Using Email Addresses to Gauge Fraudulent Orders in Ecommerce

Ecommerce fraud or payment fraud is one of the most common growing problems that can cost online merchants significant financial losses. According to a study by ACI Worldwide, Juniper Research found that the value of losses due to eCommerce fraud will rise 18 percent to over $20 billion by the end of 2021, up from $17.5 billion in 2020.

If you have to choose the simplest way to detect fraud orders, it would be to examine the email address associated with the order. Here are some key indicators and let me explain more.

Free Email Providers

Fraudsters often use free email providers, such as Gmail, Yahoo or Outlook, to create fake email addresses for fraudulent orders. While not all free email addresses are fraudulent, merchants should exercise caution when processing orders associated with free email addresses, especially if the order is high-value or the customer is a new or unknown buyer. If your solution is intended for business-specific needs, requiring the buyer to enter a company email may be a useful strategy to prevent fraudulent orders associated with free email providers.

Free email providers are easy to create and do not require much personal information to set up an account. This makes them an attractive option for fraudsters who want to remain anonymous and avoid detection. Additionally, free email providers are often associated with phishing scams and other types of online fraud, which makes them a red flag for most of the Ecommerce merchants. Some could sign up for multiple email addresses to commit fraud.

Strange Email Addresses

Fraudulent email addresses often contain strange or nonsensical combinations of letters and numbers, or misspelled words. For example, an email address such as "admin81234567@[email_domain]" or "adsfggldm123@[email_domain]" could be suspicious, as legitimate email addresses usually contain recognizable names or words. It is also important to check for the length of the local part of the email address to assess the potential risk of fraud. If the length is not acceptable, the email address may be considered suspicious.

Fraudsters may use strange email addresses to try to mask their true identity or avoid detection. These email addresses may be random combinations of letters and numbers, or contain misspelled versions of real email addresses. Merchants should be wary of email addresses that do not contain recognizable names or words, and verify the authenticity of the email address before processing the order.

Multiple Email Addresses

Fraudsters may use multiple email addresses to place fraudulent orders, in an attempt to hide their identity or confuse merchants. Merchants should be wary of customers who use different email addresses for different parts of the order process, such as shipping and billing information. Especially, if the buyer is using a company email for sign up but a free email to receive the billing. This could mean this company email could possibly be their phishing domain for fraudulent activity.

For example, a fraudster may use one email address to place the order, and a different email address for shipping or billing information. Merchants should verify the consistency of the email address used throughout the order process or supporting request, and be wary of customers who provide multiple email addresses for the same order.

High Volume of Orders

Fraudsters may attempt to place a high volume of orders using different email addresses, in an attempt to overwhelm merchants and slip fraudulent orders through undetected. Merchants should monitor the volume of orders associated with each email address, and be wary of customers who place a high number of orders within a short period of time. High volume orders can be a red flag for fraudulent activity, as fraudsters may attempt to use multiple email addresses to place a large number of orders in a short period of time. It is also important to monitor the total number of orders by calculating the total sales. A sudden increase in total orders could indicate the use of multiple email addresses for fraudulent activities.

Location Mismatch

Fraudsters may use email addresses that are associated with a different geographic location than the shipping or billing address provided for the order. Merchants should verify the location of the email address, and be wary of customers who provide shipping or billing information that does not match the location associated with the email address.

For example, a customer with an email address associated with a location in the United States may provide a shipping address in a different country. Merchants should verify the location associated with the email address, and be wary of customers who provide shipping or billing information that does not match the location associated with the email address. This could be a sign that the customer is attempting to use a fraudulent email address to place the order. This could be a useful data point for those users who are using the country-specific email such as @example.au.

Order Value

Another indicator of potentially fraudulent orders is the order value. Fraudsters may attempt to place high-value orders using fake email addresses, with the intention of quickly completing the transaction and then disappearing. Merchants should carefully review high-value orders associated with free email providers, strange email addresses, or multiple email addresses, and implement additional security measures such as requiring additional verification, for example the SMS verification provided by FraudLabs Pro, or a manual follow up phone call. Inconsistencies in order pattern may also be a sign of fraudulent activity, and merchants should verify the previous purchase pattern if it is consistent.

Inconsistencies in Order Information

Inconsistencies in order information can also be a red flag for fraudulent activity. For example, a customer may provide a shipping address that does not match the billing address, or use a different name or phone number for the billing information. Merchants should verify that all order information is consistent and matches the customer's account information. Inconsistencies in order information may be a sign that the customer is attempting to use a fraudulent email address to place the order. Another possible scenario is that the fraudster uses stolen information to provide valid billing data, but specifies a different shipping address for parcel collection.

Domain Age

Another way to gauge the potential fraudulent activity of an email address is to examine the age of the domain associated with the email address. Fraudsters may create new domains to use for fraudulent activity, so email addresses associated with new or recently created domains may be more suspicious. This is a common tactic used by fraudsters to deceive merchants using a company email account. Merchants should be wary of processing orders associated with email addresses that are linked to new domains, and verify the authenticity of the email address before processing the order.

Conclusion

Online merchants should scrutinize the email address used in an online transaction in order to prevent fraudulent transactions across diverse platforms. While not all orders associated with free email providers or strange email addresses are fraudulent, merchants should exercise caution and verify the authenticity of the email address before processing the order.

Taking a closer look at the email addresses and also the volume of orders made by them, it is possible to detect a potential fraud order. However, this is time-consuming and very taxing for a real person. Hence, it is vital to use an automated screening tool. I believe that most of the merchants that running an online business has already implemented modern fraud detection and prevention technologies. If you are unaware of FraudLabs Pro, let me tell you that they are one of the fraud prevention tools that allows merchants to screen up to 500 orders every month with no cost!