Welcome to WebmasterWorld Guest from 220.127.116.11
Forum Moderators: buckworks
*We think one reason why they would use the same shipping as billing is that they are placing these somewhat small ticket orders to verify a working card.
Carding is a term used for a process to verify the validity of stolen card data. The thief presents the card information on a website that has real-time transaction processing. If the card is processed successfully, the thief knows that the card is still good. The specific item purchased is immaterial, and the thief does not need to purchase an actual product; a Web site subscription or charitable donation would be sufficient. The purchase is usually for a small monetary amount, both to avoid using the card's credit limit, and also to avoid attracting the card issuer's attention. A website known to be susceptible to carding is known as a cardable website
It's a long shot, but if you capturing the browser's user agent (if not, then start), do some analysis and see if it's the same one (or a group of ones) being used. That might indicate the same person/group doing all of these. If so, maybe you can flag orders with matching user agents for manual follow-up.
they use the correct name and address on file, correct cvv code, and oddly enough same shipping address as billing*. Worst of all they go as far as using IP addresses geographically near the home of the person it was stolen from