Msg#: 3884527 posted 3:59 am on Apr 3, 2009 (gmt 0)
We all get the occasional fraud attempts from indonesia or nigeria, but recently we've had a rash of them and even domestic ones are throwing large red flags.
Here are the steps we use to identify 99% of them before it becomes a loss.
1. IP Address lookup 2. Does their billing address match the one on file with the CC company 3. Are they shipping to a different address than their billing? Is it a residential address?.. if yes then red flag. 4. Are they using a free email like hotmail, yahoo, gmail etc. 5. We use Maxmind Minfraud to do IP lookup as well as matching that address to other reported fraudulent orders from other merchants? (definitely worth the 0.005 cent to run a check) 6. Are they requesting that the item be left without a signature? Especially on orders over $100.00 7. Is their IP address far away from where they are having it shipped? 8. What did they order.. is it something easily resold.. if a few of the other factors above throw a flag then this just adds to it. 9. Is the customer hounding you for tracking very quickly after the order? 10. Ordering multiples of the same item?.. more than normal 11. Express/overnight shipping on expensive and/or heavy items.
[edited by: Bewenched at 4:01 am (utc) on April 3, 2009]
I've had three inquiries this past month about large orders. The customer emails, asking about ordering an unusually large amount of expensive, heavy items. I reply with the price of the items, THEN each of these different customers asked me to contact "their freight forwarder" who just so happens to have no company website, no phone number, no physical address, but only a free, web-based email address. Two of these attempted orders would have shipped to Ghana and another was to Norway.
Since the "freight forwarder" couldn't be proved legitimate each time, I stopped communications. Plus, one of the Ghana addresses was to a childcare center, which would have absolutely no use for our products.
Luckily, we haven't seen any recent rise in domestically-shipped fraud on our site. It's actually been several weeks since I checked a declined transaction's IP and found it was from Indonesia or Iraq!
A little bit offtopic: has one of you every tracked the way scammers take through your shop? I'm thinking: where did they come from (referrer)? did they spend time browsing or just went straight to checkout? How much time did they spend on the forms (thought here is, your average user types in his information ... a scammer who "works" shops will be too lazy to do that, but instead copy/paste). It might just be that scammers leave a different usage-profile from your average customer. While it might not be a thing to automatically reject the order, it might be nice to flag those orders that fit the scam-profile.
Example of how competition is pinching these scammers. This guy tries to hijack money heading to other crooks. From an innovative advance payment email I just received:
"... we have noticed that people have being asked to pay outrageous amount of money by these impostors for the transfer of their funds to them. We want you to stop all communication that has to do with these fraudsters who have been requesting unreasonable sums of money from you to release your funds which they do not have access to."