A transaction that is not authorized by a customer is referred to as fraudulent. A fraudulent transaction can result in a chargeback, which can cause you to lose money. Shopify's built-in fraud analysis uses machine learning algorithms to help bring suspicious orders to your attention. You can investigate a suspicious order in several ways.
Verify the IP address
The IP address from which an order was placed is a good indicator of potential fraud.
- Is the customer's IP address located in a different general area from where they claim to be?
- Is the IP address for a web hosting company?
- Is the IP address a proxy service IP address?
If you've answered yes to any of the questions, then you should probably contact the customer to verify the authenticity of the order.
You can use the following free tools to quickly look up the geographical location, ISP, and other information about a specific IP address:
You can find the IP address that is associated with the order in the fraud analysis section of the order detail page.
Call the phone number on the order
Calling the customer is always a good idea. You can also use a service such as 411.com to make sure the phone number is located in the same area code as the billing address. Fraudulent customers often use invalid phone numbers. If someone answers the phone, then ask them some simple questions about their order and see how they respond. Do they know the addresses, phone number, email, and name they used? Are they struggling to give you simple pieces of information?
Search for the email address
Searching for the email address on Google or another search engine can show if the email address was used in documented fraud attempts. You might also be able to find social media posts or other information that ties the customer to the email address.
Verify that the billing and shipping addresses match
A fraudster is likely going to provide a shipping address that does not match the billing address. You can use Google Maps to map out addresses and visualize the distance between them. If the distance between two addresses is significant (different continents, for example), then the order is fraudulent. Keep in mind that legitimate shoppers sending a gift or buying on behalf of someone else might have different addresses.
Check if multiple orders use different billing addresses for the same shipping address
Are there multiple orders with different billing addresses located in different states, with different names, but sharing the same shipping destination? This is usually a sign of fraudulent orders. Proceed carefully, and contact the customers using the information provided at checkout.
Review high value orders
If you receive an order which is substantially higher than normal, then you should verify the customer's identity.
Install fraud prevention apps
You can also install various apps to help reduce the chance of fulfilling fraudulent orders. There are many available in the app store that serve unique purposes.
To block users who try to make repeat fraudulent orders, you can use Shopify's Fraud Filter app.
You can create workflows using Flow to notify you when suspicious orders are created. See Shopify Flow.