Growing side by side with the worldwide increase in internet usage and online sales is the notorious cesspool of fraud seeking to find a flaw in whatever system they can exploit anyone who uses (or accepts) credit cards. Pretty well everyone associated with any significant online business knows that without fraud prevention controls in place, businesses are set up for substantial financial losses. There are a few trends we have noticed that should be helpful to anyone involved in the operation of an online store.
Detecting a fraudulent customer
There are some distinct behavioral patterns exhibited by the majority of the perpetrators of fraudulent purchases online. In the majority of cases we encountered, the person attempting to make a fraudulent order has stolen someone’s credit card (likely from a restaurant or retail store) or has purchased a list of credit card numbers from an identity theft black market. In cases like those, the fraud likely has a credit card number and expiration date, but nothing else to verify his identity. In some cases, the fraudulent customer has been thorough enough to get the 3-digit CVV number from the back of the stolen credit card. In either of these situations, figuring out that the customer is using a stolen credit card is a fairly simple process. If he can’t verify the billing address associated with the credit card, chances are you have a fraudulent customer briansclub.cm.
Most of the time, fraudulent customers try to keep themselves isolated from the business they’re trying to scam, for obvious reasons. When they sign up for a customer account, they provide a telephone number that doesn’t work. Often we even see bogus area codes used in telephone numbers provided by fraudulent customers. Our online store requires an email address from customers. Because free public email addresses (like those from Yahoo.com, Hotmail.com, or Gmail.com) are difficult to trace back to their owners, most fraudulent customers use one of those kinds of no-hassle email addresses.
In our experience, the most obvious of fraudulent customers naturally seems to be the dumbest. We often receive emails from people who ask whether we accept credit cards for payment and then ask us to send them a list of products we sell. It’s not hard to tell that those emails are fishing for scam opportunities. Other fraudulent customers will ask for multiple quantities of a specific product found on our web site, and they’ll ask whether we accept international credit cards. These emails typically mention that the sender is buying products for some worthy cause, and they’ll use a benign name (such as “Doctor Johnson” or “Pastor Murphy”) that the perpetrator will convince the owner of an online store that he’s not being duplicated. I’m pretty confident that online businesses rarely fall for those tricks, especially since most of the “Doctor Johnsons” we encounter appear to not spell very well and have poor grammar.
There are some fraudulent customers who are smarter and bolder than the typical ones I’ve discussed. We’ve encountered customers using stolen credit cards who use valid phone numbers and email addresses, and who communicate as if they are legitimate. Sometimes we don’t find out until after the order has been delivered that the customer was actually using a stolen credit card. In one particular case, a customer’s billing address didn’t match the address on file with the credit card issuer. A phone call was made to the customer, and he matter-of-factly gave a different billing address. Because of a glitch in our merchant account system, the order was shipped even though the alternate billing address wasn’t the correct one either. The end result was a free set of six hundred dollars worth of football jerseys for a thief in Dallas, Texas. Another fraudulent customer ordered some gym bags and requested that they be sent overnight to Miami, Florida. She wasn’t dissuaded when she was contacted and told that her check had to clear the bank before her order could be shipped. She persisted and mailed a bogus check from an account that didn’t exist.
Here are some principles that should help combat fraud from customers shopping at your company’s online store.