Suspicious email address - fraudulent order?

MargueriteJ · ‎05-28-2022

We fulfilled an order yesterday that passed fraud detection with zero red flags. However, this morning I happened to glance at the email address on the order and alarm bells went off:

txn-zestbillings@skim.cc

Zest Billings is the name of our store. I did a couple of Google searches and of course the word “skim” and the abbreviation “cc” bring up articles about credit card skimming.

The order is already out the door, and if we lose it so be it. I have two questions:

1) what fraud detection apps have other store owners used and had success with? Would your app have flagged this order?

2) is there anyway this order is being used to skim credit card data from our system?

We are primarily a brick and mortar store but have been expanding our online sales through the use of Google merchant campaigns. We don’t need fraud protection on our POS transactions, just online orders.

EmmanuelFlossie · ‎05-29-2022

In the past I have worked for a physical eCommerce business in the UK, and I have found that sometimes some consumers, would create 1 email address per website, to avoid getting spam.

I would see the name of the business I worked for in the email address, and me too found that very suspicious, until 1 client explained to me why they did it. That was 10+ years ago.

So what you are seeing might be simply someone who created a temporary email, simply to avoid getting spam.

Ofcourse, it might indeed be suspicious, just wanted to give my 2 cents.

Maximize Your Google Shopping Performance
Get in touch for expert guidance. Need Google Merchant Center or Google Shopping support?
Get expert help from Emmanuel Flossie, a Google Shopping Specialist, Google Ads Diamond Product Expert, and award-winning Google Product Expert (Education 2021 & Tailwind Champion 2023).

View solution in original post

Nick_Marketing · ‎05-28-2022

Forward any suspicious emails that you receive to Shopify's safety inbox at safety@shopify.com.

Nick | Ecommerce & Marketing Technology Consultant | Toronto, CANADA
- For consulting work availability, please send me a Private Message or submit a ✍️Contact Form.
- For FREE Shopify Tutorials, ✅Subscribe to my YouTube channel (▶️ Ecommerce TV).

EmmanuelFlossie · ‎05-29-2022

In the past I have worked for a physical eCommerce business in the UK, and I have found that sometimes some consumers, would create 1 email address per website, to avoid getting spam.

I would see the name of the business I worked for in the email address, and me too found that very suspicious, until 1 client explained to me why they did it. That was 10+ years ago.

So what you are seeing might be simply someone who created a temporary email, simply to avoid getting spam.

Ofcourse, it might indeed be suspicious, just wanted to give my 2 cents.

Maximize Your Google Shopping Performance
Get in touch for expert guidance. Need Google Merchant Center or Google Shopping support?
Get expert help from Emmanuel Flossie, a Google Shopping Specialist, Google Ads Diamond Product Expert, and award-winning Google Product Expert (Education 2021 & Tailwind Champion 2023).

MargueriteJ · ‎05-29-2022

I think you’re absolutely right that this is the case! And I feel a little silly now realizing that “skim” could also be S. Kim - the first initial and last name of the customer. Very relieved.

Markssxx · ‎05-30-2022

Interesting and definitely not silly. I think you are being wise to check. I am looking to have a double layer of security.

Suspicious email address - fraudulent order?

Suspicious email address - fraudulent order?

Community Blog Articles