Katherine Hutchinson, senior director of global risk management at PayPal, told the Web 2.0 Expo in San Francisco that developments in web-based fraud meant firms had to enter an "arms race" in order to maintain their protection, the Wall Street Journal reports.
She pointed to the use of IP addresses to confirm an online customer's location as one established technique that is becoming less reliable in combating fraud.
In the past, ecommerce sites could check an IP location to confirm that orders were not coming from high-risk regions, but today many fraudsters use satellite-based internet service providers or "zombie" computers to reroute their traffic so it appears to be coming from a safe area.
Ms Hutchinson also warned that the global recession is fuelling fraud, with consolidation in the banking industry leaving confused customers open to scam emails that ask them to confirm their account details and address.
According to the Internet Crime Complaint Center, the United States, the United Kingdom and Nigeria are the top three sources of online fraud.