Online shopping in Croatia is growing. As many as 76 percent of the Croatian population use the internet for online shopping, which places us somewhere within the European average. The Croatian eCommerce market was estimated at 1.3 billion euros last year.

This way of shopping is certainly convenient and represents a saving of time and money, but it also comes with many risks that have been increasing in recent years due to the development of artificial intelligence and new technologies.

Croatian companies are not doing enough to implement security solutions, with online security becoming an increasing challenge since the emergence of artificial intelligence, said Marcel Majsan, president of the eCommerce Croatia association, for Bloomberg Adria TV.

Appearing on this television in mid-April, he added that online scams today are becoming increasingly personalized thanks to the use of artificial intelligence, allowing fraudsters to learn much more personal data about online shoppers while using chatbots to establish contact and initiate conversation.

“The worst part is that fraudsters can also use deepfake technology to imitate a voice or even simulate a video call of a person known to the buyer and whom they trust. In this way, they manage to persuade victims to give them their payment card details or even send money. Tragically, only 0.05 percent of such fraud cases end up in court, which is just one out of as many as two thousand fraud cases. It is horrifying that these scams can even end in suicide, so such cases must be taken very seriously because this is a burning issue not only here, but worldwide,” Majsan warned.

Speaking about experiences from the recently held Global Anti-Scam Summit (GASS) in London, he said that many countries are taking serious measures to prevent the occurrence of such scams.

What can merchants do?

According to research conducted by the eCommerce Croatia association and feedback from its partners, Majsan stated that domestic online merchants are not sufficiently aware of the dangers posed by these types of scams and are still not doing enough to prevent potential consequences.

He pointed out that the eCommerce Croatia association has been working for 10 years to raise awareness about security and build trust, especially since 2018 when webshop certification began. “But that is not enough. Merchants need to understand that it is not enough to just place a CAPTCHA code on their websites; they need to focus more on updating security patches and implementing multi-factor authentication for administrators logging into the system. This can prevent hackers from gaining access to steal customer data or, even worse, take over the identity and request payments from clients on behalf of the attacked merchant. And most importantly, there is too little education, primarily of employees. It is crucial to teach employees how to recognize fake websites, messages, and similar content coming from fraudsters,” Majsan emphasized.

The eCommerce Croatia association launches Safe Shop

He added that all of the above is the main reason why the Association is launching the Safe Shop portal, where customers will be able to check the security of individual websites and learn everything about online scams.

Majsan pointed out that one of the reasons for the lack of awareness among domestic merchants about online security topics is that they have a lot of work related to operational business, with an additional challenge being that they operate in a relatively small market which, as part of the European Union, is subject to strict legal regulation. “While they are navigating this maze of regulations and laws while simultaneously trying to run sales and remain profitable, they often do not have the time or resources to focus on other aspects. In doing so, they risk that their years of painstakingly built reputation can be destroyed in an instant if a security breach occurs,” Majsan warned.

Speaking about security certificates, he said that the main concern for customers is that the webshop they are buying from is secure and trustworthy. Customers usually first check whether they recognize the brand and domain and whether the company has many followers on social media. “All of this is easier when dealing with a large company that has been on the market for a long time, but the problem arises when merchants enter a new market or appear as a new brand. According to our research last year, customers explicitly stated that they will not buy anything from a webshop that does not have either a certificate or reviews. These are tools that significantly help merchants build trust, but they should not be the only tools used. Their main tool is transparent communication, which is the best path to building a trusted brand,” he emphasized.

Finally, he added that AI-based tools and new technologies can help combat fraud by scanning communication in real time, but in his opinion, this is not enough. He believes that the previously mentioned multi-factor authentication is very important for any entity engaged in sales and handling databases. This type of authentication involves additional verification when logging into the user interface via a mobile device or through certain biometric features. “This is a very important measure that very few companies have properly implemented so far. In addition, it is crucial to educate employees using examples of the most common scams and prepare them for such threats, for which it is not a question of if they will happen, but when,” Majsan said during his appearance on Bloomberg Adria TV.