How do I report credit card fraud occurring on a website I manage?
November 4, 2016 10:13 AM   Subscribe

If I know about instances of attempted fraud online, where can I report it?

I help manage a mid-sized website with sales of around $250-300k a month. Recently we've been hit by a large amount of fraudulent purchases, all of which are trying to have products shipped to a few addresses in Miami. This address seems to be a business which accepts deliveries and forwards them to international addresses.

We have filters set up so none of these orders are getting through. However, I would think the credit card companies, maybe law enforcement, and the person whose card has been stolen would appreciate it if I reported the attempted fraud. Is there a simple way to do this when we get one of these fraudulent transactions?

I've googled and most advice says "tell your credit card processor" but I don't see a simple way to do that. I can't wait for customer service every time one of these occurs.
posted by visual mechanic to Work & Money (6 answers total)
 
Do you have software that can generate some kind of report, filter it to just those orders, and then offer to email it to the credit card company?

Incidentally, the processor should have a separate dedicated fraud unit that you should be asking for instead. I actually once worked with a company that was the vendor affected by a credit card fraud, and I remember my boss getting through to the fraud office pretty quick when he told them that that's why he was calling.
posted by EmpressCallipygos at 10:30 AM on November 4, 2016 [1 favorite]


I would put some documentation together and email that to, or create a support ticket with, your payment gateway.

Sorry, I missed your last line. Who IS your payment gateway?
posted by humboldt32 at 10:36 AM on November 4, 2016


Are you using a CC fraud checking service like what Stripe now offers, MaxMind, etc.? You may be able to moot this if you're currently catching fraud manually by implementing something more automated.
posted by rhizome at 12:39 PM on November 4, 2016


I used to run an eCommerce store, and this aspect of it frustrated me as well. I was never able to find a way to flag transactions in the way you're describing. The merchant bank/processor does not (at least when I was handling it) seem to have a way to process the information.

If it makes you feel any better, I think the card companies themselves have increasingly better heuristics to identify that a card has been compromised. I'd have to think that a decline or void after auth would be part of that equation.
posted by randomkeystrike at 3:50 PM on November 4, 2016


Response by poster: We're using Payflow Pro, but are looking to change to Stripe or Shopify Payments soon.
posted by visual mechanic at 10:52 PM on November 4, 2016


In my experience PayPal has been super responsive and easy to contact.
posted by humboldt32 at 1:08 AM on November 5, 2016


« Older Help Me Conquer Fear, Death, and the Unknown!   |   Question about the end of 'It's Alive' Newer »
This thread is closed to new comments.