In addition to thoroughly vetting online job applications, applicants and current employees, we are now in the day and age where we have to conduct background checks on our customers due to increase business fraud cases.
Business Fraud Case Study
Recently, a small businessman received a phone call from a potential customer who asked about his inventory of a specialty product and wanted to know how quickly she could have 50 of them delivered to an address in Miami. Satisfied that he had them in stock and could be shipped right away, she placed the order. Her phone number included a Miami area code. However, the billing address for the credit card she used was in Maryland. This scenario wasn’t entirely unusual but worth a more in-depth look.
A bit suspicious of this order’s details, the company did a little investigating to find out more about the company name she provided along with her order. They couldn’t find anything. They did a reverse phone number search, but nothing turned up.
Still, they authorized this person’s credit card in preparation for fulfilling her order. The next day a phone call was received from someone with, not so ironically, the exact same name. She asked why there was a credit card authorization on her card. Bingo! The company’s hunch was right.
The small businessman explained that someone had placed an order the previous day using her credit card. The impersonator had asked the company to ship more than $1,000 worth of products to an address in Miami, which turned out to be a UPS Store location.
Online Business Owner Challenges
Combining today’s methods for storing data and the prevalence of ethically-challenged people eager to find credit card information to use or re-sell has made this a real issue for online business owners. The anonymity that exists in cyberspace adds to the problem.
A small online sporting goods company lost close to $10,000 to fake customers in one year alone. In the particular situation just described with the fraudster in Miami, this business stood to lose more than $800 had we not been notified by the actual cardholder that we were being taken.
For online business owners, here are some things you need to know to protect your business. Merchants who send products to people who are not who they purport to be are certain to incur a loss as soon as the real cardholder notices that a fraudulent charge has been placed on his card and notifies the card issuer. The online store owner is always completely exposed to the risk when this kind of online business fraud is committed. Credit card processing accounts typically show no mercy to online store owners who, in good faith, sell items to thieves who appear to be legitimate buyers.
Signs of Online Business Fraud
Sadly enough, online businesses have been victimized by credit card thieves enough times that some trends are easily spotted. Here are the most common signs that a customer is shopping your store using someone else’s credit card.
- Multiple quantities of the same item. Most of the fraudulent orders include large quantities of the same item. These people know that they only have a few chances to make good on a stolen credit card, so they try to make it pay off as much as possible on any one transaction. They tend to order multiples of products that don’t seem natural. For instance, someone ordered 20 football jerseys in the same size and color from a sporting goods store.
- Expedited shipping. Someone purchasing with a stolen credit card is likely to use expedited shipping without any apparent regard for the exorbitant shipping cost. Most fraudulent orders are placed using overnight or 2nd-Day Air shipping. People committing business fraud typically understand that they need to hurry not to be detected before getting what they want.
- The billing address and shipping address are geographically far removed. Although there are often customers who need to have something shipped to a sister office in their company or who have some other legitimate reason to request an order be shipped to an address that is hundreds or thousands of miles away from their billing address, using geographically disparate billing and shipping addresses is typical of those who are committing fraud.
- Using a Hotmail, Gmail or other non-professional address. This rule applies mostly to customers who claim to be ordering for companies. If the stuff on the right side of their email address (e.g., email@example.com) doesn’t match up with the organization they claim to represent and use a free email service is more likely that the person isn’t associated with the company.
There are several other smaller signals that, when considered together, can help a store owner recognize when someone is trying to commit credit card fraud. For business owners who want to be extra careful, more advanced fraud prevention tactics can be put into place. Usually, a business owner is faced with balancing the ability to conveniently sell products to customers with the possibility of being exposed to fraud because of a security policy that is too lax.
Vetting the Customer
With the available access to information about people, companies and all sorts of other data, suspicious customers can often be detected through social media or by doing a few Google searches. This kind of research typically increases suspicion about a potentially fraudulent order when there are no online traces of the person placing the order.
Businesses who typically sell products directly to consumers, rather than to other companies, might have to dig a little more to determine whether their customer seems legitimate. Use Google Maps to look up the address, and in many cases, you may discover ship-to addresses that look like they are abandoned houses or that otherwise don’t match up with the rest of the information provided on the order.
Merchant Security Measures
Merchant providers and online gateways (which allow online store owners to process credit cards) typically have at least some rudimentary protections to keep online store owners safe. One of these protections is the address verification system resource, which allows store owners to match the billing address (typically the street number and/or the ZIP code) provided by a customer to the address on file with the credit card issuer. The store owner can also enter the credit card’s security code through a credit card gateway (like authorize.net), which reports whether the security code matches what the credit card issuer has on file for any particular card.
However, both of these protections can be circumvented by credit card fraudsters by merely obtaining all of that information along with the credit card number and expiration date for the card they have stolen.
The only true way to make sure that your business is protected when shipping to a credit card owner is to insist that the ship-to address they provide is attached to their credit card account. Credit card companies typically allow cardholders to add shipping addresses to their accounts. A store owner can verify with the credit card company that they recognize the address where the goods are going.
Reporting the Crime
This part of the process — having lost some amount of money to a credit card thief — can feel like eating crow for a business owner. Those who are willing to spend a few hours filling out a police report (which might as well read “How I allowed my business to get conned”) can report having goods stolen from them through their local police department.
Investigators have more pressing issues to deal with than worrying about online fraud. The best practice is to try to keep this kind of thing from happening in the first place.
This article was summarized from KSL.
Ninja Gig is an online job posting website that lets employers post online job applications and participate in online job recruitment. Savings companies thousands of dollars a year, Ninja Gig prides itself on offering an all-inclusive, flat-rate monthly fee. If you want to try our robust Applicant Tracking System (ATS) and online job applications software, sign up today and get 14 days free.