Sophisticated Fraud Scheme May 2020 (Shopify / eCommerce)
Yesterday our eCommerce site, Innerstate Shop, tracked down the origin of a series of suspicious orders dating back to May 13th. It appears criminals are using stolen credit card information and Shopify fraud checks did not catch any issues.
Key details:
- Shopify fraud checks did not catch any issues with the orders. This was a sophisticated bypassing of the 12+ fraud checks Shopify runs with every order.
- Orders used real card info, real billing information, and real names. The shipping address and email addresses were fake.
- Orders came from direct traffic to the site (they were targeting our store URL, and didn’t come through search or a paid ad).
- If you’ve experienced a similar scheme, or if you have advice on what we should do with this case, please email innerstateshop@gmail.com
Fraudulent email accounts associated with the orders used the following domains: trustpack.us, crystallfax.info, shippackage.info, goldwarehouse.us, loanandersen.us
All of the domains above are registered with Namecheap. We have opened a case with Namecheap to review.
Shipping addresses, presumably for receiving delivery of our packages (water filtration machines, supplements, and other HealthTech biohacking devices), were located around:
- San Antonio, Texas
- Chicago, Illinois
- Adelanto, Texas
- Greensboro, North Carolina
- Houston, Texas
- Augusta, Texas
We have installed a third-party app on Shopify called Fraud Killer to increase the number of fraud checks on every incoming order. We’ve also required a phone number with every order.
If you have other tips, please let us know (innerstateshop@gmail.com). We are going to share with our eCommerce clients, partners, and peers.
Updated May 28, 2020