately affects low-value transactions and is commonly seen in crowdfunding or charitable sectors, digital goods, food delivery services and subscription services.

3. Fraud attacks on QSRs or fast-food restaurants – Attacks on QSR platforms surged by 45% from 2023 to 2024. Over 85% of fraud attempts on QSR sites involve returning fraudsters.

4. Loyalty points fraud – This occurs when individuals exploit loyalty programmes, either stealing points, manipulating transactions, or creating fake accounts to redeem rewards. Accounts involved in loyalty programs face four to five times higher rates of attacks compared to regular accounts, and those holding stored value or points are six to seven times more vulnerable to fraud.

5. Fake accounts – This involves the creation and use of fraudulent accounts on platforms such as social media, financial institutions, e-commerce sites, and other online services, with the intent to commit fraud. Forter’s data indicates that 90% of fake accounts on digital commerce platforms are often created by a small subset of disciplined fraud users.

Doriel Abrahams, Principal Technologist at Forter, says: “These fraudulent activities are rife and growing in retail. Not only is fraud costly and a drain on already pressurised resources, but it can irreparably damage a retailer’s reputation.”

“It is essential for e-commerce fraud leaders to maintain a holistic perspective - not only understanding the underlying drivers of fraud risk but also meeting new compliance needs and the current external threat trends. By staying vigilant and continuously reviewing their fraud prevention strategies, merchants can better protect themselves and their customers from ever-changing e-commerce fraud risks.”

Looming UK regulatory risk for retailers

An impending addition to the anti-fraud UK Government legislation - Economic Crime and Corporate Transparency Act 2023 (ECCTA) - will come into effect on 1st September.

This will make it a corporate offence for ‘failure to prevent fraud’ (FtPF), or for an organisation to be held criminally liable if a ‘specified fraud offence’ were to be committed by an ‘associated person’ that either directly or indirectly benefits the organisation. Even more so than at present, e-commerce organisations will need to have clear policies and processes in place to address their fraud risks.

Harry Holdstock, Partner at PwC, says: “As part of a strategic collaboration between PwC and Forter, this annual report is designed to empower fraud and retail leaders within the e-commerce sector with key information to counter their biggest fraud challenges.”

“Counter-strategies for fraud prevention must become part of the normal running of a business and not an optional extra - even some of the ‘smaller perceived’ fraud risks are too big now for any business to ignore at board level. Some of the most commonly overlooked measures are having a robust third-party risk strategy and ensuring fraud detection and prevention mechanisms appropriately match the scale and demands of your e-commerce business.” 

Escalating supply chain fraud risks

The report re-iterates the trending supply chain fraud risks of PwC’s Global Economic Crime Survey 2024, which found that 42% of UK organisations have experienced supply chain fraud and 35% have experienced procurement fraud in the last 24 months.

Throughout the retail supply chain - from manufacturing to store shelves - the 2025 report reveals some key fraudulent activities include employees accepting kickbacks and bribery in procurement, counterfeit goods in supplier fraud, theft in logistics fraud with falsified shipping documents and inflated fuel costs and expenses. In inventory management fraud, stock manipulation and phantom inventory, which is recorded in the system but doesn’t exist, are big drains on operational costs. Examples of financial fraud are duplicate payments or invoices and payment diversion to fraudulent accounts.

The big supply chain cybersecurity risks include data breaches, phishing attacks, with employees targeted with emails to gain access to sensitive information, and ransomware, which can see business operations paralysed with a ransom demanded to restore systems.

2025 RTIH INNOVATION AWARDS

Cybersecurity will be a key focus area at the 2025 RTIH Innovation Awards.

The awards, which are now open for entries, celebrate global tech innovation in a fast moving omnichannel world.

Our 2024 hall of fame entrants were revealed during an event which took place at RIBA’s 66 Portland Place HQ in Central London on 21st November, and consisted of a drinks reception, three course meal, and awards ceremony presided over by comedian Lucy Porter.

In his welcome speech, Scott Thompson, Founder and Editor, RTIH, said: “The event is now into its sixth year and what a journey it has been. The awards started life as an online only affair during the Covid outbreak, before launching as a small scale in real life event and growing year on year to the point where we’re now selling out this fine, historic venue.”

He added: “Congratulations to all of our finalists. Many submissions did not make it through to the final stage, and getting to this point is no mean feat. Checkout-free stores, automated supply chains, immersive experiences, on-demand delivery, next generation loyalty offerings, inclusive retail, green technology. We’ve got all the cool stuff covered this evening.”

“But just importantly we’ve got lots of great examples of companies taking innovative tech and making it usable in everyday operations - resulting in more efficiency and profitability in all areas.”

Congratulations to our 2024 winners, and a big thank you to our sponsors, judging panel, the legend that is Lucy Porter, and all those who attended November's gathering. 

For further information on the 2025 RTIH Innovation Awards, please fill in the below form and we will get back to you asap.