A marketplace onboards a new seller in minutes, no questions asked beyond an email address and a payout account. Two weeks later that seller has taken hundreds of orders, collected the payments, shipped nothing, and disappeared. The buyers file disputes. The marketplace eats the refunds and the reputation hit. The fraudster was never who they claimed to be, and nobody checked. That’s the cost of treating onboarding as a formality.

The stakes scale with the market. B2B e-commerce sits around $28 billion and is forecast to reach $36 billion by 2026. Fraudulent card transactions are projected to hit $38.5 billion by 2027. Where the money flows, fraudsters follow, and marketplaces present a wide attack surface because the threat comes from both sides of every transaction. A buyer can be a fraudster wielding a stolen card. A seller can be a shell account harvesting payments for goods that never ship. The platform stands in the middle, liable to both.

Here’s how the fraud works, what to watch for, and why knowing exactly who you’re doing business with is the foundation that everything else rests on.

That last point is the one marketplaces underestimate most. A regular store only worries about fraudulent buyers. A marketplace has to worry about fraudulent buyers and fraudulent sellers both, and the seller-side fraud is often the costlier of the two, because a bad seller doesn’t just steal once. They steal from every single customer who trusted your platform enough to click buy.

What e-commerce fraud really is

E-commerce fraud takes many forms but runs on one engine: someone acquires credentials they shouldn’t hold, or finds a gap in a platform’s defenses, then uses it to steal from a shopper or a seller. On a marketplace the danger doubles, since a bad actor can pose as a buyer or as a merchant. Left unchecked, the damage spreads beyond lost funds into the trust that holds the whole platform together.

Trust is the actual product a marketplace sells. Buyers show up because they believe the sellers are real and the goods will arrive. Sellers show up because they believe they’ll get paid. Fraud corrodes both beliefs at once, and a marketplace that loses its reputation for safety doesn’t lose a transaction. It loses the reason anyone chose it over a direct competitor. Rebuilding that reputation costs far more than the fraud that broke it, which is why the smart platforms spend to protect it before the first big scandal, not after.

Six fraud schemes that target online platforms

Attacks on e-commerce platforms group into six familiar types: chargeback fraud, credit card fraud, refund fraud, account takeover, promo abuse, and triangulation. Each demands its own countermeasure, and on a marketplace each can come from either side of the deal.

Chargeback fraud

Friendly fraud is a customer disputing a legitimate charge to get the money back while keeping the item. Some disputes are sincere. The fraudulent ones are deliberate: buy, receive, then deny authorizing the charge to the bank. The seller loses goods and payment together, and without solid evidence the dispute rarely breaks the merchant’s way.

On a marketplace this gets thornier, because the platform often sits between the buyer and the seller when a dispute lands. Who absorbs the loss, the seller or the marketplace, depends on the rules you set and the evidence you can produce. Either way, a buyer with a pattern of disputes across multiple sellers is a signal worth catching before they strike again.

Credit card fraud

A fraudster buys with stolen card data, usually to resell at speed. Card numbers escape through breaches, phishing, and hacking, then move from hand to hand. When the full details are missing, fraudsters use credit testing, running small purchases to find numbers that still work. By hand it’s slow going. With bots, the method called carding, it blasts through thousands of stolen cards in minutes to surface the live ones.

Marketplaces make tempting card-testing grounds because they carry so many sellers and price points that a flurry of odd small purchases blends into the noise. The platform that throttles authorization velocity and links activity across seller storefronts catches the run early. The one that treats each storefront as an island watches the same stolen cards get tested over and over.

Refund fraud

Refund fraud is a criminal impersonating a real customer to claim a payout. What sets it apart from friendly fraud is the actor: refund fraud is an outsider faking a buyer, friendly fraud a genuine customer acting in bad faith. A standard move is claiming a refund on a product never bought, supported by a forged receipt that survives a quick review.

There’s a seller-side version too. A dishonest merchant can stage fake transactions and refund flows to launder funds or extract money through the platform’s own payout system. Watching refund patterns from both directions, buyer claims and seller-initiated reversals, is how a marketplace keeps its payout rails from becoming a fraud channel.

Account takeover

Account takeover, or ATO, is a fraudster commandeering a user’s account through stolen login data. Once in, they transfer funds, empty balances, or buy against saved cards. On a marketplace, a hijacked seller account is even worse, letting an attacker redirect payouts and trade on an established reputation. The entry methods:

• Social engineering to extract credentials from the victim
• Malware that captures passwords and session data
• Phishing through fake emails and login pages
• AI and machine learning tools that scale the attack
• Exploiting unpatched vulnerabilities on the platform

ATO ranked among the top five identity fraud types in 2023 and keeps climbing. Accounts defended by a password alone won’t hold.

Picture a seller who spent two years building a five-star rating, then loses their account to a phishing email. The attacker changes the payout details, runs a clearance sale on goods that don’t exist, and harvests the orders. Buyers trusted the rating, not knowing the person behind it had changed. The reputation the real seller built becomes the weapon used against the marketplace’s customers.

Promo bonus abuse

Promo abuse is the misuse of vouchers, referral links, signup bonuses, and coupons. Its form follows the offer. A common version: one person opens account after account to keep claiming the same free trial, never paying. Loyalty programs get hit too, with attackers seizing accounts to siphon points or swap in their own billing address.

Marketplaces that subsidize growth with seller incentives or buyer credits get hit from a second angle, where fake sellers and fake buyers collude. A fraudster runs both sides, posting listings from one account and buying from another to farm referral bonuses or inflate a seller’s standing. Linking accounts by device and payment data is what exposes the puppet show.

Triangulation fraud

Triangulation is the cunning one. A fraudster builds a fake storefront to attract genuine buyers. The shopper orders, and their card data lands with the criminal. The fraudster then buys the same product from a legitimate retailer to fill the order, so the buyer receives their goods and notices nothing. The card data was the real haul, saved for later.

For a marketplace, the nightmare is the fake storefront living on your own platform. A fraudster sets up shop, fulfills real orders using stolen cards elsewhere to keep ratings clean, and quietly harvests card data from every buyer who passes through. Vetting sellers at onboarding, and watching for fulfillment patterns that don’t match a legitimate business, is what keeps that storefront from ever opening.

Red flags that expose fraud

Spotting fraud means recognizing the abnormal before it costs you. No single signal proves anything, but these patterns earn a closer look:

• Transactions abnormally large for the account
• Orders to or from a country that doesn’t match the profile
• Transaction patterns that break from history
• Sudden changes to personal details such as the shipping address
• A username that doesn’t match the payment method
• Refunds recurring on the same account
• Repeated declined transactions in a short span
• Errors or inconsistencies in submitted documents
• Charges that exceed the card’s credit limit or available funds

One flag is noise; a customer travels, a seller updates a bank detail. Several at once is the silhouette of fraud, and the marketplaces that read the silhouette catch the seller scam before the refunds pile up. The same logic applies to sellers as to buyers: a brand-new merchant who suddenly changes payout details, lists high-value goods at suspicious prices, and ships from a flagged address is showing you a pattern, not a coincidence. Read it early and you stop the scheme at listing; read it late and you read about it in the chargeback report.

Ten ways to keep fraud out

No single control does it all. Effective defense stacks measures so beating one still leaves the next standing. These ten make a working stack:

1. Take a risk-based approach to customers, partners, and vendors, scaling scrutiny to risk
2. Lock down the basics with cybersecurity policies and tools like secure VPNs
3. Deploy AI behavioral fraud detection that flags departures from normal
4. Train staff regularly so the human layer stays solid
5. Onboard only trustworthy users with reliable identity verification
6. Require face authentication when an account behaves unusually
7. Vet business partners and corporate customers before extending trust
8. Monitor transactions in real time to surface anomalies fast
9. Encrypt transactions so intercepted data is useless
10. Keep software current so old vulnerabilities can’t be exploited

Two of those carry extra weight for a marketplace. Vetting business partners isn’t a nice-to-have when your partners are the very sellers taking money from your customers. And risk-based scrutiny means a high-volume seller handling large payouts gets watched more closely than a buyer purchasing a single item, because the damage they can do is an order of magnitude larger.

Knowing exactly who you do business with

Suspicious activity has to be caught at every stage, not just at the front door. Retailers miss this constantly. Over 70% of fraud happens after the initial verification, so a one-time check at signup leaves most of the risk untouched. For a marketplace, that front door swings both ways, which makes vetting the people selling on your platform every bit as critical as screening the people buying.

Identity checks are the start, not the whole job. Strong merchant verification gives a platform confidence that the businesses and partners it onboards are real and accountable, while behavioral analysis, transaction monitoring, device fingerprinting, and risk scoring catch the trouble that surfaces later. Vet the seller properly and the vanish-with-the-payments scheme dies before it starts.

It comes down to a holistic stance. Verifying a buyer’s card at checkout means little if the seller collecting the money is a ghost. Knowing both ends of the deal, and watching the activity between them, is what separates a marketplace that fraudsters avoid from one they treat as easy pickings. The platforms that screen only the buyer are solving half a problem and wondering why the losses keep coming from the half they ignored.

The marketplaces that win on trust make the vetting invisible to honest sellers and unavoidable for fraudulent ones. A legitimate business clears verification in minutes and starts selling. A shell account with mismatched documents and a freshly registered payout destination hits friction at every turn. Get that contrast right and you grow your seller base without growing your fraud losses alongside it.

None of this is about slowing the platform down. It’s about aiming the friction precisely. The goal is a marketplace where the honest seller barely notices the checks and the fraudster can’t get past them, where a buyer’s stolen card gets caught at checkout and a seller’s vanishing act gets caught at onboarding. Build that, and trust stops being a marketing slogan and becomes the thing that actually keeps both sides of the market coming back for the next deal.