Help Guide

Monitoring for Fraud

From time to time an automated program (a bot) may attack your payment form. This happens when an e-commerce form is available for public use, such as on your web site. The public website leaves the payment form readily accessible to fraudsters looking to test credit card information. This does not mean that hackers are attempting to break into our secure server. Rather, they are testing credit card information they have previously stolen or bought on the black market.

Because fraudulent activity is a possibility, you should periodically monitor your transactions for suspicious activity. When you see such activity, you should:

How to Recognize a Fraudulent Transaction

Here's a few tips:

  • Multiple, small, declined transactions in a row then suddenly one that is approved (not from a known donor). Many times you will see the same name repeated on these transactions.

  • Figure 1
  • Multiple transactions under the same name, but different card numbers. Look for the last 4 digits of the card in the detail page.
  • Obvious problems in the address info: street address, inconsistent city/state/country combinations (see the example below).
  • Giberish in one or both name fields.
  • Bogus company name or email address. (These could simply be typographical errors, but if combined with other indicators it should be apparent.)
Figure 2