In 2025, Brazilian e-commerce is expected to break another record. But what comes along with this avalanche of orders and clicks is also a concern. We're talking about the rise in digital fraud.
The Brazilian Association of Electronic Commerce (ABComm) projects a revenue of R$ 224.7 billion for the sector this year, 10% more than in 2024. This will involve approximately 435 million orders and 94 million consumers browsing, buying, and (sometimes) venturing into online shopping. All this in a market that has been growing uninterruptedly for eight years.
Dates like Cyber Monday, Father's Day, Christmas, and even periods of continuous sales demand, more than ever, prepared and secure platforms. The so-called "hot seasons" of retail make the final stretch of the year not only a strategic warm-up for promotions, but also for fraud attempts.
Black Friday is scheduled for November 28th. And while the promotions boost the digital economy, they also open the doors wide for scammers. But this growth comes at a cost. And it's not just financial.
The 2024 edition has already given signs of what to expect. According to ConfiNeotrust and ClearSale, by midday on the Saturday following Black Friday, 17,800 attempted frauds were registered. The estimated value of the thwarted attempts? R$ 27.6 million. The average value of the scams is impressive: R$ 1,550.66, more than triple the average value of a legitimate purchase.
And the preferred targets? Games, computers, and musical instruments.
Even with a 22% drop in the total value of fraud compared to the previous year, experts are adamant: cybercriminals remain active, and more sophisticated.
Meanwhile, PIX is booming. On the last Black Friday, transactions using the instant payment system jumped 120.7% in a single day. R$130 billion was moved, according to the Central Bank. A historic achievement. But one that is also worrying.
More speed, more access, more instantaneity, more vulnerabilities. And not all platforms are prepared for this. Slowness, instability, and security breaches become the perfect entry point for those on the other side: attentive and opportunistic fraudsters.
These failures directly affect user experience and brand reputation. A PwC study reveals that 55% of consumers would avoid buying from a company after a negative experience, and 8% would abandon a purchase after a single unfavorable incident.
“Digital security is not a final step. It is an ongoing process that begins before the first line of code,” summarizes Wagner Elias, CEO of Conviso, an application security (AppSec) specialist.
To protect e-commerce software, the application security (AppSec) sector — which is expected to generate US$25 billion by 2029, according to Mordor Intelligence — works to find vulnerabilities before they become real problems.
The goal of AppSec is to map security vulnerabilities before they are exploited by attackers. Elias compares it to building a house: “It’s like building a house already thinking about access points: you don’t wait for someone to try to break in before installing locks or cameras. The idea is to anticipate risks and strengthen defenses from the beginning,” explains Elias.
And the CEO warns that ideally, companies should constantly review their platforms to identify and correct potential security breaches, creating a continuous culture of protection. "The key is to offer a real guarantee for both the product and the consumer, strengthening trust in the platform and the entire purchasing process. And this is only possible with preparation that begins months before the date."
One of the solutions that can support e-commerce businesses in this process is Site Blindado, now part of Conviso, an application security company and a leader in AppSec. The trust seal operates at different levels, serving online stores that need basic protection as well as those requiring greater proof of authenticity, or even more rigorous certifications, such as PCI-DSS, required for those who handle credit card data.
Those who take security seriously reap the rewards. Visa, for example, blocked 270% more fraud in 2024 compared to the same period of the previous year. This was only possible thanks to a robust investment: more than US$11 billion in technology and security over the last five years.
The key? Artificial intelligence, machine learning, and real-time behavioral analysis. All in milliseconds. Without disrupting the real consumer, who just wants to secure the discount at checkout.
Prevention starts at the base. But how to protect yourself? The recommendations are clear and involve both companies and consumers,” reinforces the CEO of Conviso.
Tips for businesses:
- Incorporate security into the systems development phase;
- Perform penetration tests (pentests) frequently;
- Integrate security tools into your DevOps without losing agility;
- Train technology teams with a focus on security best practices;
- Create a culture where safety is routine, not the exception.
And for the consumer who shops online:
- Beware of deals that seem too good to be true;
- Check if the website is trustworthy (https, security seals, CNPJ [Brazilian company registration number], etc.);
- Give preference to platforms and apps that are already familiar to you;
- Avoid links received via email or social media — especially from strangers;
- Enable two-factor authentication whenever possible.
“While consumers need to learn to recognize signs of risk, companies have a duty to offer secure environments. It is the combination of the two that sustains trust in the platforms and keeps the market healthy,” concludes Elias.
