LifeinAsia - 3:43 pm on Jul 21, 2010 (gmt 0)

*We think one reason why they would use the same shipping as billing is that they are placing these somewhat small ticket orders to verify a working card.

That would be my guess.

It's a long shot, but if you capturing the browser's user agent (if not, then start), do some analysis and see if it's the same one (or a group of ones) being used. That might indicate the same person/group doing all of these. If so, maybe you can flag orders with matching user agents for manual follow-up.

Similarly, use some analytics and try to determine how the fraudulent order users are coming to your site. Chances are, they may have bookmarked your site as an easy site to use for testing. So you could flag those orders for manual follow-up. Note- if it's a returning customer who bookmarked your site, then it shouldn't automatically raise a red flag.

We had some fraud orders a few years back that apparently came from a link in a Hotmail account (the referrers for all the orders came from a link used for reading a message in Hotmail). Any orders with similar referrers now go under a microscope before processing.