Mitigating risk as a seller: How to spot unusual buyer activity.

Jun 29 2020 | PayPal editorial staff

Fraud can cost a business time and money - that’s why it pays to be vigilant of unusual account activity. Here are some telltale signs of unusual buyer activity that may suggest fraudulent intent. If you see any of the 13 indicators below, you may need to take a closer look. And if you haven’t already, make sure to look at the six best practices to help prevent fraudulent payments from even taking place.

1. Shipping address is in a high-risk country or location that’s known for fraud.

Are you seeing an abnormal number of payments from an unusual or unexpected location?  While cross-border commerce is growing rapidly and there are benefits to accessing a global market some countries have gained a reputation for fraud. Payments from these countries may require closer scrutiny.
 

2. An order is larger than normal.

Be cautious if you receive an order from a new customer that’s larger than your average order size, especially if it’s for a product that’s in high demand, such as electronics.
 

3. You receive an unusually large number of orders during an unusual time of day.

For example, you receive 10 orders from Australian based customers, all around 3 a.m. on the same day.
 

4. You receive an unusually large number of international orders within a short period of time.

For example, you receive over 50 orders from customers outside Australia within a few days, when you normally receive only two international orders within a month.
 

5. An order consists of multiple requests for the same item.

For example, a customer orders 50 pairs of the same shoe in various sizes. Ask yourself if it makes sense for a customer to order so many of the same product.
 

6. Several orders from different customers are shipped to the same address.

Fraudsters often steal credit cards from multiple people and ship the orders to a single address.
 

7. The billing and shipping address don’t match.

Just because a customer ships the order to another address, it doesn’t automatically indicate fraud, but a legitimate customer is more likely to ship orders to their billing address. Look at all the order details to see if anything else appears unusual.
 

8. A customer asks you to change the shipping address after the order has been paid for.

Make sure their address change makes sense. Fraudsters originally enter valid addresses so your fraud systems don’t catch them. Then, they contact you to change the address. Also keep in mind that if you decide to ship to another address, the purchase will no longer qualify for PayPal Seller Protection.
 

9. You receive multiple credit cards for the same order.

Be cautious if the customer provides you with several different credit card numbers. The cards can be in the same name or different names. The fraudster may ask you to split up or create multiple transactions using the various cards. If you don’t already collect the credit card customer’s name, start requesting this information to help detect fraud.
 

10. A customer asks for rush or overnight shipping.

Fraudsters like to receive merchandise quickly, regardless of the cost.
 

11. The email address looks suspicious.

Look for email addresses that seem unusual, like knh$$yro123456@gmail.com, or undeliverable emails. Legitimate customers are more likely to use email addresses that contain their name.
 

12. A customer overpays you. 

If someone overpays you, don’t send the extra money back through a wire transfer, online banking transfer, or a pre-loaded money card. Overpayment scams are common. Instead, return the money through PayPal.
 

13. The shipping address looks suspicious. 

Before shipping an expensive order, make sure you know where the order is being shipped. Criminals may ship orders to freight forwarders, shipping companies, P.O. boxes, or vacant properties so they can remain anonymous.
 
For more information on protecting your business, you can also review these six steps to help prevent fraudulent payments.

 
Disclosure: The contents of this site are provided for informational purposes only. You should always obtain independent professional accounting, financial, IT and legal advice before making any business decision.

Frequently asked questions.

To ensure a safer transaction environment, your eligibility for PayPal Seller Protection may be suspended during regular account reviews. This usually happens when one or more of the following activities are detected on your PayPal account:

  - There is an increased risk associated with your PayPal account.

  - Your PayPal account is linked to another PayPal account that has been suspended.

Providing excellent customer service and reducing the risk of fraud for your customers can be helpful in regaining and maintaining your eligibility for PayPal Seller Protection.

Providing excellent customer service

  - Offer a refund and post your return policy where customers can see it.

  - Use a reputable shipping service.

  - Set up a customer service message within your PayPal account.

  - Be professional, helpful and courteous if a customer contacts you. Post customer service contact information, including working hours and response time.

Reducing the risk of fraud

  - Provide detailed and accurate descriptions of items for sale and include pictures from multiple angles.

  - Verify the customer’s order information before shipping, such as the address and phone number. If an order looks suspicious, contact the customer to verify information. Also, delay shipping any high-risk orders and avoid shipping them overnight  unless you are confident the order is legitimate.

  - Use tools to detect fraud, such as IP geolocation, device identification, fraud filters, etc.

  - Keep your credit card statement name updated to make sure that your customers can recognise your transaction easily on their card statement.

  - Review orders for anything unusual, such as:

  • Shipping to a high risk country
  • Orders that are larger than normal
  • Requests for change of shipping address after the order has been paid for
  • Abnormally large numbers of international orders within a short period of time
  • Several orders from different customers shipping to the same address
  • Overpayments with additional requests
  • Rush or overnight shipping
  • Orders from a suspicious email address
  • Orders from a suspicious postal address (e.g. P.O. boxes, vacant buildings)
  • Multiple separate orders from the same PayPal account

To learn more about PayPal Seller Protection and tips for selling safely, click Security at the bottom of the PayPal homepage and view the “Seller Protection” section. 

Fraud Protection is an integrated risk management solution that uses PayPal intelligence and advanced machine learning to help you fight fraud. It allows you to customize fraud filters based on your unique tolerance for risk and business needs, helping you to better balance chargebacks and declines.

To launch Fraud Protection, go to your App Center, then All Apps on the left.

The tool includes:
  • Dashboard: visually displays high-level information about payments, revenue, and chargebacks for a selected time period.
  • Filters: displays a list of filters along with their conditions that can be used to help approve or reject incoming payments. Changes made to filters can be tested on your historical transaction data to help you understand the impact of those changes before activating them.
What are Fraud Protection filters?

Filters are used to automatically stop fraudulent purchases and approve genuine ones. Transactions are evaluated against filters and get declined if any of the filter conditions are satisfied. A set of customized filters are provided to you out-of-the-box and are tailored for your business by considering various attributes, such as business category, average payment volume, and past chargebacks. 

What filters do I get with Fraud Protection?

How do I enable/disable Fraud Protection filters?
  1. Click Filters.
  2. In the Enable column, click the toggle against the filter you want to enable or disable.
  3. Click Test to test the performance after updating the selected filter.
  4. Click Save if you want to keep the changes.
How do I edit Fraud Protection filters?
  1. Click Filters.
  2. Click Edit next to the filter you want to update.
  3. Enter values into the available boxes.
  4. Click Test to test the performance after updating the selected filter.
  5. Click Save if you want to keep the changes.
What are filter recommendations and how do I apply them?

Behind the scenes, Fraud Protection constantly learns from payments across the PayPal network and provides recommendations to filters aiming to maximize your revenue. The initial set of recommendations will take at least 45 days after you’re onboarded to appear. 
 
  1. In the Recommendations panel, click View.
  2. Select the checkboxes for the filters you wish to update.
  3. Click Apply.
  4. Click Test to view your simulated Approvals/Rejections.
  5. Click Save to update your filters for future payments.
When reviewing the recommendations and selecting the checkboxes, you can click the dropdown arrow to view the Performance Forecast. This gives you an idea of how it will improve your fraud decisioning performance. 

You can also click Recommended Filter Update next to each Individual filter if you want to review each one separately. 
 
How does the filter testing feature work?

Your historical transactions are used to test filters based on the time period you select in the Time Filter. This is available on the Filters page in the upper right-hand corner. 
The filter testing feature helps to simulate filter changes over your past transactions. This doesn’t guarantee future performance of your transactions. However, because these changes apply to live transactions within 5 minutes of saving, you are required to test any changes before saving. 
 
Can I add my own filters?

The filter set provided is based on your business metrics. They’re best suited to your transactions and we don’t provide the option to create new filters as that might lead to more declines. 
 
What if I have a genuine transaction declined by Fraud Protection?

You are unable to approve a transaction that has already been declined. If you think that a similar transaction could be rejected by Fraud Protection, you may change the filter settings or even switch off the filter that you believe resulted in the rejection of that transaction. Remember to switch the filter back on once the transaction is complete.
 
What happens if I receive a dispute or chargeback that was approved by Fraud Protection?

Fraud Protection serves as an added layer of security to decline transactions that can result in potential chargebacks. If you receive a chargeback on an approved transaction, it will fall under your PayPal Terms and Conditions. PayPal is not liable for any chargebacks even after Fraud Protection is enabled. 
 
How do I disable Fraud Protection if I no longer want to use it?
  1. Click the Gear icon within Fraud Protection.
  2. Click Disable Fraud Protection.
Fraud Protection provides the following filters:
 
  • Transaction Risk Score 
    • Based on PayPal's machine learning risk model, this filter detects risky transactions derived from historical fraud trends seen across all transactions processed by PayPal.
  • Street Address or Postal Code does not match
    • Postcode (5 or 9 digit) or street address did not match during the AVS check. To use this filter, just turn it on and don't change the pre-set value/codes.
  • Street Address or Postal Code not verified
    • Could not verify the street address or postal code during AVS check. To use this filter, just turn it on and don't change the pre-set value/codes.
  • Street Address or Postal Code not provided
    • Postal code or street address was not provided. To use this filter, just turn it on and don't change the pre-set value/codes.
  • Postal Code does not match
    • Address matches but the postal code does not match during the AVS check. To use this filter, just turn it on and don't change the pre-set value/codes.
  • Issuing bank does not support AVS
    • AVS not supported by issuer. To use this filter, just turn it on and don't change the pre-set value/codes.
  • AVS system error
    • Transaction ineligible for address verification or edit error found in the message that prevents AVS from being performed. To use this filter, just turn it on and don't change the pre-set value/codes.
  • CVV or CSV does not match
    • The CVV provided does not match the information on file with the cardholder's bank. To use this filter, just turn it on and don't change the pre-set value/codes.
The below filters reject transactions with values higher than the value set on this filter. The default value is only directional, please use the test feature to assess the impact:
 
  • Number of transactions across PayPal from the buyer's phone number in the last 1 day
  • Number of issuer declines across PayPal for the buyer's phone number in the last 7 days
  • Number of fraud chargebacks across PayPal from the buyer's phone number in the last 90 days
  • Number of transactions across PayPal from the buyer's email ID in last 1 day
  • Number of issuer declines across PayPal for the buyer's email ID in the last 7 days
  • Number of fraud chargebacks across PayPal from the buyer's email ID in the last 90 days
  • Number of transactions across PayPal from the buyer's email domain in the last 1 day
  • Number of issuer declines across PayPal for the buyer's email domain in the last 7 days
  • Number of fraud chargebacks across PayPal from the buyer's email domain in the last 90 days
  • Number of transactions across PayPal from the buyer's IP in the last 1 day
  • Number of issuer declines across PayPal for the buyer's IP in the last 7 days
  • Number of fraud chargebacks across PayPal from the buyer's IP in the last 90 days
  • Number of transactions across PayPal from the buyer's card in the last 1 day
  • Number of issuer declines across PayPal for the buyer's card in the last 7 days
  • Number of fraud chargebacks across PayPal from the buyer's card in the last 90 days
Here's more information about Fraud Protection:
What is Fraud Protection?

As a financial service company, PayPal is required by law to retain information related to the provision of financial services to our customers for a certain time, during which the data may not be erased. 

We retain data to comply with the law, prevent fraud, collect any fees owed, resolve disputes, troubleshoot problems, assist with any investigations, enforce a site’s terms and conditions, protect PayPal from legal risks, and take other actions otherwise permitted by law. 

Your data may be automatically erased once the retention time has ended and there’s no other legal reason to keep it longer. 

 

The contents of this site are provided for informational purposes only. The information in this article does not constitute legal, financial, IT, business or investment advice of any kind and is not a substitute for any professional advice. You should always obtain independent, professional accounting, financial, IT and legal advice before making any business decision.