- NotSitting.com, an eCommerce store selling furniture online was hit by an organized credit card fraud ring in December and January 2016
- Total loss of $15k in credit card chargebacks, lost inventory, technology changes, and staff time
- Fraudsters submitted an order that was shipped to a vacant house, where they simply picked up the package from the front porch
How we reacted:
- We installed FraudLabs Pro to provide real-time order fraud risk scoring
- We adopted a fraud risk evaluation process for high risk orders
- We made changes to our merchant account settings
- We worked with suppliers to change our shipping practices
Some Background on NotSitting.com
NotSitting.com was an Amazon Affiliate program website for 3 years before tragedy struck and we lost our account due to a terms violation, taking the earnings on this brand from approximately $2000 to $0 one night in July 2016. To rebuild value in the brand and monetize the traffic we chose to start dropshipping the desks we had been reviewing and recommending.
To get started we:
- Contacted suppliers to build reseller relationships
- Established a merchant account with Durango Merchant Services
- Incorporated a store into the website technology stack
- Massively changed the content and theme to focus on selling instead of page views
- Started advertising on Google and Facebook
We launched the store in October, 2016.
Just a couple months after launch we started receiving orders for a product in our catalog that had never been sold before. The product was about twice the retail value as our average order and we were getting a few orders per week. I was excited about the sales and unfortunately I was not suspicious enough of my customers to realize I was being defrauded.
NotSitting Tech Setup Prior to Fraud
The technology stack for NotSitting.com prior to the fraud attack was as follows:
- GoDaddy Business Hosting running a WordPress website
- Storefront handled by WooCommerce and a variety of related plugins
- The Network Merchants Inc payment gateway plugin for WooCommerce (NMI is the processor for Durango Merchant Services)
How We Discovered The Fraud & The Pattern
The first indication of trouble was in January 2017 when we received the first customer credit card chargeback. We provided the information we had for the customer, visitor, and payment information and our appeal was denied. We didn't realize it at the time but we about to see many more chargebacks.
A couple days later we had our next chargeback. That is when we realized we had a problem. The way we realized we were about to lose a ton of money was that both orders looked the same, for example:
- There was only a single product in the order, the one that had recently started selling really well
- Billing and shipping address were different but within about 100 miles of each other in the same state
- Using Google streets we noticed that the shipping address house was often rather run down while the billing address was a rather upscale house
- The email address provided on the order, when visiting the domain, rendered the same junk webpage...
When we noticed this we immediately went through our orders and found all the orders matching this profile. There were a lot of them.
We contacted our Durango representative to let him know about what we had found and to seek advice. Working with him, very very professionally, we created a fraud detection and investigation process that would work for the processor (NMI) so that they didn't shut us down. Fortunately for us, we had enough cash to pay the chargebacks... if we hadn't it would have caused a business collapse.
Fraud Evaluation Triggers
From that point on we had respect for eCommerce fraud and started scrutinizing every order that came in. Here's the process we adopted:
This fraud-preventing content is for PRO Members only...
We go on to cover:
- The exact high-risk-order trigger criteria
- The exact order evaluation process used to determine whether to fulfill an order
- How to setup WooCommerce to help identify fraud and speed up evaluation
- How to set your credit card merchant account to prevent fraudulent orders
- How to interact with dropshipping suppliers to prevent delivery of orders to fraudulent addresses
Saving just one fraudulent order can pay for an entire year of AssetLab Academy Pro!
These changes resulted in 100% fraud avoidance for the following 12 months, meaning, we did not deliver a single product to the hands of a fraudster. Interestingly, as soon as we changed the merchant account settings we saw an 80% reduction in high risk orders being submitted.