hey besties i swear i am working on those prompts lol, just been a bit difficult lately because our internet has been on the fritz for weeks (and getting worse and worse, yesterday i think the internet worked consistently for about 2-3 hours the whole day and i was at work during those hours lol), but hopefully i can make more progress and post some of those prompts soon!

One of the most unpleasant aspects of owning a high volume ecommerce website is dealing with credit card fraud. It's something we encounter on a daily basis - but after a few years of experience, we've got things down to a fine art. Nowadays we tend to err on the side of caution if we think an order is fraudulent - but that's only two or three orders per month, out of 20,000+.A couple of months into my ecommerce journey, we received three BIG orders from just outside of London. At the time, our average order value was about £11. These three orders came to over £1600. Alarm bells should have been ringing, but frankly I was too busy planning what to spend the cash on.I was in the moneeeeeeeeeey. Right until the chargeback letters dropped through my letterbox. Not only did we lose all £1600, we also had to foot the bill for a load of chargeback fees. I won't go into the specifics here, but we reported this to the police who raided the address - they recovered all of our stock, luckily, and a load more from other ecommerce companies this unscrupulous individual had targeted. I want to stress how lucky this was though, because usually the police don't give a damn and won't lift a finger. Instead of relying on them to seize your stock back, it's a good idea not to get into that situation in the first place.We use Shopify Plus as our CMS: it's pretty good at throwing up suspicious looking orders. It does throw up a lot of false positives though, and it's also good at letting fraudulent orders slip through the cracks. The main reasons Shopify will flag an order as fraud is if there are multiple payment attempts, or the order is being placed from a country that doesn't match the delivery address. I'm not sure what other ecommerce platforms offer in the way of fraud detection (and protection) - but I decided that Shopify's internal filters, while helpful, weren't sufficient.Here's how we identify fraudulent orders:Look out for repeated payment attempts, especially card payments. Fraudsters often have a notepad file full of credit card numbers. Most of them are duff (already cancelled by the genuine cardholder), and they work through the list until they get a hit - a card that works. Often, they'll place an order for something very cheap until they find a working card, then they'll place an order a few minutes later for a much larger amount. Be careful. If repeated payment attempts are made in Shopify, a little orange triangle warning comes up next to the order number. Do not ignore this! See this image here https://ibb.co/ccTP5F for someone who ran through a few cards before finding a hit - a few mins after this order was placed, they came back with a much, much bigger one. Luckily we flagged it and cancelled it before the goods were shipped. The record for the most number of cards run on our website before finding a hit is 14!We have Subuno plugged into our Shopify store. The guys from Subuno ran through my requirements when I installed it, and they added some custom filters to meet my requirements. I won't pretend I know the ins and outs of it, but what I do know is that when Subuno emails me and says to REJECT an order, I do just that! We also have about 10-20 emails a day asking me to manually review orders. Usually I wave them through, but occasionally when you look into the orders, it's clear they're fraudulent.Check the names and addresses. Recently we had an order with a name and address in Scotland. Then the billing address was a totally different name in London. Then the email address was another name again. Three different names for one order. Alarm bells are ringing when this happens, and we almost always cancel the order. Some people have a legitimate reason for orders to an address that isn't the billing address - but be sure to pay extra attention to these orders (especially big ones, with expedited delivery).Where possible, verify suspicious orders over the phone. The main stumbling block here is that most fraudsters won't provide a phone number - so this is easier said than done. If your spidey senses are tingling and you can't afford to take the loss, just cancel the order and refund it, so you're not exposed.Look for hotspot areas. A lot of the fraudulent orders we encounter are from the outskirts of London (including the big fraud I mentioned, where the police raided the address). My theory is that pickpockets work the streets of central London by day, then retire to the suburbs at night, to spend as much as they can on the credit cards they've stolen. If we see an order come in to the outskirts of London and Shopify or Subuno flag it because the card was issued in a different country, alarm bells start ringing.Fraudsters LOVE expedited delivery (I mean, who wouldn't if you don't have to foot the bill?) Over 80% of fraudulent orders on our website have some kind of paid delivery upgrade. So be on the lookout for this. My theory is that by using expedited delivery, they hope to have the goods with them before you realised what's happened, and before you can recall the delivery from the carrier. Offer a little extra screening to those orders that have a delivery upgrade selected.Recalling deliveries: On the rare occasion an item hasn't been delivered but you're aware an order is likely fraudulent after it has shipped, you can try to contact the carrier to have it recalled. With a carrier like Royal Mail, we're rarely able to have items recalled - but with private couriers, it's not a problem. The only caveat here is that an item can only be recalled if it's still with the courier (ie, hasn't yet been delivered).Our credit card processor will often inform us that an order is fraudulent, or likely fraudulent.... usually a few weeks after it has already been shipped. In this case, the first thing we do is to try and recall the order (which is almost always impossible, given the period of time that has elapsed). The second thing we do is review the order again. If it's clearly a fraudulent order, we will usually refund it in order to avoid chargeback fees.We operate a fraud list in our shipping and inventory management system (we use some custom scripts in Linnworks, that look at email addresses and post codes used on orders). If we've had a fraud from an address, it gets added to our fraud list - any future orders from this address are pulled to one side for review. This means that we don't have to go through the above checks for every order. Orders to known bad addresses are usually just cancelled and refunded to avoid further problems. We keep solid notes on Shopify and Linnworks, keeping note of when chargebacks have been received and disputes opened - although a little time consuming, this makes life a lot easier going forward.It's important not to assume the person at the delivery address is a fraudster. Don't go and pay them a visit with a shot gun, or your sharpest kitchen knife. Increasingly, we find that fraudsters will sit outside other peoples' houses and apprehend the postman when he's on the round - pretending they live there. These guys are clever and they're one step ahead of the law, and the carriers that try to thwart them.Sometimes we get a chargeback from an established customer. Often a polite email to that customer will lead to a polite reply, and we'll be able to recover the chargeback funds from them - or have the chargeback stopped by their bank. The most common excuse is that they don't recognise the charge on their bank statement. This is an odd one, because our charge shows up as our website name! Regardless, quite a few people still use this excuse.As much as people hate PayPal, it throws up far fewer chargeback issues. And the great thing about PayPal is that when a chargeback is opened, we can usually win the dispute just by providing tracking info (in which case, PayPal then absorb the loss). So next time you jump on the band wagon to trash talk PayPal, just remember it does have its redeeming features.False positives: Every now and then Shopify or Subuno will flag up an order as potentially fraudulent. We'll always look into this on a case by case basis - one of our best customers routinely gets flagged for fraud because she likes to travel. So her billing and delivery address might be in the UK - but she'll often places orders from far flung places like Australia, or New Zealand - which Shopify and Subuno don't like. We know this lady is legit though, and my team know to ship her orders regardless.Other false positives include the use of freight forwarders. We don't ship to the middle east, but we have a lot of customers there who use freight forwarding services. We cancelled a few of these orders when we first saw them - but after some angry phone calls from customers, they explained why their orders were flagged. A large portion of our sales now come from the middle east, and we have some great customers who use freight forwarding services to get their goods. More false positives include orders to hotels and apartments in cities like London and Manchester. Although these usually trip all of the filters in Shopify and Subuno, I can't ever recall seeing a chargeback for a hotel delivery.(NB, I have read some posts about freight forwarders being used for fraudulent in the USA, so don't take my good experience as gospel - exercise caution and use your common sense when dealing with your own orders to freight forwarders.)It's important to weigh up all factors when deciding if an order is likely to be fraudulent. Here are a few examplesLots of credit card numbers tried + card issued in a different country + expedited delivery = usually cancelledCard issued in a different country + to a hotel in London = usually OKThree or more payment attempts using different card number = usually cancelledOrder from address flagged by fraud script = usually cancelledAnd what about those two or three orders per month that we cancel, that are actually legit? Well, usually the customer contacts us a little annoyed - but once we explain that we've been targeted by fraudsters in the past, they usually calm down a little. We always give customers like this an extra 25% off on their first order, which always smooths things over - and we take their order again over the phone, to save them the inconvenience of having to go back online and placing the order again.A lot of people say that fraud is just a fact of being in business in ecommerce, and that you should factor it into your margins. I find this pretty defeatist. By implementing some straightforward screening procedures and by making a little effort, you can avoid some big losses. It's ingrained in the way we run our business nowadays, and all my staff are trained on how to look for suspicious orders. I think once you've done everything you possibly can to combat fraud, you can then factor any remaining fraud into your margins - but not before you've done everything possible to combat it.We'll never be able to stop fraudsters, but we make life extremely difficult for them. We report every single fraudster to the police and/or Action Fraud. It's frightening how little they do about the reports we make, but I figure it's worth making the reports anyway so they have these guys on file.What do you guys do to fight fraud? Have I missed anything obvious off my list?