Four mattresses, four mattress protectors, and two pairs of pillows.
These are the products delivered to fraudsters over the last six weeks that I haven’t received funds for – $4,500 to put it in dollars. A few choice words spring to mind here.
As a small business, revenue lost at the hands of criminal activity is hard to swallow.
It’s especially annoying as you often don’t know you’ve been fraudulently targeted until four to five weeks after the event. That’s when the person whose credit card has been used receives their statement and realises they’ve been charged for something they’ve not purchased. They then contact their financial institution, who in turn contacts the retailer’s financial institution who then debits the money from the retailer’s account almost immediately. This is when you, the online retailer, finds yourself with a drop in revenue and lost goods!
Online fraudsters are clever yet pretty unsophisticated at the same time. They constantly do things that give them away (though sometimes you only realise it when it’s too late).
They use fake email addresses, fake telephone numbers, try multiple credit cards unsuccessfully and often have unusual orders. Your role is spot these orders. But it’s not always easy.
For example, two fraudsters recently attempted to double-fraud my business by ordering a second time from the same address I knew was fraudulent. Incredibly brave, brash and cheeky. However this time I was able to hold back the stock and report the incident to the police. The money from the transaction still entered our account but this time I knew it would be debited around four weeks later so could plan for this.
The true cost of online fraud
Online fraud is now so prevalent that, as of June 2014, ‘card not present’ fraud stood at $299.5 million. That’s up from $210.4 million in 2013. This type of illegal transaction accounts for 94 per cent of the increase in online fraud, with two-thirds of these events initiated overseas.
Closer to home, the cost is more than the transaction itself.
● Preventing fraud is time consuming: once you’ve been hit by card not present fraud, you end up reviewing each transaction thereafter.
● You run the risk of rejecting, insulting and losing genuine customers when your instincts get it wrong.
● The retailer is always the one that loses out :the owner of the credit card that was used fraudulently is reimbursed, the banks don’t lose any money (sometimes even making money on the chargeback fees they impose on the retailer), and the fraudster gets the goods.
Tips for dealing with online fraudulent transactions
While it’s time-consuming to be proactive in combating fraud, and even though your vigilance can sometimes be out-maneuvered, it can certainly help you become less of a target over the long term.
The Australian Payments Clearing Association (APCA), recommends you:
- Use a fully hosted payment gateway provider to collect payments on your behalf.
- Watch for suspicious orders. Is the order unusually large for your business? Is the customer trying various cards in order to make a successful payment?
- Avoid shipping re-saleable goods to a temporary address (e.g. hotel) or to a PO Box number.
- Never take payments on behalf of any other business or person.
- Only make refunds to the card originally used to pay for the goods.
- Take advantage of the tools available such as online authentication methods – American Express SafeKey, MasterCard SecureCode and Verified by Visa.
What I’d add to above:
- Where possible, contact each customer by telephone to ensure they are a real person. This is time consuming, I know, but also a good opportunity to enhance your customer service as well as undertake market research on your customer base.
- Don’t take the law in to your own hands; avoid the temptation to visit the physical address where you know an item was delivered to.
- Report each incident to the police, but know any investigation is likely to take time.
But above all, use your judgement and be vigilant.
How has fraud affected your online business? What safety measures do you have in place to minimise online fraud?