Marketing & SEO Discussion List - LED Digest

 
Home arrow Featured Posts arrow International Orders and Credit Card Fraud
International Orders and Credit Card Fraud Print E-mail
Written by Ron Coble
February 7, 2007

Beating the Fraudsters

I debated all week about adding my 2 cents to the subject of International sales because this post could easily evolve into being being a book sized post. But a large order from South Africa prompted me to jump in with some comments and suggestions.

Our international trade marketing services business attracts fraudulent orders like moths to a light on a summer night. The primary reason for these orders has been the directories we offer that contain the contact information for importers around the world with about 12% of them having email addresses.

The fraudsters (as I like to call them) attempt to use one form of fraud (credit card) when purchasing our directories which they then use to email their infamous "Nigerian" scam emails (which are no longer limited to Nigeria but still primarily centered from countries on the African continent).

Our "fraud flood" actually started about 5 1/2 years ago and hit the $150,000 mark sometime early last year when I stopped keeping a tally because we were literally receiving 5 fraud orders for every 1 legitimate order. The order that sparked me to post this came from South Africa (becoming a fast 2nd or 3rd to Nigeria).  It was for two Mexico Business directories with a total cost of $1,390.00...

Initial Fraud Checks

The order upon initial review, looked fairly legit, spelling was good, the first and last names were not reversed (an easy sign to spot from new, not too educated fraudsters). The email was from a free email account, that is a definite security flag but the IP address on the order checked out for South Africa - things were looking fairly positive.

Let me divert for a moment - in regards to the IP address capture. I installed this little bit of script on our order forms in September 2006 and almost overnight it reduced our fraud order rate from about 5 to 1 by about 90%.  I 'guess' because their IP address shows on the order form as they are filling it out and they cannot change it that it scares some of them away?

By the way, whois.sc is about the best and fastest IP checker I have found on the Internet - just copy the IP from the order and visit whois.sc and paste and hit enter - very fast and more details than any other I have used yet.

Security Flags are Raised

The next check was the first 6 digits of the credit card with our merchant services bank lookup.  The 2nd BIG security flag is raised. The bank is in Mumbai, India.  I then request the customer submit a faxed or scanned copy of the front and back of their credit card via fax or scanned attachment to an email and the "TOP" portion of a recent billing statement so we can verify the billing address he has submitted (we emphasize the top portion because we don't need to see their transactions - just their address).

This morning, I have a two page fax waiting for me. The first page goes on to assure me that because he is currently on travel and does not have a billing statement but assures me that he is the owner of the card (we emphasize in our email requesting this data that it is meant to protect legitimate credit card owners as it does us).

Now what was interesting about the copy of the credit card was that it had the number, expiration and name imprinted on it but you could not see any bank info, logo or other details?  On the back side the number in the signature area and the CVV number matched but the card was not signed and again, none of the other info you normally see on the back of a card was there, nothing??

An Anxious Buyer

The icing on the cake came when I got a call from this individual shortly after reviewing the fax.  He was asking how quickly he would get his order, whether there was a download link where he could get it rather than waiting for a CD to arrive.  Very, very anxious.

Enough flags, I called the issuing bank in India and believe it or not they helped me by advising me the card's billing address was in India, not South Africa.  I usually do not bother replying to these fraudsters but I sent him an email telling him what I learned and advised him that we would only accept payment via Western Union.

I am sure (based on a lot of experience) I will never hear from this slug again since he has crawled back under the rock from where he came and will be looking for his next fraud venture.

Conclusions

The main point for making this long post is to hopefully pass along some of the experiences we have had over the years and some of the ideas and resources we use to help combat this growing problem. It is also meant to alert those to the fact that you cannot be complacent in what you use to evaluate the validity of an order because as you can see from this post, they may very well have adapted or have a means of imprinting cards?

If anyone has ever seen a credit card like I described here, I would be very interested in hearing about it?  My thoughts were that the actual owner may have been on travel in South Africa and had a card copied at a hotel or something and the copy was used with us?  It is a new one so any feedback would be appreciated.

Hope this helps someone avoid getting burnt.

Ron Coble
Coble International Marketing Services


Comments (9)add comment

Yates said:

  The practice of imprinting cards has been happening for awhile now. The thieves somehow secure long series of "correct" CC numbers and then use these as the keys to make fakes from blanks. The whole thing is very professional and industrial, somehow I think the mob is involved *smile*.

Thanks for the great tips here, by the way. I use whois.sc and lots of other tools depending on the country of origin. You can usually smell the fraudulent orders right away, but every now and then a legit one comes over that looks phishy.
February 07, 2007

Tom Aman said:

  Comment about your post first - that was a great one. Just wanted to mention that whois.sc has changed their name (and address) to - http://www.domaintools.com.

Tom Aman
February 09, 2007 | url

Robert said:

  Hi Ron

Thank you for a great article in LED Digest, I sure picked up some great tips on how to avoid getting burnt.

Thanks again
Robert
February 20, 2007 | url

Dave said:

  I wish staff where I work read this about a month ago.

After we accepted the transaction of $8000 (for payment of the goods and freight), we were instructed to pay $3000 for freight costs to Africa. This was done, to a bank account that is now empty and closed..

Later on, we are advised that the $8000 has to be given back to the bank because of fraudent card.

Bye bye $3000... lucky we caught the goods before they left, or it would have been worse.


2 days ago, we received an email from a new customer, with a new order... Wonder if there is a way to get back at them.
March 20, 2007 | url

tom said:

  We are a small manufacturer of exercise equipment here in the midwest. We were contacted by a "rev mark johnson" who wanted to buy equipment for his church in san francisco. He placed 3 orders for over $45,000. I googled his church and it is right there in san francisco. He then put me in contact with his shipping company "western shipping" which is a real int'l shipping company (but not in ghana as i found out later). They gave me quotes on the shipping and ask tht I PREPAY the shipping and send them monies via Western Union.

The fraud was they used legitimate business's to order products using stolen credit card numbers AND getting cash out of the shipping charges. Now I am very worried that they are using this money to finance terror operations.

Thankfully I never shipped the product even though I have to pay the credit card companies back. And that has been very damaging to our business.

If anyone has any suggestions about how I can get these guys, i would be glad to know.
December 19, 2008

laura scott said:

  hi. our small, fragile company was just scammed out of $4K in goods..shipment 1 & 2 have been charged back by the person who's card was stolen, then the 3rd shipment we sent and the credit card was declined. fed ex destroyed the goods in singapore.

how can we ever go after how did this with just their email and shipping addresses? we are out product, money, and hope at this point. what they did to us is happening everywhere and it's the difference of keeping the company running and closing the doors. it seemed totally legitimate.

please help.
thank you.
laura
April 10, 2009

Dan said:

  People be warned, luckily I have worked in eCommerce previously for a number of years and these scam artists are very hard workers!

Reverend Mark Johnson (this time based in Johannesburg, South Africa) wanted to order 90,000 flyers from us for his orphanage; if it weren't for the the overboard 'holyness' of the story and the fact that the shipping company (which does not exist) want all (extortionate) fees upfront I may have gone further!!

Do not be tempted to fulfil orders that raise alarms; they will almost certainly result in credit card chargebacks, possibly the loss of any shipping costs and any stock/product you supply.

I'm a small business and cannot afford it. If you're in the UK then can I suggest forwarding any correspondence/evidence to the Office of Fair Trading. In reality there's not a lot that can be done but you never know.

Good Luck
May 11, 2009

Erica said:

  We are a small company in the Midwest, and we were just taken by an International Credit Card scam. We too had a gentleman call to order water heaters to be sent to Ghana, Africa. We did order the products, and he did pay with credit cards. Seven different cards, with the same name & address. He wanted us to only charge the card $900 at a time. We saw red flags all over but were too trusting to actually realize what was REALLY happening to us. We did not send the product, however we did send the "prepay" freight charges via Western Union. So he ordered $50K worth of water heaters for his AKA 5 star hotels and got $4800 for freight charges from us, he is expecting us to send him more, however we are not sending him anything, and he doesn't know it yet. We have him hook line and sinker back just like he did us and many others!!!! Be aware and ask TOO MANY questions! It could really save you! IF you think something is too good to be true or fishy it probably really is! Always get a return phone number and verify everything! He also gave us the shipping company name, which I cannot find anywhere, so if anyone says to only use this shipping company check on the company to make sure its legit before sending anything!!!!!!!

Sincerely Taken!

Erica
June 09, 2009

Anne said:

  This is just happening to us. We got an order for about $3400 worth of products. The guy did not want to go through PayPayl but did want to use a Credit Card (Red Flag!!) in my mind. He then wanted us to ship the products directly to South
Africa, using a Cargo company out of Ghana. We were to pay for the shipping charges and add them to the charge of the products. Make a long story short, we are running away from this deal as fast as we possible can. I wish there was a way to get these guys. The guy orchestrating this has called me a few times but only from an "unknown" number and I am sure that his email address is bogus...
September 11, 2009

Write comment

security image
Write the displayed characters


busy
 
[ Back ]