Secure your business from login to chargeback
Stop fraud, break down data silos, and lower friction with Sift.
- Achieve up to 285% ROI
- Increase user acceptance rates up to 99%
- Drop time spent on manual review up to 80%
HIJACKED!
Did you know that American Express and Discover cards together make up 35% of U.S. credit card purchase volume? That’s a sizable chunk of the economy that many American individuals and business rely on. Even more concerning, perhaps, is a recent uptick in credit card hijackings that target these two providers.
Never heard of credit card hijacking? Here’s a step-by-step overview:
- Fraudsters source and take over credit card accounts through an online banking system, wreaking havoc on the account information on file. (According to some fraud managers in our network, they tend to see this type of fraud hitting AmEx and Discover cardholders more than others.)
- Upon account takeover, fraudsters will then access the account details in order to update the billing address and phone numbers associated. The new address and contact information provided is more likely than not the fraudster’s receiving or reshipping location.
- Fraudsters will then use the card numbers associated with these hijacked accounts to place an online order to be shipped to the updated address.
Should a merchant get suspicious and decide to manually review such an order, she’ll see that the account billing address matches that of the address on file with the bank account — by virtue of the fraudster’s earlier account updates. With this information checking out, the merchant would likely go ahead and ship the fraudulent order, opening herself up to a later chargeback when the cardholder realizes that his card has been hijacked.
Other common red flags of fraud include:
- Phone numbers + billing addresses that do not match
- Voice over IP (VoIP) number + high-value orders
- VoIP phone numbers + unmatched addresses
Retailers with fraud review teams should ensure that all Fraud Managers and Analysts are aware of this general trend and employ best practices during phone verifications.
What are some of the other best practices that you or your fraud detection team members use to stop criminals? Have you ever experienced a credit card hijacking case?
