Credit card fraud is on the rise. Many merchants accept credit cards by phone, website shopping carts and even email. This eliminates the opportunity to physically inspect the credit card, verify the identity of the person using the card or even see what the person looks like. While it might be stereotyping, if a transient walked into your store and presented an American Express card for a $300 purchase, you might be suspicious and likely would take extra steps to verify the transaction was a legitimate one. That is not possible with a card-not-present (CNP) transaction. However, with a little bit of knowledge and an ounce of prevention you can avoid becoming a victim of credit card fraud. There are many common red flags and actions you can take if you suspect a fraudulent transaction is taking place.
The Big Red Flags
To help you and your employees spot potential credit card fraud, look for these potential red flags that should cause suspicion. Not every action listed below should be considered fraud but when several of the actions occur together, you should take action to prevent a loss from occurring. As an example, large purchases are not necessarily a sign of fraud but there are other trigger points that might be combined with a large purchase that should make you investigate the transaction further.
New Customers: We all love new customers. Thieves love new places to exploit. First-time customers placing abnormally large or out of the ordinary orders should draw concern. This may be an attempt to see if your business is a new source of thievery.
Large Orders: Any orders that are significantly higher or different than your average transaction should be considered suspicious. Criminals who have obtained a stolen card number on the black market have a very limited time before the theft is discovered. The same stolen credit card number might be sold to many different people on the internet so thieves get to work purchasing as much as they can before the theft is discovered.
Repeat Orders: Once a thief discovers that a stolen card actually worked with you, greed sets in. They may order more of whatever they successfully ordered.
Big Ticket/Excess: Thieves may choose to go big and use a card for your most expensive items or services. Once they get approval on something, they may order more, larger, better or grander items from you. Again, they know they have a limited time so they go for it all.
Different Address: If your Point-of-Sale system allows a search by address, you might see a different card being used for delivery or pickup to the same address. While it’s possible the customer changed cards, it is a red flag.
Service/Shipping Doesn’t Match: If you are shipping to another address other than the one associated with the billing of the credit card, this can be a red flag. For companies who pick-up or drop off at addresses that are different than the card billing address, extra care should be taken in identifying who is using the card and how to contact the customer at the billing address if needed.
Same IP Address: Multiple orders originating from the same IP address with different credit card numbers around the same time period should be considered suspicious.
Using Multiple Cards: If a credit card is declined and more than one other card number is offered as a replacement, this is almost always a sign of “card testing” where a fraudster tries various stolen credit cards to find which card number will work for future fraudulent transactions.
Unknown Cardholder Information: If a person using a credit card doesn’t know the billing address, the ZIP code, the cardholder name or the security code on the card, it becomes highly suspicious. A true credit card holder knows where their monthly statement is mailed to.
Smaller Amount Retry: If a card declines on an initial transaction a thief might try to make a smaller purchase to see if it is within the credit limit of the card. This is another form of “card testing” in which the thief tries to identify the limit and/or available balance of the account.
Guessing an Expiration Date: Since most CNP purchases require the credit card expiration date a thief may attempt to guess at the date. If the first attempt is wrong and a second attempt is made, it’s highly likely that the thief doesn’t have the physical card and is simply trying to guess the expiration.
Typos, Spelling and CAPS: Too many oddities entering an online order can be a red flag. Language oddities could be indicative of offshore fraudsters who do not use English as a first language. Using all capital letters may be a sign of laziness or a sign of fraud. Grammar and spelling errors can be tip-offs. If the person misspells their own name or anything in their own address, consider it a red flag.
Repeated Inquiries: When a customer calls back after the initial transaction to inquire about the product being shipped or whether the limo is on the way, this is a sign they are making sure that their fraud hasn’t been discovered yet. They may even add additional products or services during a subsequent call. Being overly concerned about an order is a huge red flag.
No Concern for Charges: If you charge for shipping, expedited shipping or other fees and the person has no interest in hearing about them or hesitation in paying them and says something like, “Just put it on the card”, this is another red flag. Thieves don’t care about these fees as they will never pay them.
No Concern for Policy: Most customers are careful about big-ticket purchases and typically inquire about return or exchange policies, warranties etc. Fraudsters typically don’t care, so they’re not likely to ask any questions.
Order Through Deaf-Relay System: Customers are able to place orders through a deaf relay system without having to use their own voice. This is sometimes used for fraudulent purposes. As an example, a man placing an order on a credit card with woman’s name should raise a red flag. Be overly cautious and request additional personal information on these calls to prove legitimacy.
In a Hurry: Fraudsters like to place their order and get off the phone quickly. If a person is in a hurry to get off the phone when you start asking for specifics about them or their transaction, criminals are more likely to have a “Yeah, whatever” attitude, to speed up the process.
When Red Flags Fly
Trust your instincts. They are usually right and you know this. If something about a customer or an order just doesn’t feel right, you should trust those instincts. If anything smells fishy during a transaction, don’t be afraid to request additional information or call your Merchant Hotline to verify the purchase with the true cardholder. A little extra due diligence may slow down the ordering process, but a legitimate customer will appreciate the extra care you are taking to protect them.
At the same time, none of the things we listed above are positive indicators of fraud. Carefully reviewing each transaction for signs of fraud can help reduce chargebacks and losses