Ways Fraudsters Use Test Credit Card Numbers and What to Do About It

E-commerce fraud is quite common. According to Shift Processing, a credit card processing vendor, credit card fraud was up 18.4 percent in 2018, and that number has continued to climb. There are different types of e-commerce fraud, and in order for scammers to capitalize on their efforts, most of the more savvy fraudsters will test credit card numbers and employ different techniques to evade detection.

Get started with a free trial today to see exactly how much you could be losing  to ad fraud.

A Growing Problem for Consumers, Merchants, and Marketers

When people think of credit card fraud, they often think of the most simple method: someone uses a stolen credit card to make a purchase. The goods are delivered and, most of the time, the victim files a complaint with their card issuer. The items purchased may be gift cards that the criminal uses as cash, goods that are resold, or goods that are kept by the criminal.

This type of crime has been around since credit cards were first issued, and it continues to be a problem as internet sales make it harder to check identification before a purchase is made.

A second method of payment card fraud occurs with affiliate marketing. This method doesn’t rely so much on the actual goods purchased. Instead, the payday comes in the form of an affiliate payment. 

Since affiliate marketing often pays a percentage of a sale, fraudsters have learned that they can use this as a way to cash in. By making fraudulent purchases using stolen payment card information, they are paid out by the affiliate, typically before the chargeback comes through. The charge is often still disputed, but that isn’t the scammer’s concern in this case. The money they collect from the marketing firm is what they are interested in.

There are other methods of affiliate fraud that criminals use, and according to GlobalDots, it’s creating a big problem for not only the cardholders but for marketers as well. Marketers find themselves dealing with consequences such as:

  • Paying thousands of dollars in attribution fees to fake affiliates.
  • Ruining potential legitimate and successful affiliate relations.
  • Suffering from skewed analytics of affiliate channels.

Successful Fraud Requires Criminals to Test Credit Card Numbers

Since the advent of the internet, criminals have been able to buy stolen payment card information rather easily. Card readers installed at gas stations, stores and restaurants collect tens of thousands of records on a daily basis. Data breaches also provide criminals with millions of credit card numbers to use. 

However, not all stolen credit card numbers work. Cardholders eventually catch on to the fraud and their card number is changed. However, some older cards still work. In order to make this scam profitable, the bad guys have to test the credit card numbers. This is done by relying on botnets to test multiple card numbers at a time, instead of entering this information by hand. 

Using bots, small transactions are made on smaller e-commerce sites. The ones that work are recorded. After they are done testing the credit card numbers, they start to use the active ones for larger purchases. Virtual gift cards make this easy for criminals to collect stolen goods when they are nowhere in the vicinity of their victim. If actual goods are purchased, the packages are often stolen from the recipients by porch pirates or shipped to an address that is hard to track.

One Instance of Fraud, Multiple Victims

In any case where credit card fraud is committed, the consumer has the chance to fight back. They can file a complaint with their credit card’s fraud department to get their money back. The problem with credit card fraud is that there are multiple victims, but the credit card company only protects their client, not the merchant. Whether you are the large site shipping expensive products, the smaller site used to test credit card numbers, or even the marketer that created an affiliate campaign, you are now a victim of credit card fraud as well.

Each time a complaint of fraud is created, the credit card company looks into the matter. If they deem there was fraud, they require a refund to their customer and levy a chargeback fee on the merchant. These chargebacks, often ranging between $20-$100, start to add up. Not only do the chargeback fees hurt your business, but any time you are associated with fraud you suffer from a damaged reputation. If you business fraudulently charges a person’s credit card, you are likely spending a great deal of your customer service and customer support time dealing with a consumer who will likely not trust your business ever again. Top that off with fees and issues that come from non-compliance with your payment gateway and PCI DSS regulations, and the costs really start to add up. If things are bad enough, your payment gateway may cut you off entirely and your business will no longer be able to accept card payments.

Fighting Back to Prevent Test Credit Card Numbers

While big purchases are where the criminals make most of their money, test credit card numbers tend to hurt businesses the most. These small purchases often end up costing hundreds after you are hit with chargeback fees and other problems. These purchases are also easier to spot, if you know what operational trends to look for:

  • Monitor small order activity. If you notice that you are receiving a large volume of small order attempts, there may be something underhanded going on. 
  • Watch for purchases of small items that often accompany larger ones or items that are purchased out of season. 
  • Monitor purchases that come from foreign IP addresses, especially if you sell primarily inside your own country and you see a wave of traffic from customers abroad.

The most effective method of preventing credit card fraud on your site is to use a fraud prevention solution. If you place this type of solution in your security stack, it will monitor for possible fraud. By collecting hundreds of data points, the best-in-class fraud prevention solutions spot and stop fraudulent activity without blocking legitimate customers from making a purchase.

Whether it is full credit card fraud or simply testing credit card numbers, many e-commerce sites are going to face this issue at one time or another. Before your business is hit by fraudsters, look into how a trusted fraud prevention solution can help you. The costs associated with credit card fraud will continue to rise as the criminals become more and more sophisticated. Make sure that you are doing what you can to protect your business and your customers by employing the right solutions to fight back against fraud.

New call-to-action