Well, you may want to fix your shopping cart so it does not ship products without authorizing funds or charging for a sale first for starters...

That was fixed...that was the first thing I did. I am trying to figure out what to do about this order.

Well vetofunk, this is indeed a bad situation. If I were in your shoes, here is how I would view it: one, you sent out stuff without verifying whether or not you were actually paid. A quick trip to your merchant account interface would have demonstrated this.

Two, a test mode email receipt from the gateway is usually easily identified as such when the receipt comes in.

So basically there were at least two points at which you should have been alerted before putting the items in a box and shipping them. If it were me, I'd be kicking my butt all the way to Bankok for the oversight, but still - it would be on my shoulders. It's gone. We sent free stuff out and if the recipient has no honor - which it appears he doesn't - it's gone. The closest we came to this was two packages that had the ship labels switched, one was returned, one was not.

About flying out and confronting them - although the prospect is tempting, the very least that will happen is you will lose a lot of time and money in the effort. Not only is one of you going to get hurt, you could land in jail. And if it gets publicized, the damages to your business would be way worse than your monetary loss.

I don't see a legal recourse here, but I could be wrong. I'd just move on and ask one question of myself: if I could make such an error, is there anything else I need to review that makes us vulnerable?

I am debating to fly there ($199.00 round trip)

"There," meaning a home, apartment, trailer court, fraternity house, military base or what? What can you learn about "there" online from sites like Zillow or G Earth? Are you prepared to knock on the door of a ghetto crack house with 15 inhabitants?

What are the odds the customer will: 1) be home; 2) answer the door; 3) acknowledge being your customer; 4) hand you $3,000 in cash?

---
Should mention that two scam victims who traveled to Nigeria to get their lost money back were never heard from again.

We were in this same boat when we first opened our webstore. We sent out about $1000 total of product to 4 separate customers without collecting any funds. Rocknbil is correct on all counts regarding making sure the money has been transferred into your account - but we were so excited just to be getting orders that we missed the "test mode" part of the transaction receipt we received and shipped the stuff anyway. I think you should cut your losses. Maybe try calling the guy two more times to collect, then give up after that. Invest plenty of time in making sure everything is out of test mode and that your checkout process is flawless. And most importantly, learn from it! On my next site I will definitely not take my unreliable developer's word for it that he took us out of test mode.

Talk to the recipient's local police (by phone). Find out what you can about him from online sources assuming he gave you his real name. Civil litigation is an option tho collecting a judgment won't be easy.

I've said this 10 times over the years: Never mention on your site that you are new to web commerce. Never have a Grand Opening sale.

Scammers view newbies the same way a lion singles out a limping zebra amid an otherwise vigorous herd.

How about hiring a bill collector?

These people can ring the phone off the hook daily, and some even get paid a commission on what they collect. If they are not a total flake or have a family life this could work.

As far as visiting goes mentioning who you are is probably not a good idea, he could try to sue your business if he could prove harrassement or threats, or involve witnesses. (Could not do this with the bill collector, or at least it would not be your problem).

Yeah, I am kicking myself for not noting the test mode. This is actually my parent's business, which I set up on the side...as I have a regular seo job as well as a lot of freelance work...so I am not on top of it as much as I should. We received a lot of orders in the past, our programmer than had to do a test order and forgot to change it back...

This is the thing, I did a little more research. We shipped USPS and he had to sign for it at that address. We have his signature and his address. Match everything on the order. I looked up his name and email address online and actually found his email address hooked up to a eBay store (800+ rating) through offline now. I also found an old post showing his name and his email address, even though it's a hotmail address. When he called the caller id even had his name show. He has been at this address at least one month...

I just hate knowing all this information and not doing anything. I hate that this guy may be trying to ake advantage of my family's business. I want to do something.

I have more experience with bad checks in the B/M world.

I was always tempted to call in the dirtiest, nastiest bill collector in our town and tell him to go for it, keeping 100% of what he could wring from the sleazeball. (Picture a collector who looks like Dog, The Bounty Hunter) Had one woman who wrote us 4 bad checks in 6 years. I cudda killed her. The money meant nothing; I wanted revenge! She hit all our competitors too.

Last I heard she was in the state pen.

Ahhh yes, Test Mode, I think it's the right of passage for e-comm. :)

Under no circumstances should you personally confront this person, bad idea to do it, even worse to publically premeditate it. Call his local police department, chances are they have some sort of internet department to handle such things, or they are part of a collective organization of floating police officers who do handle it. Sometimes it's at the county level.

I'd also contact the local FBI. Chances are they won't do anything because they are "fighting terrorism", but it's worth a shot, right? ;)

Finally, the $3000, if you don't get it back, is a tax deduction. Learn from it, and consider it a business learning expense.

Chip-

Quick story. In my B&M days I had a customer that owed me $2,500.00 for merchandise. Wouldn't pay claimed goods was defective etc, etc.

I was recommended to an ultimate bill collector. He stood 6'4" tall and probably weighed around 280 pounds a mean looking face and a similar demeanor.

His MO was to go to the house ring the doorbell when the fellow came to the door he introduce himself and handed him his driver license. He told the customer he should call the police now because there was going to be some trouble if he couldn't collect payment. He never threaten any physical harm
but he certainly implied it.

Customer scurried off to get his check book and wrote out the payment pronto.
Collectors parting shot was I hope this check is good because he didn't want to
have to come back a second time.

Check was good and I paid the collector $500.00!

I worried about legal ramifications for awhile but the customer was a scam artist and didn't want anything to do with the law or the legal system.

I certainly dont recommend or endorse this system of collecting bills, but it sure did feel good to get my money after two frustrating years of trying all the regular and legal channels to collect this debt!...KF

OMG!

Last I heard she was in the state pen.

She went to prison for stealing credit card info from an elderly man she cared for in a nursing home.

Just looked her up in G (it's an odd name and she never took pains to concel her identity)

Anyway, she's out now, and last month was convicted of bad check passing (probably for the 20th time)

Her penalty? $25 fine from a small municipal court about 40 miles away!

Passing a bad check is a Federal crime, in the past we have filed against repeat offenders a claim at the post office, we even get a restitution check one every 6 months of $4.76

UPDATE:

I have now found that the fraud buyer is selling our items on ebay. I found all 3 items listed from the same location they were sent to. He even was stupid enough to copy our text from our web site. I am going to try to get some more information from him through his ebay account...which has 100% rating with a 37. He has been live on ebay since May of 2007.

Gather your evidence and give it to the local police.

UPDATE:

After calling a few police stations in the area where he lives and works, we spoke with an officer (great man) that was willing to go to his work and home to speak with him. He did so, and not more than 2 hours later, the items were off ebay and this fraudster was calling us apologizing. Telling us to please get the police off of him and to stop coming by his house and work. He was telling us how his name in his hometown is now crap, because I guess everyone at his job now knows...oh well!

We should be receiving the items sometime today. I guess this may actually be a federal crime. He didn't use a fraudulant card, but a card of a checking account he canceled over a year ago, which I guess is like writing a check to a business from a closed account...and then doing it across state lines.

Just wanted to thank everyone for their comments and suggestions.

that's great! I'm glad you were able to resolve this in such a fair manner. His local police department did an excellent job.

Yep, we are going to send him a thank you card and gift for handling this without any evidence except for us talking to him over the phone.

we are going to send him a thank you card and gift

You're going to REWARD him for wasting your (and the police's) time and energy? His "reward" for resolving the issue nicely is the avoidance of jail time and a federal criminal record. He should be thanking YOU for not pursuing it further!

The officer...not the fraudster!

Telling us to please get the police off of him and to stop coming by his house and work. He was telling us how his name in his hometown is now crap, because I guess everyone at his job now knows...oh well!

O, boo hoo.

Cry me a river fraudster.

He should have thought about the consequences before he placed an order he did not plan on paying for.

Clearly he was counting on you not calling the police and writing it off.

We had a similar situation many years ago. A Sherriff in Texas made the trip over to this persons house and found it full of ecommerce packages waiting to be forwarded to that place in Africa.

I have no sympathy for this clown. Seems to me he owes you for taking up countless hours of your time, not to mention the stress.

Everybody needs to get burned once, from then on you will be able to spot the red flags on an internet order.

The officer...not the fraudster!

Oops. :)
<*slaps head*>

One warning. This was handled correctly by having the cop contact the culprit at work. If you visited him at work YOURSELF you could be in a lot of trouble.

Read up on the complex tort of invasion of privacy.

I believe that many states now also bar creditors from calling debtors at work.

Police, of course have immunity if they are investigating a possible crime. You Don't!

Mr. Boffo, will you do it?

You're acting as if this customer somehow tricked you into sending him merchandise. Had your merchant account/payment gateway been turned ON, those "fraudulant" charges would most likely not have been allowed to go through. This whole situation is your fault, not the "fraudster".

Don't you ever check your settlement reports, receive e-receipts, or log into your merchant account? Might be a good idea...

I would look to collect the money from your "programmer" who forgot to turn it back on. Fire that sucka!

I hate to say it, but I believe the reason there is so much fraud on the internet is due to silly mistakes or irresponsibility on the part of the ecommerce owner.

Ahh...so your one of "those" people. The ones the exploit the mistakes of others. Have a nice life :-)

Yes, it was our mistake...and ok, maybe he didn't know the first time (yeah, right)...but then when he exploited it again 3 weeks later for even more expensive items...and then even disconnected his phone so we wouldn't call him and sold the items on ebay (come on) I am sorry, but he is the one at fault there...he knew exactly what he was doing and he is a criminal for doing such...that's why doing that sort of thing is a federal offense.

Your employee who left your payment gateway turned off is incompetent, and needs to be fired (unless you want to run into more problems in the future). I'm not sure whether you can hold employees liable for such losses, but if you legally can do so then there is no exploitation going on. On the other hand, if he cannot legally be held accountable then it's your loss (or in this case, the fraudster's).

Where's the exploitation?

I hear your what your saying with the mistake, but this fraudster did exploit the problem. What he did was fraud and is a federal offense...that is all there is to it. Mistakes do happen, but we have brought these sites up to $500k in sales this year from nothing 3 years ago (only problem we have ever ran into like this)...this just happened to be run on a new platform that we were not as familiar with. But trust me, we are becoming very familiar with it after this!

But to defend this guy, your as bad as he is. If I leave my door unlocked, does that mean anyone can come in a steal anything they want and it's my fault?

My point is you can't expect everyone to have morals or integrity (although many people do). It's just human nature. That's why you need to take certain precautions to safeguard yourself.

In your case, there is nothing you could have done to stop this fraudster from committing (or attempting) a crime. This is why it's so important to take every possible precaution - however in this case your programmer made a mistake.

It's like that chinese proverb, "fool me once, shame on you. fool me twice, shame on me." Don't get caught in this situation again, or shame on you.

And to answer your question "But to defend this guy, your as bad as he is. If I leave my door unlocked, does that mean anyone can come in a steal anything they want and it's my fault?"

YES. It would be your fault that he was able to gain entry, but the criminal is held liable.

Here's an extreme example of how fault does not necessarily lie with one person:

A father leaves a handgun unlocked, loaded, and without the safety on. His 6-yr old son finds the gun. His sister calls him a poopy head and pulls his hair. The son shoots his 4-yr old sister, killing her. Now you tell me who's at fault here?