One of our websites was hit with a big old scam yesterday. Someone ordered a TON of stuff, with the order totaling over $5,500. The billing address was in Idaho and we were supposed to ship it to Lagos, Nigeria. Hmm.
As if to add insult to injury, the following comment [sic] was placed in the order comments section:
Dear Dealers. i would like this order to be ship to my office in west africa, within 2 business day and by FEDEX WORLDWIDE and send the invoice and track numbers through my email. thanks [name removed] CEO
This order was many thousands of dollars over our average order and tripped every fraud alarm that was in place. Obviously we did not ship the merchandise. We are now working with the bank of the victim (whose credit card information was stolen) to provide them with all the order data.
If you sell any kind of desirable merchandise on the web, watch your orders carefully, particularly the ones where the shipping address is different from the billing address.
If your website is too busy to monitor orders manually, activate the fraud triggers with your payment gateway system. These triggers can be configured to look for various conditions such as billing party different than shipping party for example. And you can set order limits. In our case, any one order over $1000 goes into a holding queue for us to review. That’s where we found this order.
It doesn’t have to be shipping to Nigeria to be a fraud. And you can’t depend on the banks to catch this all the time. If the credit card has not been reported as compromised or stolen, large amounts can still fly right through as long as the billing information is correct.