Watch for These Fraud Red Flags to Stop Criminal Attacks & Keep Your Business Safe
Yes, credit card fraud is a threat to all merchants. That said, businesses in the card-not-present (CNP) space are generally more vulnerable to fraud than their brick-and-mortar counterparts.
Recent studies revealed some troubling information: card-not-present fraud is rising at a fast rate. Globally, the number of digital transactions suspected of being fraud attempts rose 46% year-over-year in 2021. And, while the problem is global in scope, the US is the source of more than one-third of card fraud losses.
Recommended reading
- Payment Authentication: How to Verify Buyers Before a Sale
- What are Velocity Checks? How Do They Stop Fraud Attacks?
- ECI Indicators: How to Understand 3DS Response Codes
- The Top 10 Fraud Detection Tools You Need to Have in 2024
- Fraud Scoring: A "Must-Have" Tool for Fraud Management
Spotting Fraud Warning Signs is Key to Prevention
47% of merchants believe fraud is inevitable, while 20% think it costs too much to control. Of course, both these beliefs are incorrect.
Preventing chargebacks caused by card-not-present fraud is vital to protect your bottom line. Where do you get started, though? Well, as the saying goes, “an ounce of prevention is worth a pound of cure.”
The best way to stop criminals is to familiarize yourself with the warning signs of fraud. Once you do this, you can deploy the right solutions to stop fraudsters before they can pull off an attack.
To spot potential credit card fraud, experts have identified specific fraud red flags that may give merchants cause for suspicion. By themselves, none of these warning signs necessarily point to a problem. Large purchases, for example, are not necessarily signs of a full-scale fraud issue, but at the same time, it's critical that you recognize the potential events warranting further investigation.
20 Most Common Fraud Red Flags
At Chargebacks911, we’ve identified dozens of potential fraud red flags. Some are less common, while others tend to pop up over and over again.
Below, we’ve compiled a roundup of the top 20 fraud warning signs to watch for in 2023:
New Customer Orders
Gaining new customers is great… unless they're not really customers, of course. You should pay close attention to first-time buyers. Fraudsters are always on the lookout for a new, easy victim to target.
Larger-Than-Expected Orders
Any orders that are significantly larger than your average transaction in terms of dollar value should be considered suspicious. A criminal with a stolen card number knows they only have a limited time frame before the theft is discovered and the card gets shut off. So, they often try to buy as much as they can in one shot.
Repetitive Orders
If you receive an order that has a lot of the same item but in different colors or sizes, proceed with caution. Fraudsters often buy multiples of the same item, knowing they can resell them later to convert the goods to quick cash.
Orders of Big-Ticket Items
Again, because of that limited window of opportunity, crooks move fast to try and maximize their “earning potential” when they steal a card number. So, they often go for the items with the biggest resale earning potential. It’s a lot easier to sell one $1,000 item as opposed to 50 items that cost $20 each.
Orders raising red flags? Take action today to stop fraud attacks.
Different Cards, Same Shipping Address
Fraudsters typically buy stolen cardholder information in bulk from hackers. Multiple orders with mismatched payment information could signify a thief trying to quickly burn through a collection of stolen cardholder data while it’s all still active. It’s a sloppy tactic, but not uncommon.
Same Account, Different Shipping Address
Some criminals have been known to share card numbers with friends, or order items for them. This is an especially popular ploy during the holidays, when merchants expect regular cardholders to buy gifts and ship them to others. Be wary if the buyer’s address on file doesn’t match the shipping address.
Different but Similar Card Number
A thief might have scraped a list of credit card accounts and placed orders on each card in rapid succession. This could be a sign of “card testing,” or it could just be a sloppy, rapid-fire fraud attack. The fraudster submits multiple transactions, hoping at least one will get through.
Different Cards, Same IP Address
Orders with two different cards originating from the same IP address could be normal activity. For instance, it could be a couple buying holiday gifts for one another. However, any more than that — especially several orders submitted around the same time — should be considered suspicious.
Multiple Cards Used for One Order
If a buyer wants to use several different payment cards on one large order, that may be another indicator of card testing. A fraudster might be using the order to find which card numbers will be approved, allowing them to submit additional purchases using the valid cards.
Reattempting With a Smaller Amount
When an order is flagged as potential fraud and declined, the thief may quickly attempt to purchase something else that costs less. This is another form of card testing by which the fraudster tries to identify the limit and available balance of the account.
Guessing the Expiration Date
Most card-not-present purchases require the credit card expiration date. If the date entered first is wrong — and the customer tries again with a new one — there’s a chance the buyer doesn't have access to the physical card. The buyer may be simply entering junk information or is trying to guess the expiration date.
Problems Supplying Personal Information
Customers who have trouble supplying personal information on phone orders may not be the cardholder at all. A real customer shouldn't find it difficult to provide personal details, like the billing and shipping address.
Typos, Spelling Errors, or Using All-Caps
Everyone makes mistakes. That said, too many oddities in one order should be cause for concern. Repeated typos or odd grammar could be indicative of offshore fraudsters who do not use English as a first language.
New threats emerge every day. Make sure your business is future-proofed.
Repeated Inquiries About Shipping
Some customers repeatedly request updates about the shipping process or seem overly concerned about shipping. This could be because the individual is worried the products won't leave your warehouse before a fraud attack is detected.
No Interest in Shipping Prices
Some fraudsters seem totally uninterested in shipping details. In fact, they’re often happy to pay for rush shipping, and don’t care at all about the extra expense. Why should they? After all, it's not their money they are spending. The fraudster’s only goal is to get the job done quickly, so paying extra using someone else’s money is no problem.
International Shipping
Fraudsters know that it's nearly impossible to be caught and/or prosecuted for eCommerce fraud perpetrated in another country. As a result, they feel like they’re facing less of a risk to attack a seller across the border. You want to double-check international orders and screen them carefully for any other fraud red flags. Also, be aware of countries that are fraud-origin hot spots. For instance, an order originating from a country in Latin America or the Asia-Pacific region is 60% more likely to be fraudulent than one originating in the US.
In-Store Pickup
Fraudsters are wise to a lot of standard fraud detection techniques. They’re always looking for ways around them, and are happy to take advantage of new shopping technologies and channels. With in-store pickup, for example, you can't check for red flags associated with different shipping and billing addresses. A fraudster could make a purchase, then impersonate the legitimate buyer to pick it up in store.
No Concern for Company Policies
Most customers are careful about big-ticket purchases like electronics or home appliances. It’s normal for a buyer to ask about return or exchange policies, warranties, rebates, and the like. Again, fraudsters want to get away quickly, so they're not likely to ask any questions that might cause a delay or extend your interaction.
Using the Deaf-Relay System
Customers can order via phone without using their own voice by deploying a deaf relay system. This could be twisted for fraudulent purposes, though, as the deaf relay system obscures the user’s voice. Be overly cautious, requesting additional personal information to prove legitimacy.
Indifference to Specifics
Fraudsters are trying to place the order quickly and get off the phone. So, when the order-taker starts asking for specifics about the item, criminals are more likely to have a "Yeah, whatever" attitude just to speed up the process.
Any number or combination of these common fraud indicators should be investigated thoroughly whenever possible. Thankfully, with the right combination of fraud tools in place, many attacks can be thwarted before they ever impact your bottom line.
Remember: half the fight against fraud lies in detection. However, not every form of fraud gives you a hint in advance of an attack.
Some fraud occurs after a transaction has been completed. To make matters worse, these attacks aren’t carried out by a hardened cybercriminal or practiced fraudster. Instead, they’re committed by otherwise legitimate and trustworthy customers.
The Biggest Fraud Threat of All: Friendly Fraud
Knowing the fraud red flags outlined above will help you identify and prevent attacks originating from third-party sources. However, did you know that merchants are now more worried about first-party attacks than third-party ones?
It’s true. Friendly fraud was actually the #1 fraud threat concerning merchants in 2021. The situation is only growing worse; according to the 2022 Chargeback Field Report, six out of every ten chargebacks issued in North America in 2023 will be the result of friendly fraud.
Complicating things further, friendly fraud doesn’t provide you with any red flags. You won’t know you’ve been a victim until weeks or even months after the original transaction took place.
You have no way to predict when and where friendly fraud is happening. You can’t know whether banks have fully investigated customer claims or not. Finally, you have no way to guarantee that a customer has filed a dispute maliciously or accidentally. You can probably see why this all adds up to one big problem.
This certainly seems bleak. We have good news, though: there are steps you can take to mitigate your losses and prevent fraud originating from both first- and third-party sources.
4 Tips for a Multi-Layered Fraud Strategy
To fight back against criminal fraud, you have to beat it to the punch. A personalized combination of fraud tools tailored to your business needs is an excellent first step in crafting a comprehensive fraud strategy.
We recommend that you:
1 | Deploy Fraud Tools
No single tool can be 100% effective. But, by deploying a mix of multiple tactics, you can increase your odds of success. You may have to experiment to find the right mix of complementary tools, including:
- Address Verification Service (AVS)
- CVV Verification
- 3DS Technology
- Geolocation
- Fraud Scoring
2 | Use the Most Comprehensive Data Available
The more data you can cross-reference, the more accurate you can be. Tap into the best data you can find, and use machine learning to constantly fine-tune results.
3 | Keep Records Updated
Your authentication tools are only as good as the information you have on file. Perform regular account checks to update expired details held on-file.
4 | Best Practices Win
Excellent customer service and attention to detail are great for attracting and retaining customers. However, it can also lower your risk for both first- and third-party fraud.
- Revisit your order fulfillment process to identify and isolate weaknesses that could lead to merchant error.
- Confirm orders and provide tracking information so that cardholders can verify their purchases.
- Send follow-up emails. After a product has been shipped and delivered can not only guarantee that your customer received their items, it can also help you rectify and resolve errors before they become disputes.
Hone Your Prevention Strategy
Every business needs a coordinated, carefully planned strategy to make the most of the tools at its disposal. But, like we mentioned above, best practices and conventional tools to detect fraud red flags have little to no impact on threats like friendly fraud. To fight fraud from all sources, you'll probably need additional help.
Here at Chargebacks911®, we specialize in preventing post-transactional fraud that criminal fraud tools like those listed above can't reach. We work alongside other technologies to provide comprehensive, multilayered fraud defense. Continue below and get a free ROI analysis today.
FAQs
What are the indicators of fraud?
Some of the most common fraud red flags include larger-than-normal orders, repetitive small orders, the same account but different shipping address, and the same shipping address but different cards. As a rule of thumb, remember that if something feels off… it probably is.
How do you identify eCommerce fraud?
Look for anything outside of the norm. This can be done using multiple fraud detection tools, all backed by fraud scoring.
Which is the most common incident of fraud in eCommerce?
Friendly fraud is a first-party, post-transaction attack committed by an otherwise legitimate customer. Merchants surveyed reported that friendly fraud was the number one threat facing their business in 2022.
What are the “red flags” for friendly fraud?
Unfortunately, there are no consistent warning signs for a friendly fraud attack. It's post-transactional, so there's limited things you can do to prevent it.
