Credit card fraud warning signs
I run a site called Candy Japan, which ships boxes of Japanese surprise candies to subscribers around the world, twice a month.
At one point I was thrilled when I was suddenly seeing a lot of new orders coming in. But then, weeks later, I noticed a problem. A lot of these new orders turned out to be fake. Dealing with the chargebacks, I started wondering how I might have noticed such orders before accepting them.
I've written before about getting hit by credit card fraud and how to make your store less attractive for fraudsters. In this post I'll share some of the warning signs I've learned to pay attention to. These merely signal you to pay particularly close attention to an order – there can also be real orders that match some of these.
Address is in the US... or is it?
Some countries will have more fraudulent orders originating from them than others. Fraudsters also know that their country can raise suspicion, so sometimes they will enter their address otherwise correctly, but just change the country to "United States".
If you just casually browse your new orders, you might not notice this and accidentally ship the order. Later on when the post attempts to deliver it, they will at some point realize that the country is wrong and reroute it to the correct country -> fraudster gets their package.
Address is nonsensical
Sometimes addresses just make no sense. For example the street address isn't within the ZIP code provided, or the address has huge parts of it missing. For example something along the lines of "Maple Street, 10001 New York".
In these cases the purpose of the order might not be to actually get the package, but rather just to check whether a stolen credit card number works or not.
Using reshipping centers
One time I received an order with other warning signs, but that had a valid US shipping address. I decided to look it up on street view.
There were shipping trucks parked outside. Googling the address revealed this to be a reshipping center – a company that accepts packages inside the US and then ships them forward to other countries. There are perfectly valid reasons to use these companies, I've used them myself. For example you might have moved abroad, but still want to have an address in your home country.
Another reason would be that you might want to place an order with a store that doesn't do international shipping. However I do have international shipping, so there should be no reason to use a reshipping center. Unless of course you are trying to hide your actual location, which is a big warning sign. Nowadays I look up any suspicious order on street view, just to see if it might be a reshipping center.
Using throwaway email addresses
There are sites that offer disposable email addresses. You get limitless instant inboxes for any names you want, and can check them without having to register separately for each. Again there are good reasons to use these, for example for avoiding spam when you have to provide an email address for a site that demands it, but that you don't want to have your real email address.
Still I have found that if an order originates from one of these, it usually has other warning signs as well.
Using an inconsistent and unlikely email address
By "inconsistent" I mean that the first and last name implied by the email address does not match the name in the shipping address. By "unlikely" I mean one that no reasonable person would want to have, usually containing a big batch of numbers in it. An example that would be both inconsistent and unlikely would be firstname.lastname@example.org even while the name in the shipping address contains a totally different name.
Again not a sure sign, but this tends to be a feature of fraudulent orders. Often you just can't be quite sure and have to make a judgement call. One time when I tried googling for an address, I found that the person was also active on a forum for trading stolen credit card details. That was a bad sign. More often I will find a legit-looking personal blog which mentions their email address, that's great sign that it's a trustworthy subscriber.
Thanks for reading
Two bonus signs for the end. You can use a Geo IP database to check if the shipping address country differs from the IP address country. That's a weak sign (people do place orders while traveling, or to friends in other countries), but can break the tie if there is another suspicion. Another one is seeing if the order happened during a batch of other fraudulent orders. If you suddenly get 6 orders and 5 of them are fraud, and 1 you're not sure about, it's more likely to be fraudulent as well.
Thanks for reading. If you would like to try some candy yourself, you can sign up here.