eCommerce Fraud Prevention: How to Keep Deadbeats from Ripping You Off

Play episode

Double Your eCommerce Business in the Next Year requesting the most effective growth and profitability strategies we've unearthed from 5+ years of studying successful stores.

Fraud prevention can be a tricky road to travel. So how do determine which order is a possible fraudulent order? There are several tricks and hacks that can help you decide whether an order is fraudulent and how to handle chargebacks. There are also a number of useful services out there that might make your life easier when it comes to preventing deadbeats from ripping you off.

Drew Sanocki joins me this week in this discussion about fraud prevention. While he never actually enters the conversation, he does share some pretty amazingly horrible jokes that I am sure you guys will all love. Listen in as we talk fraud prevention techniques. And while they are never 100% foolproof, they can surely help you make decisions that could save you thousands.

Click to Listen

Subscribe:  iTunes | Stitcher

The Full Conversation

(With your hosts Andrew Youderian of and Drew Sanocki, of

Andrew: Today, we’re going to be tackling a topic, not the world’s sexiest topic, we’re going to do our best to make it as interesting as we can, and hopefully, as always, highly relevant to store owners. And that’s fraud. How do you catch fraudsters? How do you stop them? How do you prevent them from just wiping out those hard-earned profits? And joining me today, one of the world’s foremost leading experts in fraud detection and prevention, Mr. Drew Sanocki from How are you doing, Drew?

Drew: Doing well. I also know close to nothing about fraud prevention.

Andrew: Who signed you up?

Drew: That was not my part of the business.

Andrew: Man, we need a new producer here. Who signed you up for this episode?

Drew: I don’t know. Because I handle the marketing. My business partner did ops and finance. And he was always fighting fraud. I was not. So I have decided that I’m just going to tell jokes.

Andrew: Oh, nice. Just the whole time, just crack jokes the entire time?

Drew: I think that’s what I’m going to try to do.

Anecdotes About Fraud

Andrew: Perfect. We’ll get into the real stuff in a minute. But any anecdotal stories based on your limited fraud experience of people ordering crazy stuff, or fraudsters calling when you’re in Design Public, or maybe the stories about you having to use pseudonyms or stolen cards to purchase things that you’re embarrassed to ship to your house? Anything like that?

Drew: No, it was always on the same one or two items. As soon as we carried in-house audio equipment, that’s when we started getting the fraud. High-priced item and maybe it was because it was audio equipment. But there were one or two products that it was like 50% of the time, they were ordered, we figured it was fraud.

Andrew: Man, that’s funny. I even remember with, we get a lot more fraud with that, because we’re selling like $2,000 GPS-powered trolling motors. Some of the e-mails you would get from people, especially overseas and third world countries, just telling these crazy stories about how they would pay with their card. They need to ship it to such and such country, and they love fishing so much. And it’s so obvious that these were fraudsters.

Drew: I’ve never happened with us. They just submitted a fraudulent order. We never got the evidence that was shoring up their legitimacy. That would be kind of interesting.

Andrew: Oh, we would get them from time to time from people. And sometimes we had a little fun with them. We’d lead them on. We’d be like, “Oh, of course well, we’d be happy to ship you $25,000 in trolling motors to this address in Africa or rural Asia or something like that.” But it’s fun. Well, it’s not fun. It’s fun until you lose out on $4,000. And as you know, Drew, credit card doesn’t eat it if it’s fraud.

Drew: Chargebacks are the worst. They are the worst.

Andrew: Yeah. You know some stuff about fraud. What are you talking about?

Drew: Yeah, you get that letter, the letter from Visa or Amex or something. And they give you what seems like…it’s due with all the documentation. The next morning, you have to get it back to them. It’s such a pain.

Andrew: They do. They give you like 72 hours from the time they mail it. Yeah, you got to pretty much sprint home, print everything off, race to the post office that day. And oh, if you get there late, then I’m sorry, you can’t contest the chargeback.

Drew: Right. You rarely win it anyway.

Pay Attention to High Dollar Items

Andrew: Oh, man. Yeah. Those are terrible to get in the mailbox. This is how you know you’re in the right spot for podcasting, if you can relate to getting a chargeback notice in your email or in the physical mail. How many people can have a heart-to-heart and share that kind of experience? Not that many. You’re in the right spot in eCommerceFuel.

All right. Let’s get into the actual nuts and bolts today on how to detect and prevent fraud. All right. So Drew, the number one thing in terms of just how do you catch fraud right out of the gates? Like you mentioned, not always, but it happens the most on high-dollar items. And so these are all things that, ideally, you should build into your order fulfillment process, especially if you’re doing some of it manually.

So how do you spot these? Well one, again, look for high-dollar items. Those are going to, more often than not, be the things people are going to try to commit fraudulent orders on. Look for e-mails and names that don’t match up. When you’re ordering stuff, usually your name is part of your e-mail. But when you get billybob73 and Billy Bob’s ordering it, it’s maybe a fraudster. But usually fraudsters aren’t that sophisticated. Usually they use throwaway names and crappy e-mail addresses.

Phone numbers and funny addresses. If the address doesn’t look legit or it’s just gobbledygook, of course, that’s going to be fraud.

Different bill to and ship to addresses, that’s a little tricky. We’ll get into that later. Because it’s tough. Because 99% of fraud is going to be with different build to and ship to addresses. But at the same time, you have a lot of legitimate business that comes that way, so you got to be careful.

So these are the things you need to be…some things at high level to look at. One in and of itself isn’t going to indicate fraud. But a lot of times, you can manually detect them if two or three of these line up.

Drew: Joke number one.

Andrew: You’re serious? You’re going to read jokes on this? Oh my.

Drew: It’s hard to explain puns to kleptomaniacs because they always take things literally.

Andrew: Oh my goodness. We need some groan music on the podcast today.

Drew: Yeah. You were saying about fraud, Andrew?

Andrew: Anything to add on the fraud department?

Drew: I have a business partner who’s really good at keeping an eye out for unusual orders.

Configure Your Fraud Settings

Andrew: I love it. I love it. Number two, configure your fraud settings, but don’t go overboard. So AVS system. You probably are familiar with the AVS systems. At any time you run some of these…

Drew: Not at all.

Andrew: Not at all. When you should have been doing that, you were looking up jokes. AVS is Address Verification Service. And at a minimum, you want to be matching the address on the bill to the credit card. The credit card will have one on file. And you could get it really detailed. You can require the street address to match, the city to match, and the zip to match. Usually, I will just do the zip to match. Because you do. You want to have some kind of protection. But a lot of times, people have funky street addresses. The more of those you require to match, the more likely you’re going to filter out and cause problems for legitimate customers.

It’s possible when you’re getting fraud to reject orders that come in from IP addresses, a certain address, so a unique IP address. Then you can also configure your fraud settings, depending on who you’re using as a merchant, a processor. Like Authorize.Net, for example, will let you say hey, if somebody is connecting to me from an IP in, let’s say, New York City, but they’re trying to ship it to California or Europe or something, decline that transaction. And you can do that. But again, I wouldn’t recommend doing that, because there’s a lot of times legitimate people order stuff. Drew, I know you’re always ordering stuff for me when I go to California, shorts, beach towels. You’re good to me that way. You treat me nice on the coast. So those would be legitimate transactions that get declined.

Drew: Joke number two. I used to think the brain was the most important organ. Then I thought, “What’s telling me that?” Get it?

Andrew: I don’t think I’m smart enough for these jokes.

Drew: The brain is telling you that.

Andrew: Oh. Boo. Boo. I don’t know if we’re going to be able to get through this episode.

Drew: You’re talking AVS mismatches. We’re talking dumb jokes.

Andrew: Drew is like, I can’t be part of this if you’re just going to talk fraud. We got to do an episode on it to cover our bases. Oh my goodness, I got to interject something.

Drew: No, fraud is important. What, it’s 7% or 5% of all e-commerce transactions?

Andrew: Five percent? You think so?

Drew: Something high.

Andrew: I don’t know. Well, it might be that high. That’s crazy.

Drew: What percent of these jokes are going to be funny?

Andrew: Oh, I’d say lower than 5%.

Drew: Which is higher, the fraud rate or the funny joke rate?

Andrew: I think the fraud rate’s definitely high going to be higher or same as that.

Drew: Okay. All right. We’ll see. We’ll see by the end of the episode.

Andrew: We usually these people will vote on this. A couple of more thoughts on configuring your fraud settings without going overboard, you can set an Authorize.Net again. You can set things up to decline suspicious transactions. There’s an algorithm that they’ll look at for a bunch of different things. Worth testing sometimes, because a lot of times, a number of things that they can detect that maybe you’re not thinking of, they’ll be able to block a transaction. But again, you got to be careful. Depending on your market or where your customers are, you may filter out more people than you want to.

And then, again, I mentioned earlier the different bill to and ship to address. You can decline those different bill to and ship to addresses. So that’s, again, when their credit card address on file is California, but they ship to New York. I would highly recommend not declining those. Because I’d say probably 20% of orders are going to meet that criteria, have different bill to and ship to. And if you decline them flat out, you’re leaving a lot of money on the table. Drew, I would ask you for comment on fraud, but I would guess you’d just probably give us another good joke. You got one, kiddo?

Drew: I do, Andrew. We got joke number three. Joke number three: You kill vegetarian vampires with a steak to the heart.

Andrew: Oh. Very nice. Very nice. Which one’s your favorite so far?

Drew: I think the vegetarian one.

Andrew: I think so, too. What do you think the chances are we make more bad jokes in this episode?

Drew: I think very high. It’s just going to get better and better.

Handling Suspicious Orders

Andrew: All right. Number three on fraud, let’s say you’ve got a fraudulent order, or maybe not. You’ve got an order that looks suspicious. How do you determine if it’s fraudulent, if it’s not, if you should ship it, if you should cancel it? And personally, for me, calling, just getting on the phone with the number listed there, 90% of the time solves the issue for me. Granted, fraudsters are getting a little more brash with the how bold they’ve become in trying to pull the wool over our eyes as merchants. But 9 times out of 10, you’ll get someone on the phone who says, “Oh, yeah. That’s me. Don’t worry about it.” Or you get someone on the phone who says, “What? I didn’t order anything.” I don’t know why I’m using crazy voices, but you can clear it up really easily with a phone call.

So check the address. This is a great one. If you’ve got an address that looks suspicious, especially for a business, google it. And if you see the business name and the address on there in a couple of places, it’s probably legit. You can Street View it as well. Look at the number of unusual items above. With our team, our team knows enough that if there’s four or five things that looks funky, if the e-mail and the name doesn’t match, if it’s a funny shipping address, if it’s a high-dollar item, a lot of these things. A lot of times, if it’s obvious, we’ll just completely ax it.

And then a great tip from Chris Carey in the forums on how to determine if it’s actually…especially if somebody’s going back and forth with you. Let’s say a fraudster calls in and they say, “No, no, this is legit. This is my card. Please ship it to this address.” But you still aren’t sure. You should refund…again, this is Chris’s strategy. Refund a very small amount on the purchase price. So if they order a $100 thing, refund $1 or $0.70 or something, and ask the person to confirm the amount that you refunded. If it’s legitimate, if it’s the person who actually owns the account, they’ll be able to log in and see that account amount. If it’s not, they won’t be able to tell you. Brilliant, Chris, and thanks for letting me steal that idea.

Drew: It seems like a great idea for a SaaS app or something.

Andrew: You will get to SaaS apps for fraud here in a minute. But I’m getting a little bit…I haven’t heard a joke in four minutes, Drew.

Drew: How does NASA organize their company parties?

Andrew: Hold on. Let me see if I can get this one. How does NASA organize their company parties?

Drew: How does NASA organize their company parties?

Andrew: Something about moons or gravity or Saturn or something.

Drew: They planet.

Andrew: Oh.

Drew: You get it? You get it, Youderian? Planet.

Andrew: I passed, I think, the intellectual threshold to get that one. Just barely though.

Dealing with Chargebacks

Drew: Number four, dealing with chargebacks. So a chargeback, of course, is any time that there is a contested charge that somebody gets a charge on their credit card or a debit statement. They didn’t remember it, and so they go ahead and call the credit card company and say they don’t want to pay it. So in my experience, chargebacks are declined even if you fight them, almost all the time.

Like you mentioned, Drew, when I get a chargeback now…for the first year, I think I started looking at them all, and almost all of them were where the address was different from the shipping. And in that case, I’ve never won a chargeback that way. And 95% of my chargebacks fall into that category, with a different bill and ship. It’s so hard to win. And I’ve gotten to the point where I get the chargeback in the mail. I will look at the value. If it’s $3,000, I’ll fight it. But if it’s a couple of hundred dollars or something, almost always I know it’s not worth fighting. Because it takes a long time and you’re not going to win it, almost always. So maybe I’m leaving money on the table, but that’s with my experience.

Drew: Right. Why was six afraid of seven, Andrew? I just pass them to my business partner. Pass the envelopes to your business partner. Do not pass go.

Andrew: Why was six afraid of seven? Because it felt like he had left his prime?

Drew: Because seven was a well-known six offender. Six offender.

Andrew: Oh my goodness. It’s so bad. It’s so bad. Drew, these are good. Maybe we should… I wish I mentioned the terrible joke podcast. I love it. You were mentioning SaaS apps that you can…oh actually, before we move on to that, a couple of last things on chargebacks, if I can collect my thoughts here with all these jokes.

One last thing. If you do want to fight a chargeback, try to get as much documentation as possible, anything you could provide to them, order confirmations, shipping, the delivery shipping confirmations, the invoice from your suppliers, any correspondence from the customer. If you’re going to do it, if you’re going to make them do it, just flood them with documentation, and that’s your best shot of actually getting that fought.

The Youderian Sniff Test

Andrew: In closing, a couple of services that can help reduce fraud…I think, in my experience, the best way to really get a handle on this is just this manual process. It doesn’t scale very well, I’ll say that. But having somebody just look, even quickly do a smell test for five seconds on every order that comes in sure helps a lot with the things we talked about. There are some SaaS services. We’ll link up to these. Kount is one, Riskified, and Signifyd. They use advanced algorithmic processes to analyze each transaction that comes through and rate it in terms of what potential fraud it has. And then if they go ahead and approve it and pass it through, they guarantee that if it is a chargeback, they will pay for it.

So personally, we looked at it for our store, for Right Channel Radios. It wasn’t a great fit for us, just because I looked at the value, how much we would pay in subscriptions versus how much we had paid in chargebacks on a regular basis, and the subscription would have cost more than our average chargebacks.

But especially if you’re doing super high-dollar items, or if you’re in an industry where there’s a lot of fraud and it’s something that sucks up a lot of your time, these services could probably make a lot of sense. And some of them will even allow you to only run through and pay for those fraud detection orders or only pay for their service on orders that are high risk, and orders that maybe they’re out of the country, that come from a different billing and a different shipping address, so those kind of things. So you can get the best bang for the buck in terms of paying for only your highest risk orders.

Drew: I would take a Youderian sniff test over an advanced algorithm any day, any day of the week.

Andrew: Of course, man. These people…

Drew: Speaking of Youderian, my friend, Andrew Youderian recently got crushed by a pile of books, but he’s only got his shelf to blame.

Andrew: Oh my goodness.

Drew: Get it?

Andrew: We’re going to get you on a stand-up routine at ECF live.

Drew: Thank you, ladies and gentlemen.

Andrew: I know you were thinking about maybe doing a keynote, but I say scrap that. I say just do stand-up the whole time.

Drew: There’s more where this came from.

Andrew:: So in closing, and hopefully we have a couple of more jokes to cap this thing off, a couple of forum discussions. If you’re in the forum, if you’re interested in coming into the forum, we’ve got one monster one on the best ways of dealing with fraudulent orders. A lot of the tips here are there, as well as many others I didn’t cover, a second thread on striking a balance between having some strict fraud prevention rules and letting those legitimate transactions in. It’s a balancing act, and it can be tricky. I remember merchants talking about how they’re doing that in the forum.

And then finally, we’ve got some stories of increasingly bold fraudsters from members in the forum. It’s crazy. I haven’t had people get quite as involved. But man, some of our members have crazy stories about people calling up, getting upset, and still, at the very end, being upset because the store owner won’t sell them something. But they’re the fraudster. It’s like the fake outrage. And some of the mind games people go through. So check those out. We’ll link up to all those in the show notes in the private forum.

And Drew, I would hate to end this talking about fraud. Do you have one last joke? Do you have a best last joke, the pinnacle of terrible jokes for the fraud episode that maybe you could toss out there?

Drew: I do. Andrew, how many kids with ADHD does it take to change a lightbulb?

Andrew: I’m going to say none because they won’t stick around. They’ll just run away. I’m terrible at guessing the punchline.

Drew: The answer is, “Let’s go play on our bikes.” And that’s all, folks.

Andrew: I think that might have been the best one.

Drew: Talk to you next time.

Andrew: If you’re interested in hearing…

Drew: I’ll be at the comedy club down in the West Village, Fridays. I go on at 11 p.m.

Andrew: Free tomatoes handed out at the door. Drew, thank you for coming on, even though I wrote to you to doing this without a whole lot of fraud knowledge. If anything, hopefully, we at least gave people a few chuckles and maybe taught them a thing or two about fraud.

Drew: That’s right.

Andrew: Thanks, man. Appreciate your bravery to let me do this to you.

Drew: Any time. I enjoyed it.

Andrew: That’s going to do it for this week. If you enjoyed the episode, make sure to check out the eCommerceFuel private forum, a vetted community exclusively for six and seven-figure store owners. With over 600 experienced members and thousands of monthly comments, it’s the best place online to connect with and learn from other successful storeowners to help you grow your business. To learn more and apply, visit Thanks so much for listening.

What Was Mentioned

eCommerceFuel Forum Members Only:


Photo: Flickr/B Rosen

Posted on: October 16th, 2015

Andrew is the founder of eCommerceFuel and has been building eCommerce businesses ever since gleefully leaving the corporate world in 2008.  Join him and 1,000 vetted 6 and 7-figure store owners inside the eCommerceFuel Community.

Double Your eCommerce Business in the Next Year requesting the most effective growth and profitability strategies we've unearthed from 5+ years of studying successful stores.

More from this show

Episode 121
Skip to content