Jonathan Mizel's - The Online Marketing Newsletter - Business Website Strategies

Eight vital steps to protecting your business from online fraud

From: Jules Stevens
Cyberwave Media


We hate to have to write this article!

You see, over the past nine years, we've revealed hundreds of ways to increase your sales and profits, and we've shown you how to improve your conversion rate and set up a back end marketing system to maximize your revenue.

Now we are going to tell you how to deliberately reduce those sales, lower your conversion rate, and actually get rid of customers, all in an effort to combat the recent rise of fraudulent online sales.

Why? Because if you run a successful Internet-based business, fraud threatens your very existence! Left unchecked, it can:

  • Destroy your merchant account: Many merchant accounts have limits on the number of charge backs and refund transactions they allow. If you exceed the maximum, you lose your account and ability to accept credit cards. It doesnât matter if you are a completely honest person or a long time customer, go over the limit and you are out of luck. Since a large percentage of people prefer to pay with plastic, they will simply buy from someone else.
    Note: When we started accepting Visa and MasterCard back in 1994, our sales doubled overnight. And when we added American Express and Discover in 1995, they went up another 30%. Suffice to say we would not exist as a profitable company if we didn't allow customers to pay with credit cards.

  • Ruin your affiliate program: If you run an affiliate program, you've probably become used to the massive amount of risk-free traffic generated by your resellers. Imagine what would happen if you sent a large commission check to your biggest affiliate, and it turned out all their orders were fake! You would be out the cost of your products, and the commission you already paid. Several well-known affiliate programs have tens of thousands of dollars in fraudulent orders every month, but thanks to the steps we'll reveal in a moment, virtually all of it is caught before it can do much harm.
  • Waste your time and energy: One of the biggest expenses we face as business owners is the opportunity cost of not pursuing profitable ventures because we are busy putting out fires. If you have to spend days or even weeks dealing with fraud related issues, youâll find much less time to invest in profitable activities like launching new products, testing new offers, and re-writing ad copy to make it more responsive.
But don't worry, because we've discovered how to eliminate virtually all fraud in our business through the use of eight simple steps. You don't have to implement all of them immediately, but if you notice an increase in fraudulent orders, consider adding the most basic to reduce your exposure:
  1. Require all data to be completed on your order form: This one is easy! Simply make all your order form fields required. Many of the fake orders we see take advantage of the fact that most credit card systems check only the address, the zip code, and the card number. People looking to rip you off enter only those fields because they are often in a hurry, trying to buy as much as they can before the stolen card number they are using becomes invalid. By making all fields required, you don't affect legitimate customers, only thieves. To do this, check with your Web host or merchant account gateway provider. There's often an extra line of code you can add to your form.
  2. Don't accept online orders with free e-mail addresses: Virtually every fraudulent order we receive has come from a free e-mail address, mainly Yahoo.com and Hotmail.com. To combat this, we decided not to accept online orders from customers using these addresses. On our payment form, we have a box that says:
    Warning - For Your Protection!

    Due to an overwhelming amount of fraud, we do not accept online orders from free e-mail services such as Hotmail, Juno, Rocketmail, USA.net, or Yahoo.

    If you want to subscribe using a free e-mail account, you must order by phone or fax. To protect you, we log the IP address and user information from every order, take fraud very seriously, and will prosecute criminal transactions.

    Feel free to use this wording on your own order forms. When you do, youâll immediately see a decrease in fake orders, and you'll encourage people to use an e-mail address they check regularly (which is also to your benefit). You can also add a script to your system to reject these orders before they ever get processed. Though this may sound extreme, if you are receiving more than 1 fake order a week, we recommend implementing it.

  3. Don't accept online orders from certain countries: It's sad, but we have received only a few legitimate orders from places like Malaysia, Singapore, Russia, and India. That's why instead of asking for the country, we now use an order form Pick List and include only the countries we haven't had problems with, which are as follows:
    • Australia
    • Austria
    • Belgium
    • Bermuda
    • Canada
    • Denmark
    • England
    • Finland
    • France
    • Germany
    • Guernsey
    • Iceland
    • Ireland
    • Isle of Man
    • Italy
    • Japan
    • Jersey
    • Luxembourg
    • New Zealand
    • Northern Ireland
    • Norway
    • Portugal
    • Scotland
    • Spain
    • Sweden
    • Switzerland
    • The Netherlands
    • USA
    • Wales

    We have special instructions for customers outside of these countries, which are more restrictive, but allow them to purchase if they really want to. To see our new order form, click here.
    Note: We aren't saying you should reject all orders from people who have free e-mail addresses or reside outside the US, just that you shouldn't accept them online through your real-time credit card processing system. We make certain prospects jump through multiple hoops to do business with us, and though that's regrettable, the legitimate ones always find a way to buy, and we haven't had to deal with fraud since we started using this system.

  4. Call suspicious orders and confirm details via telephone: This is critical if you sell physical products or goods you will lose money on if they are purchased fraudulently. Suspicious orders are those that meet the following criteria:
    • All lower or upper case entries: Marlon Sanders told us about this, and after reviewing our fraudulent orders from the past two years, we discovered he was right! Nearly half of all fraudulent purchases are entered in either all lower case, or ALL UPPER CASE.
    • Foreign shipping or e-mail address, but US credit card billing address: Many of the fake orders we received came from places like Russia (.ru), but the credit card billing address was in the US. When we started picking up the phone, we found disconnected numbers, and credit card holders who had never heard of us.
    • IP addresses doesn't match the billing address: If your order system doesnât record the user IP address (telling you which ISP the purchaser is using) add it immediately! We have seen orders that just didn't look right, maybe the area code on the phone number was unrecognizable or perhaps the city was misspelled. When we checked the IP address, we found the customer claimed to be in Los Angeles, but in fact, they were using an ISP in Nigeria!
  5. Use your merchant account AVS and fraud settings judiciously: Many merchant accounts and gateway providers offer a degree of fraud protection, sometimes free, and sometimes for a fee. The main settings you can modify are as follows:
    • Address Verification System (AVS): AVS is your first line of defense against fraud, and it's free. In fact, you may even receive a financial incentive from your merchant account provider by way of a lower discount rate for using it. Make sure you have at least the basic settings enabled, and if the address and zip don't match, reject the order.
    • Card Verification Score (CVS): On the back of many credit cards, in the signature box, are several numbers. This is called the card verification code. You may be able to add this field to your order form, and require users to enter it when they make a purchase. This ensures the buyer is in possession of the actual credit card, and not just the number.
    • Fraud Protection Service: Check with your merchant account about this. Often for a fee (1/2% to 1%), the provider will run each transaction through a series of qualifications including IP checking, CVS, and other data to determine the legitimacy of the purchase. This process only takes a few extra seconds for the buyer, and guarantees you get real orders. Of course, weigh the costs of this service against your exposure. It's likely the other techniques we reveal will work for you with little or no additional cost.

    Special steps for affiliate managers
    If you run an affiliate program, here are three simple steps you can take to protect yourself:
  6. Don't accept affiliates from specific countries: We limit our affiliates to the same places we accept orders from. If they want to sign up from a different country, they have to send us a request for an exception along with their site address and traffic volume to be reviewed. This way, good potential affiliates can participate, but are underwritten by us first.
    Note: Virtually all our successful affiliates are in the US, Canada, the UK, and Australia.

  7. Delay payment of suspect commissions: Most credit card fraud issues show up in 30 days or less. By simply delaying payment to foreign (or suspicious) affiliates an extra month, you'll be able to catch 95% of the problems, without losing out on the sales. Make sure your affiliate agreement spells out your conditions for paying commissions carefully. If you are concerned about affiliates having your bank account information, pay them through PayPal or other third party service.
  8. Check sell-through rates of resellers with large sales volume: If you have a reseller who sells 50 of your products, and their stats show 50 visitors, that means their conversion rate was 100%, which is virtually impossible! Make sure the conversion rate is not out of line with other resellers, and if it is, pick up the phone and call a few of the customers to see if the orders are real before you send them a check.

Conclusion

Like we said, we hate to provide you with information that will reduce sales. But as long as there are people out there looking to rip you off, you need to protect yourself and your business!

Respectfully submitted,


Jules Stevens

Join the Mailing List:
Name:

Email:



















All text, code and graphics on this website are Copyright © 1993-2008 Cyberwave Media. All rights reserved.
Privacy Policy | Disclaimer | Earnings | Terms of Service