ECommerce fraud detection: how to protect your online store

ECommerce fraud detection: how to protect your online store

There are lots of tools and methods available on the web that intruders can easily access for fraud perpetration. That is why we asked our technology partner FraudLabs Pro, which helps merchants to protect their businesses from fraudsters, to tell about the signs detecting eCommerce fraud and the ways to protect an online store.

You may wonder where to start or which elements should you check when you are trying to review a potentially fraudulent order. You have all kinds of information, such as billing, shipping, IP, email and many more associated with the other, and should you have to review all of them? It will be very tiresome trying to check them all. So here are a few common red flags that you can focus on when doing the reviewing.

Anonymous Proxy

If you receive an order that comes from an anonymous proxy, you should be wary. This could mean the customers do not want to reveal their true geolocation. They could either be using an open proxy, VPN, TOR networks, and so on to fool the detection. Fraudsters like this approach very much. We have to say that there are some legitimate customers that do use the proxy for a valid reason, for example, to protect themselves from eavesdropping when they shop online using a public WiFi in a cafe or public area. Hence, we will recommend you to further contact the customers for authentication if proxy usage is found.

Ship Forwarder Address

While anonymous proxy is for covering their digital tracks, a ship forward address is to cover their footprint on actual goods delivery destinations. Ship forwarder, or freight forwarder, is an interim shipping point before the actual goods get delivered to the final destination. In FraudLabs Pro, P.O. box addresses, freight forwarder operators and package drop off points are all classified as ship forwarder addresses, as these are not the actual receiver addresses. It’s quite risky to deliver the parcel to an anonymous address, as you couldn’t verify who is the actual receiver and there is no proof of record of receiving. However, some merchants do accept ship forwarder addresses, especially for those who accept the overseas sales in which the customers prefer local delivery before all parcels are collected and consolidated into a single shipment for cheaper international postage. Whether to accept or reject a ship forwarder order, it all boils down to the nature of your business strategy and risk tolerance. In general, you should vet the order sending to a ship forwarder address. It’s better to be safe than sorry.

Disposable Email

You should reject all sales coming from disposable emails. Disposable email is a temporary email account freely available to anyone, and its inbox will be reset in a predefined period, like 5 or 10 minutes. There would be no reason for ordering something with a disposal email except to commit fraud. We also won’t recommend that you accept disposable emails for account registration even though it’s for a free or trial online service. The reason is simple, the email account might not be active after a week or two, or maybe shorter. The email address changed so rapidly, and you may suffer from a high bounce back if you keep sending those undelivered emails that could eventually jeopardize your ESP delivery reputation. How can you find out if an email is a disposable email? Unfortunately, you wouldn’t know if an email is disposable by looking at the email address without using a fraud detection solution. Anyway, if you want to manually check the disposable status, you can try out this free service.

Billing vs Shipping Address

The other element that you may also want to verify is the distance between the billing and shipping addresses. Under normal circumstances, the billing and shipping address will be exactly the same, if not they should be within close proximity of each other. It’s very suspicious to have billing to a country in the Americas but the shipping to a location in Asia. The billing address usually has to be the same as the card issuer record in order to pass the AVS verification. That’s why the fraudster has no choice but to enter the correct billing address as per the credit card record but with a different shipping address. This is one of the common fraud tactics used by the perpetrators. If you notice the distance is too far apart between billing and shipping, remember to get in touch with the customer before the fulfillment.


The above mentioned are some tips to help you detect some of the fraud orders. However, there are still many other elements or patterns that you can use to uncover a fraud order. Some of them can’t be done manually but require a fraud detection tool to assist you. For example, the velocity check that tracks the abnormal sales surge in a short time frame. Or, the blacklist validation leveraging the power of the crowdsourced fraud data for validation. The fraud detection solution is no longer an optional or trivial add-on, it’s crucial to protect your online business from falling prey to the fraudsters.

Visit our marketplace to install the FraudLabs Pro plugin for your nopCommerce store. It allows making 500 order validations per month for free.

Leave your comment


11/27/2019 12:26 AM
Good article and great tips for store owner (y).
11/28/2019 2:28 AM
great article
12/23/2019 3:40 AM
good article for every business owner