homepage Welcome to WebmasterWorld Guest from 54.145.183.169
register, free tools, login, search, pro membership, help, library, announcements, recent posts, open posts,
Become a Pro Member
Home / Forums Index / WebmasterWorld / Ecommerce
Forum Library, Charter, Moderators: buckworks

Ecommerce Forum

    
Fraud Order Attempts!
olimits7

5+ Year Member



 
Msg#: 4328336 posted 4:09 pm on Jun 20, 2011 (gmt 0)

Hi,

It just amazes me how many fraudulent attempts I receive from people trying to submit fraud orders on my website.

I use authorize.net as one of my payment methods, and I can see how many orders get declined due to fraud attempts.

I recently noticed this one guy who tried to place the same order 8 times in a row, and each time with a different credit card number. The order kept getting declined because each order he tried to submit came up with "no match on street or zip code".

Do you guys experience the same thing with fraud order attempts?

I really wish there could be something done to put a stop to this; I wish Dateline did a special on "how to catch an online ecommerce fraudster"...haha.

olimits7

 

Realbrisk

5+ Year Member



 
Msg#: 4328336 posted 6:39 pm on Jun 20, 2011 (gmt 0)

We don't provide the customer with the response

HRoth

WebmasterWorld Senior Member 5+ Year Member



 
Msg#: 4328336 posted 6:47 pm on Jun 20, 2011 (gmt 0)

I get this periodically. Last week someone tried to place an order from a server in Iraq, then one in the UK two minutes later, then back to Iraq, six attempts in a row, all going to places like Dubai, Jordan, UAE, etc. Then two weeks ago I had a $650 order from someone with a billing address in Chile, shipping address a Miami forwarder, ordering from Canadian ip, and calling from cellphone in CA. This person actually called me repeatedly as well, wanting to know if I would accept (phoney) money order or Western Union or would I overnight it or could she come and pick it up in person (from 500 miles away). And then there are the "I will like to order" emails. I could create a fraud filter just based on the phrase "I will like to order." I often write back "I will like to know why you will like to steal from me."

dpd1

WebmasterWorld Senior Member 5+ Year Member



 
Msg#: 4328336 posted 11:29 pm on Jun 20, 2011 (gmt 0)

lol... I know, it's funny. All the effort they make... You'd think proper English would be first on the list, but I guess not.

RhinoFish

WebmasterWorld Senior Member 5+ Year Member



 
Msg#: 4328336 posted 1:50 pm on Jun 21, 2011 (gmt 0)

We don't provide the customer with the response

olimits7, Realbrisk said something important here.

if they are submitting over and over again with different card numbers, rest assured they're using your cart as a test bed for their stolen cards.

Planet13

WebmasterWorld Senior Member planet13 us a WebmasterWorld Top Contributor of All Time Top Contributors Of The Month



 
Msg#: 4328336 posted 4:41 pm on Jun 21, 2011 (gmt 0)

I know that on my shopping cart you can make a limit of, for example, three declined attempts, before that user will be unable to submit again for a designated period of time (say, 15 minutes).

You should see if your ecommerce platform has something similar.

olimits7

5+ Year Member



 
Msg#: 4328336 posted 8:56 pm on Jun 21, 2011 (gmt 0)

Thanks for the replies!

I don't provide my customer with a detailed reply of why their credit card was declined (no avs/ccv response); all my website responds with is something like "the credit card used was declined, please try a different payment method"...which I think is the norm with most websites.

That's a good thing to look into; does anyone know if Authorize.Net offers a feature like this to limit the number of declined attempts from the same user or is this something my shopping cart needs to have in place?

olimits7

Realbrisk

5+ Year Member



 
Msg#: 4328336 posted 9:05 pm on Jun 21, 2011 (gmt 0)

Did you check out Authorize.Nets Fraud detection suit

olimits7

5+ Year Member



 
Msg#: 4328336 posted 9:31 pm on Jun 21, 2011 (gmt 0)

Hi, yes...just got done talking to them and i can have this feature by adding the AFDS; which is great!

incrediBILL

WebmasterWorld Administrator incredibill us a WebmasterWorld Top Contributor of All Time 5+ Year Member Top Contributors Of The Month



 
Msg#: 4328336 posted 9:49 pm on Jun 21, 2011 (gmt 0)

I recently noticed this one guy who tried to place the same order 8 times in a row, and each time with a different credit card number. The order kept getting declined because each order he tried to submit came up with "no match on street or zip code".


I've seen some nasty order attacks and you pay a fee for each attempt. Customers get a cut-off at about 10-15 attempts so they don't bankrupt me with transaction fees and 5 card # changes gets the axe as well.

I also pre-screen transactions and test the IP against the address and if the country doesn't match I dump it before calling the gateway. The GEO-IP services work OK for most IPs but obviously fails miserably on wireless broadband transactions.

Just a couple of tricks to play to save some fees

I don't provide the decline reason either, I offer them Paypal ;)

Planet13

WebmasterWorld Senior Member planet13 us a WebmasterWorld Top Contributor of All Time Top Contributors Of The Month



 
Msg#: 4328336 posted 5:20 am on Jun 22, 2011 (gmt 0)

Also, one thing about the cart I use also has recaptcha set up on a velocity filter, so if they keep switching from IP to IP (and they aren't being tracked by cookies), if enough declines by any customers come in within a predefined time, then the recaptcha kicks in for like ten minutes or so.

Global Options:
 top home search open messages active posts  
 

Home / Forums Index / WebmasterWorld / Ecommerce
rss feed

All trademarks and copyrights held by respective owners. Member comments are owned by the poster.
Home ¦ Free Tools ¦ Terms of Service ¦ Privacy Policy ¦ Report Problem ¦ About ¦ Library ¦ Newsletter
WebmasterWorld is a Developer Shed Community owned by Jim Boykin.
© Webmaster World 1996-2014 all rights reserved