# Fraudulent Credit Card Purchases



## JeridHill (Feb 8, 2006)

I'm not sure what is happening, but in the past few weeks, I have had several fraudulent cards submitted. They aren't so much fraudulent cards as they are stolen.

Now I've contacted Visa, MasterCard and American Express and each one of them is a joke to deal with when trying to report any kind of fraudulent use. They won't give information out and they won't even let me report anything. So as the merchant, it is my discretion whether to accept the card or not. I guarantee the card will go through, in this case over $1,000, and they guarantee I will get the funding (so I'm told). I am not accepting the order. The reality is, there is absolutely no protection to the merchant. The thieves are protected and I'm not. It's a shame and these are the real issues needing addressed when dealing with reform.

What do others do in these cases? Is there somewhere that you can confirm whether a card is stolen or not? So far, I have to do all of my own research. I reported it to the police (my last incident), but without 100% proof which the credit card companies and credit card processors are unwilling to do, I am out product and money, not to mention the time involved in tracking down whether the information is accurate or not. The police can't even file the report because of this.

It's a shame and all these companies do is put bandages on the situation instead of dealing with solutions.


----------



## JeridHill (Feb 8, 2006)

Well, I spent a little more time to verify the fraudulent use and I was able to track down the card owner by googling his name and zip code. The bill to address verified (almost, it was off by one digit), and I called him. I gave him all the information needed and he was going to report it. Like I said, they need to make it easier for merchants.


----------



## blankCLOTHING (Feb 20, 2008)

How are you so sure that they are stolen? If you are positive they are, then I think you did the right thing. It does not feel any good to find out people are stealing from your bank account.


----------



## JeridHill (Feb 8, 2006)

I've been in the sales game long enough to see signs of fraud. In this case, it was almost blatantly obvious.

1. He didn't have a business name because he was going to ship to a different location.
2. He asked about the product and ordered 24 pieces totaling over $1,000 in product. In my experience, most people at least ask if there is volume discounts, this guy didn't bat an eye.
3. Gave me a name and bill to address, but ship to address was different.
4. Number he gave me I imagine was a cell number, but it was an area code for Massachusetts. The ship to was Massachusetts, but the bill to was Pennsylvania and the actual number listed on caller ID was Washington.
5. When he called he asked about the product, but the entire conversation just was strange.

All the while, I believed it was going to end with a stolen card but I continued on to get as much information as I could from him.


----------



## blankCLOTHING (Feb 20, 2008)

Alright, I see. I think you played it safe. It all seems very shady. I really don't think any merchants care for fraudulent cards though, it's really up to the account holder and the bank to deal with it.


----------



## brice (Mar 10, 2010)

Jerid, An excellent topic for discussion! 

If I read your post right, you didn't accept the order because you suspected fraud. Are you saying Visa would pay you if you ran the card and it was accepted? Or at least that's what they told you. Why would you suspect you wouldn't get paid? Why not treat it like a check, I don't order product or start production until a check clears. Seems to me you can do the same with a credit card...

Brice


----------



## JeridHill (Feb 8, 2006)

Last month I had an order that was actually a reorder. I was out of town so we went ahead and sent out the product. When I came back, I looked at the order and the name on the card changed and the card itself changed. I thought it was probably his girlfriend. The product was already sent, so when I ran the card, it said take card. So this is what started the topic at hand. I contacted Visa and they told me that if the card was accepted, it would have been paid out anyway. But because I waited too long to run the card, it was discovered to be a stolen card. So I wasn't paid on the order.

I've caught multiple stolen cards over the years and any time I suspect something, I always check it out. Some people think accepting the card is fine, but this is in part why fees are high, they recoup their losses one way or another. I have a friend years ago who accepted cards and shipped $30,000 worth of product overseas. Everything checked out and his card was accepted. Later on, the credit card company came back on him and took the money out of his account. He wasn't a large business and all the (computers) he shipped he was out and the money he was out. It put him out of business.

The credit card company got theirs, the thieves got theirs and my friend, an honest working legit company got the shaft. Like I said, reform is needed. I'm just curious how others handle stolen cards etc when caught.

When the card was rejected, I contacted him and asked for another card and he said just a minute and then hung up. I've not talked to him since, he won't answer the phone. I contacted Visa and they won't tell me anything to "protect" the consumer. The funny thing is, my shopping cart tags IP addresses on orders. Not more than 2 weeks later, he came back on my site under another name with another stolen card and ordered. I looked at the IP and it matched, so I banned that IP/range from my site.

I had another order where it was a stolen card and they ordered well over $1,000 on my site and they called 2 weeks later to see where their product was. I told them I didn't accept stolen cards and they said it's stolen??? Let me find out what happened and get back to you. I never got a call back from them.


----------



## brice (Mar 10, 2010)

Makes sense Jerid. Thanks. As I said this is a great discussion. I've only been accepting credit cards a short time. I've not run into the situations you described, but your little checklist is a handy one. 

Most of the people I do business with I know. I will make it a point to ship to the card address and run the card before the production is done, especially if I don't know the card owner. Those are great pointers. 

My challenge has been bounced checks. I've changed my policy that I print when the check clears, even people I know. The economy has hit folks hard and even people I've know a long time have bounced a check or two. They've come through and we kept the relationship. They appreciate that I stood by them (I do to when they cover the payment  ) and it's worked out. 

I do expect I'll run into what you're describing. Armed when it happens now. Reform is needed. That's why it's such an easy crime to commit.

My credit card horror story involves using my card a Quizno's in Bentonville, Arkansas (home of WalMart). The clerk swiped my card twice. Once for the food and once to sell to others. Within 2 hours of my leaving the store, the card was used at a local Walmart for a $30 dollar purchase to test the card and then over the next 2 days, 3 other stores (2 Walmarts and a Best Buy) to buy $3700 of goods. I got a call on the third day from Visa asking me if I was in Bentonville (at that point I was home) as someone was presenting my card for another purchase of $1800 and they wanted to confirm I was the user. 

Live and learn.


----------



## JeridHill (Feb 8, 2006)

Ouch....

As for the bounced checks, you can call the bank their check is issued on and see if funds are available. As soon as they are, go to their bank with the check in hand and get a bank check towards their bounced check. At least, I've done that in the past unless some of the banks changed policies.


----------



## proworlded (Oct 3, 2006)

A credit card poem: "When in doubt don't ship it out." When we have a suspicious card we ask the buyer to supply the top portion of the monthly billing statement. Someone who has a stolen card can supply a picture of both sides of a card, even a photo id that was stolen from the same wallet, but they can't provide the statement if it is not their card. It works.


----------



## amazingink (Nov 27, 2007)

Do you require a photo ID to back up the card? When dealing online I have hade people request an order and when I request a photo ID they disappear. In 5 years with this rule I have not been stuck. Worth a try.


----------



## JeridHill (Feb 8, 2006)

amazingink said:


> Do you require a photo ID to back up the card? When dealing online I have hade people request an order and when I request a photo ID they disappear. In 5 years with this rule I have not been stuck. Worth a try.


No I don't since it's an online site. I will have to see about trying to implement that, it's a good idea.


----------



## Twanabee (Sep 14, 2009)

The first order I have with a card I require that the ship to is the same as the bill to. On reorders with the same card, they can change if they want. Had a few not order.


----------



## Rodney (Nov 3, 2004)

> What do others do in these cases? Is there somewhere that you can confirm whether a card is stolen or not?


Your merchant account provider should have a number you can call to verify information. That's part of the service they provide. You can get address verification and I think find out of the card is stolen.

I would contact your merchant account provider (not visa, but the company that charges you your monthly fees) and ask them what the steps are when you find a suspicious transaction.

Sometimes, the physical credit card is not actually stolen. A crook can use a random number generator thing and come up with a valid credit card number and use it. Usually they test it first some places and then try to order more and more stuff. In these cases, the cardholder will have the card in their possession, follow all the best safety practices, and the fraudulent charges can still happen. 

In those cases, I think you can have your credit card company verify the purchase with the cardholder. If not, I would do like Ed says and get some more identity proof to protect you and the customer. It can be an inconvenience, but most customers appreciate it when explained that you're doing it for their benefit.


----------



## JeridHill (Feb 8, 2006)

The last three incidents, there were no reports of fraudulent use, the cvc code and expiration dates were correct. The biggest difference was ship to and bill to were different.


----------



## brice (Mar 10, 2010)

I always get zip at a minimum for address verification. Doesn't solve the problem Jerid is sharing where the crook has the address for billing right, but requests different ship address.


----------



## jwalk2515 (Apr 22, 2010)

I got the other side today. Bank called and said they suspect fraud in my account, cancelled my card and sending a new one. They did some damage, a $2 at some water filling station followed by a bunch from a Walmart on the other side of Dallas for multiple $95-$99 purchases.


----------



## JeridHill (Feb 8, 2006)

jwalk2515 said:


> I got the other side today. Bank called and said they suspect fraud in my account, cancelled my card and sending a new one. They did some damage, a $2 at some water filling station followed by a bunch from a Walmart on the other side of Dallas for multiple $95-$99 purchases.


I've had that too. I had one instance where someone purchased a Large poster and frame and sent it to me using my credit card. I think they wanted to intercept the shipping, but I ended up with it in hand and cancelled the card. The company took it back with no problem and refunded my money but I think it was $250.


----------



## proworlded (Oct 3, 2006)

amazingink said:


> Do you require a photo ID to back up the card? When dealing online I have hade people request an order and when I request a photo ID they disappear. In 5 years with this rule I have not been stuck. Worth a try.


No. If the person has stolen a wallet than the photo id will match the name on the card.


----------



## binki (Jul 16, 2006)

We don't sell to anyone that is not local unless we know them or they are a referral. There is nothing that we do that is not done by someone else down the street so someone in another State has thousands of vendors that can sell the same thing to them that are closer. 

But, to answer your question, our merchant processor guarantees our transactions as long we we follow their procedures.


----------



## JeridHill (Feb 8, 2006)

binki said:


> We don't sell to anyone that is not local unless we know them or they are a referral.


I sell nationwide and overseas. It would be impossible for me to follow these guidelines.


----------



## binki (Jul 16, 2006)

JeridHill said:


> I sell nationwide and overseas. It would be impossible for me to follow these guidelines.


I was just answering your question. If you sell national/international then you have a different problem.


----------



## JeridHill (Feb 8, 2006)

When it comes to international sales, I'm extremely selective. I do have customers that order quite a few thousand $$ at a time and I researched them pretty well before I accepted cards. Normally, though, it would be bank transfers and definitely no Western Union.


----------



## TYGERON (Apr 26, 2009)

Jerid...good looking out! It's a shame though...all the money raked in by credit card companies and _you _end up on the "front line". Haven't in a while, but got one of those operator assisted calls from someone wanting blank shirts. I got as much info as I could, called the credit card company. They took the info and said they would check it out. Found out the card was stolen, cardholder didn't know so it was cancelled. They actually called me back and thanked me! I was shocked (LOL). I was told at some point though that it's easier to make up their losses on the back end than to pursue fraud under a certain amount or scope.

Just ran across a $2500 "Brother PR-650" embroidery machine scam. Item is supposedly stored at and sold through some third party. Western Union payment...can't see it first hand...10 day inspection/return policy...blah, blah, blah.

Man, I'd like to hunt some of these folk down like the slimy, wormy dogs they...LOL!


----------



## jiarby (Feb 8, 2007)

The people that get screwed in credit card identity theft are definitely the merchants! The banks give the money back to the consumer... the thieves get their merchandise and/or cash with little or no organized law enforcemnt effort to stop them. 

BUT...

The merchants are out product, labor, and shipping. Plus, in many cases, a large chargeback can cause alot of financial headaches with your bank. 

Not a soul cares about the merchant. 

Call your local Police Department and say this:
"Someone just jacked me for $1000 by using a fraudulent credit card on my website.." All you will hear is crickets chirping on the phone. If you call them and say "Someone is shoplifting a 99¢ candy bar" then they will come in 2 minutes with lights blazing. 

Call the merchant account/banks... They won't even talk to you.... even though YOU pay all their fees. The banks are not worried about credit card losses because they know that they can suck the money right back out of your checking account. 

The public does not care because the banks refund their losses too. 

What is the point of having a cc terminal that gives you an "Approved" or 'Declined" indication when you use a card if later they can come back and say "uh... that one we said was approved... we changed our mind and took our money back." Doesn't approved mean APPROVED? I didn't approve it... THEY DID! It is even against their rules to require ID!

I believe that once the bank says APPROVED that THEY are on the hook for the losses. Identity Theft & Credit Card Fraud will continue relatively unchecked as long as merchants are paying the bill. Once the banks are on the hook for the losses THEN they will get serious about fraud detection. 

Unfortunately... I do not think that will ever happen. BIG Merchants (the only ones with any political clout to be able to lobby congress) do not care. To the Walmarts of the world this is just a cost of doing business. They do so much volume (Walmart sold more in 15 seconds (36M/hour in 2008) than I grossed all that same year) that they can easily spread their losses across all their legitimate sales. If they lose $1000 _a minute_ to fraud that is no big deal. If I lose $1000 it could put me out of business. 

No.. BIG merchants will side with BIG Banks on credit card fraud (other than some PR lip service) BUT... they fact is that they stand to lose alot more by making it harder for people to use credit cards. They want it to be super easy and super fast to process credit card transactions... otherwise it impacts sales volume. 


Who has more influence in Washington... A couple million Mom & Pop merchants (big merchants do not care) or BIG retail and banking industry lobbyist with millions dollars walking the halls of Capitol Hill making campaign contributions to sleazy congressmen??

So, how can you protect yourself? 

Raise your prices so that you can absorb losses as a cost of doing business. Look at a years worth of sales and. Take the chargebacks you lost and divide that into the sales that went through. That is how much you have to raise prices. In a backdoor way the consumer ends up paying because we all have to charge more for legitimate transactions to absorb the losses from bad ones. If we don't do that then the small merchant goes out of business. 

You can also create a shell bank account... one just for your merchant account. You regularly move that money into your REAL account. In the long run this will not help you because the cc company will just close your account and send you to collections. You will not be able to get another merchant account with that same EIN#. It CAN help insulate you from bouncing checks to vendors when a large chargeback happens. If a $3000 chargeback would put you in big trouble then consider insulating yourself in this manner. 

In 4 years I have only had ONE chargeback... and that was a mistake that I was successful in reversing. The customer's spouse did not recognize the charge but I had a signed receipt and invoice showing that I did deliver product and the customer did receive the merchandise. I even had a photo of him holding the product! (Have you ever heard "Sign this to show that you received the merchandise"?) I won that appeal. 

BUT.. I am a brick & mortar shop. You online only guys have to look at your total sales - total losses and adjust prices to account for the losses. Maybe you only ship to valid billing addresses... Maybe you require phone verification? A legitimate deal will be fine with getting a phone call. You can then verify phone number matches name matches billing address in most cases. You have to give the transaction a risk score. Shipping/Billing mismatch? PH# in different state? TDD only phone #? Doesn't care about price? No reason for customer to have picked your shop (ask "How did you hear about us?")... you can learn alot from a brief conversation with the buyer. 

There is no doubt about it though.... 

The small merchant is on their own! Good Luck!


----------



## TYGERON (Apr 26, 2009)

I always say:

The first rule of business is that you _will _get jacked.

Second rule is that you can't change rule 1.

Third rule is to stay vigilant and do everything you can to minimize rule 1.


----------



## tiger24 (Jan 11, 2009)

hi all,

just to share with the group, i got jacked too! total newbie and i post authorized an order and shipped out merch only to get jacked months later...

my online merchant came calling telling me visa wants their money i post authorized on a fraud charge and then i got dinged with the chargeback fees and lost merch!

my protocol now is any suspicious activity i call my online merchant and get the complete credit card number and do the following:

IN CANADA i call visa (800.847.2271) or mastercard (800.622.7747) merchant services and do a cross check verifying card #, name, address and cvv.

this is only half the battle but this check has worked for me so far.

i also tried to add visa verified to my check out process but failed so far in doing so.

i use psigate as my online merchant.

good luck everyone!
here's to us trying not to get scammed!


----------



## jiarby (Feb 8, 2007)

very timely... 

I just read this only a few minutes after making the above post...

'Friendly fraud' a hassle for you, too - The Red Tape Chronicles - msnbc.com

The article is about the increase in legitimate buyers that receive the merchandise but do a chargeback anyway just to screw you and steal the goods. The article calls that "friendly fraud". These Guys  recommend making sure you get signature confirmation on delivery at aid in winning your chargeback case. 

The last few paragraphs are very telling...



> So the bank has an enormous financial incentive to decide in favor of the consumer. That's why friendly fraud artists can get away with it for so long.


----------



## tiger24 (Jan 11, 2009)

jiarby said:


> very timely...
> 
> I just read this only a few minutes after making the above post...
> 
> ...


shirt on shirt!

i like your avatar glenn, i might use your cool idea too!


----------



## jiarby (Feb 8, 2007)

when I made it I thought it would fill the whole shirt avatar.


----------



## IYFGraphics (Sep 28, 2009)

jiarby said:


> when I made it I thought it would fill the whole shirt avatar.



Great post Glenn...hey your at 666 posts, might want to make another post that can't be lucky.


----------



## jiarby (Feb 8, 2007)

666 is not an unlucky number... it just has a bad agent.


----------



## binki (Jul 16, 2006)

After thinking about this for a while any international order would require a letter of credit for us to take it. Basically, a bank is making good on the payment and acts as an escrow agent. 

For National orders of singles it is normally quite ok to make the purchaser wait up to 6 weeks for processing to make sure the payment clears. For larger orders a letter of credit, a D&B, or a certified check all work.


----------



## JeridHill (Feb 8, 2006)

So I get a call today from this guy who tried to buy the $1,000 worth of product on a stolen card. He asks me when he would get his order. I told him that I didn't send it out because he used a stolen credit card. He was like what??? I told him that the credit card he used was stolen and I verified it by contacting the owner of the card and I would be more than happy to send out his product if he were to use a valid card. He said he had to call his bank because this is the first he heard that the card was stolen.

It's quite amazing, I figured he would hang up, but he stayed on the phone until the end of the conversation.


----------

