12 potential signs of CNP (Card-Not-Present) Fraud

Keep your eyes open for the following fraud indicators. When more than one is true during a card-not-present transaction, fraud might be involved. Follow up, just in case.

1. First-time shopper: Criminals are always looking for new victims.

2. Larger-than-normal orders: Because stolen cards or account numbers have a limited life span, crooks need to maximize the size of their purchase.

3. Orders that include several of the same item: Having multiples of the same item increases a criminal's profits.

4. Orders made up of “big-ticket” items: These items have maximum resale value and therefore maximum profit potential.

5. “Rush” or “overnight” shipping: Crooks want these fraudulently obtained items as soon as possible for the quickest possible resale, and aren’t concerned about extra delivery charges.

6. Shipping to an international address: A significant number of fraudulent transactions are shipped to fraudulent cardholders outside of the U.S. Visa AVS can't validate non-U.S., except in Canada and the United Kingdom.

7. Transactions with similar account numbers: Particularly useful if the account numbers used have been generated using software available on the Internet (e.g., CreditMaster).

8. Shipping to a single address, but transactions placed on multiple cards: Could involve an account number generated using special software, or even a batch of stolen cards.

9. Multiple transactions on one card over a very short period of time: Could be an attempt to "run a card" until the account is closed.

10. Multiple transactions on one card or a similar card with a single billing address, but multiple shipping addresses: Could represent organized activity, rather than one individual at work.

11. In online transactions, multiple cards used from a single IP (Internet Protocol) address: More than one or two cards could definitely indicate a fraud scheme.

12. Orders from Internet addresses that make use of free e-mail services: These e-mail services involve no billing relationships, and often neither an audit trail nor verification that a legitimate cardholder has opened the account. Free Services can be identified by the domain part of an email address. Some common services include @gmail.com, @hotmail.com, @yahoo.com, @excite.com, @juno.com, @hushmail.com, @hush.ai and @facebookmail.com.