While Braintree can help you mitigate fraud with our full suite of Fraud Tools, some fraudulent transactions might slip through. This is why it’s important to know the common indicators of fraud so you can identify suspicious transactions and act accordingly.
Below, we’ve outlined some questions to ask yourself when determining whether a transaction is legitimate. Typically it’s best to trust your instincts, but if you’re still unsure, feel free to contact our Support team.
- Does the customer’s name match the name on the card?
- Is the name misspelled?
- Is the formatting of the name incorrect? It may be a red flag if the name is in all lowercase or missing an apostrophe or hyphen where necessary.
- Do the billing and shipping addresses match? Fraudulent transactions often have a shipping address that is far away from the billing address.
- In the billing address, do the country, state, and city match? Sometimes fraudsters will enter a completely different country, e.g. Chicago, IL, Indonesia.
- Did they request expedited delivery? Fraudsters want products ASAP, so they will likely choose the fastest form of shipping available.
- Do the cardholder’s name and email address align? For example, if the customer’s name is Bob Smith, his email is more likely to be email@example.com than BooBooChild24_7@example.com.
- Does the customer’s email address have an old or common domain? Fraudsters tend to use domains like mail.com, inbox.com, outlook.com, yahoo.com, or juno.com, or domains that don’t exist. It can also be suspicious if the email address includes a company name followed by a generic domain, like firstname.lastname@example.org.
- Are there random characters in the customer’s email address? If the email address aligns with the cardholder name, be wary of random characters in the suffix, such as email@example.com. Any string of 3 or more random alphanumeric characters could be cause for concern.
- Is the IP originating from a country where fraud is common? Some examples are Cyprus, Nigeria, and Argentina.
- Have you seen fraudulent transactions from this IP address or geographic location in the past?
- Are you seeing an abnormally large number of transactions in a short period of time, especially for the same amount or from the same card brand? This is a common indicator of a carding attack.
- Are you seeing multiple transactions with the same BIN but different card numbers? The first 6 digits of the card number, also known as the BIN, can be used to identify the specific branch of a bank that issued the card. It’s unusual to see the same BIN twice, so if you do, it’s possible that a series of cards from that bank have been compromised.
- Is the transaction from a country that is outside of your normal demographic? This is worth investigating, especially if the transaction amount is larger than normal.
- Is it a prepaid or gift card? These are often associated with suspicious activity. On the other hand, corporate or travel and expense cards are typically trustworthy.
If you’re trying to decide whether or not to refund a transaction that you believe might be fraudulent, it’s usually best to trust your instincts and wait to provide your products or services until you feel confident that the transaction is legitimate. A good place to start is with the customer—you can try to contact them directly to confirm the details associated with the transaction. Fraudulent transactions typically do not have valid contact information associated with them, so it's an effective first step in deciding how to proceed.
If you are unable to contact the customer or you have confirmed your suspicion that the transaction is fraudulent, we suggest that you issue a void or refund to reduce the likelihood of chargebacks. You can also file a complaint with your local police department or the Internet Crime Complaint Center.