Wednesday, December 12, 2012

Warehouse Wednesday: A very UNmerry Christmas



A very UNmerry Christmas for a small business owner

Today, I'm really really sad..... After more than 16 years in business, Frantic Stamper has fallen victim to internet fraud. Yep, no matter how careful you are, the thieves sneak by and when they do, it hurts big time.

The story starts last month. We received a decent size order (around $600, which is not unseen for us) from a lady in San Diego, shipping to her "friend" in London England. This sort of thing happens all the time, so I thought nothing of it. I remember one of my employees making the comment of "I want to be her friend". About a week later, another order, this time from a lady in Apple Valley California, also shipping to England (this one for about $650) but shipping to a different recipient. Again, I thought nothing of it, other than "nice order". Another week goes by, and this time a $715 order from another person in California (San Diego), but delivering to the same person as the San Diego lady. Seemed strange, but not out of the ordinary.

It wasn't until the 4th such order came through my desk that I started questioning. This 4th order was $737, and ordered from someone in Puyallup Washington, and shipping to one of the 2 above London England addresses. This time, I looked at it a little closer and something, I don't know what, but something told me there was something wrong about it. So I decided to do a little research. Looking back at earlier transaction, there was yet another big order ($470) a week before the above 4 orders..... so we're at 5 fishy orders now. Looking at this most recent one closer, I see the email address is a Hotmail address as were the other 4 (Hotmail or gmail on all). I then tried to call the phone number provided, only to get a recording from a defunct bank stating the phone number was invalid (still connected, but a recording stating it was invalid and the bank had closed).

Now my heebee-jeebies are really going off. I tried to email "Barbara" asking her to call me because I had a question about her order. She emailed back stating she couldn't call me because she was in Puerto Rico. I'm pretty sure they have phones in Puerto Rico..... something's not right. She tells me her "scrapfriend" needs the items urgently and to please send the order without the missing item. Hmmmmmm.... Something is not right..... so I stall her a bit. I emailed her the next day and told her we would ship the order "Monday". Meanwhile, I contacted my account rep at PayPal (who handles all our merchant services transactions .... i.e. credit card payments). I gave our account rep all the details of all 5 transactions and after 24 hours of investigating, his answer was 1 word: fraud.

We were advised to "refund" the latest transaction (the $737 order), and to just "wait and see" for the other 4. Well, this morning, the bombshell that was expected came. The first transaction was indeed reversed by the "buyer's" credit card company as an unauthorized transaction. F.R.A.U.D. It's just a matter of time for 3 more big "payments" to be reversed.

So what happens in these cases?
-The thieves somehow get their hands on a victim's cc info and address.
-They place orders online with unsuspecting businesses such as ours.
-Credit cards are run automatically behind the scenes by Paypal using address verification. It's all encrypted so we don't see anything but an authorization number.
-We fill the order and ship it.
-A month goes by and the victim gets their credit card statement with fraudulent charges.
-Victim contact their credit card company and says "I didn't buy anything from so-and-so"
-Credit Card company files a "chargeback" with the merchant processing service (in our case PayPal)
-Paypal contacts us and TAKES the money back.

In the end, the thieves have the merchandise, and we have zippo. We can show that we shipped the package, but that means nothing. Since the thieves are overseas, we can't very well travel to London to press charges, or throw a rock through their window. All we can do is cry.

Today, I am crying......


Hugs,
-Fran
www.franticstamper.com

20 comments:

  1. Fran,

    II am just SO sorry that this heppened to you. What a horrible thing to do to someone as caring and hardworking as you are! I hope you will get a FLOOD of legitimate orders to help make up for your loss.

    I am crying with you!
    Kathy

    ReplyDelete
  2. Oh NO! That is terrible! So frustrating and I feel so badly for you! I ditto the first comment...hope you're overwhelmed with wonderful legitimate orders!

    ReplyDelete
  3. Oh, Fran, that's just awful - I feel so bad that a bunch of jerks would treat someone as nice as you so terribly. Sounds like you might need to stop filling overseas orders. Anyway, I'm just so sorry this happened to you.

    ReplyDelete
  4. Fran I am so sorry that this has happened to you! You of all people, who are so good to us all, especially the overseas ladies like me and my fellow South African crafters. You are the one person we can reply on and these fraudsters could threaten your business and our reliable suppliers relationship. I hope business picks up and you have an exceptional few months trading.
    Hugz

    ReplyDelete
  5. That is so sad :(
    I just can believe how people can do that :(

    ReplyDelete
  6. Oh that's just terrible!!
    So the question is, how can one guarantee a legitimate order? I thought that's what Paypal is for!
    My other question is this kind of fraud usually doesn't target crafting businesses - am I wrong?
    Sending hugs to you!

    ReplyDelete
  7. Big SIGH! I'm so sorry for your loss. I thought crafters were too nice to do this!!!

    ReplyDelete
  8. I would have never thought this kind of fraud would hit us.... and you're all right, paypal (I thought) should protect us from this. We shipped to the address stated in the transaction. We did NOT however, confirm with the "buyer" as they request. Mind you, if we did that with every order (ie. contact the buyer each time to verify) it would take a TON of time and be annoying to the buyer.... so we did not do that. Had we done that though, would we have been protected? The email provided by the thieves reached the thieves themselves... so they would have just said "yep, please ship to the address". Would paypal view that as enough? I don't know.

    I really don't know what we could have done. On our end, we see "transaction approved" with an approval number. We see "Address verification Y/N: Y" meaning yes, the address verified (and of course, since the thieves have the victim's address and cc number. So if they have all the data needed to pretend they are who they say (address, name and cc) and just plug in a gmail email address in case we contact them, and to get tracking info, then what else can we do? Question every order? Not ship overseas and block off 50% of our business?

    I don't know the answer, and I don't understand why we as vendors are not protected. The victim's cc company takes our money and then we have to prove the transaction was legit. Well, I can prove I sent the package and it was received, but how can I ever prove it was legit? I can't physically see the person and ask them for ID... so I can never prove it 100%.

    It's a very harsh lesson to learn. I'm not sure it will never happen again, and that's the very scariest part.

    ReplyDelete
  9. I am so sad to hear this. This is so horrible. Thinking of you.

    ReplyDelete
  10. That just sucks (sorry, I don't have a better word for it) :( Is it possible to file an insurance claim with the post office for loss of goods? Or is there some sort of business insurance that might cover the losses?

    Take care and I hope things get better (and that you get a bunch of legitimate orders in).

    ReplyDelete
  11. Fran, I'm so sorry that this happened to you. You were very lucky to find out the truth sooner than later. I don't know what to suggest to help out. I know that there are international collection agencies that will chase down people who owe money. And I think that this qualifies as wire fraud which is a federal offense in the USA and I am sure it's also the same in England and Europe as well. I hope that you get lots of legitimate orders soon to help!

    ReplyDelete
  12. I am so sorry to hear about this horrible thing that happened to you, Fran. Thank goodness you did find out before more big orders went through. Thinking of you.

    ReplyDelete
  13. Anonymous1:16 AM

    That is such a disgraceful thing to happen to anyone Fran, I can't understand why people can be so cruel! I sure hope something can be done to ease both your burden and your mind. I remember not so long ago getting a call from my own bank asking me if I had placed an order at an Apple store in England for a computer, luckily for me they called to verify and so the transaction was stopped before the goods left the store and/or I was charged but you are proof that not everyone is as lucky. I hope things work out and that the sods who did this are hit by one of those London buses!
    Sharon

    ReplyDelete
  14. Je suis outrée que cela puisse arriver ainsi et je comprends votre rage ! On se fie à Paypal pensant que cette société vérifie les comptes.. mais on n'est hélas pas à l'abri du piratage. C'est déplorable, et je comprends mieux pourquoi certains fournisseurs étrangers n'acceptent de commande que de leur propre pays, même si cela peut aussi arriver. Jusqu'où irons nous via internet ? les fraudes
    se multiplient hélas dans tous les pays, et en France si un débit par carte est constaté frauduleux, c'est la banque qui est sensée rembourser. Bon courage à vous, très cordialement,

    ReplyDelete
  15. Anonymous4:22 AM

    So very sorry for your loss. I had my credit card info stolen a few years ago and luckily my bank called us at a bookstore where we were eating lunch, asking about recent purchases. The entire fraud was stopped in a few days and I realized how venerable we were. I am so sad for you and hope you don't lose faith in your customers.

    ReplyDelete
  16. Anonymous4:03 PM

    Don't cry! Be happy!!!! You have a lot of friends. (I buy in your shop.) Thank you for your job!

    ReplyDelete
  17. I too have been a victim of hacking & fraud ... but thankfully our $$$ were refunded by the bank handling the transactions. I do hope that all your positive experiences help you to put this NASTY matter behind you ... and smile again! I will continue to purchase from you! I do hope this doesn't mean overseas orders will no longer happen? I love your products! Hugs xxx
    PS: I guess when you see what happened in Sandy Hook ... it does help put things into perspective!

    ReplyDelete
  18. A follow up..... On Christmas Eve, another chargeback came through.... so now we're at 6 fraudulent orders. How many more will there be? Christmas at my house was quite sparce, I can tell you that.

    To all of you who have had your cc stolen, that's happen to me to. The bank gave me back my $$ too. What I didn't know until now is that the bank then takes the money from the stores where purchases were made. So in the end, the banks don't lose anything, because they get their money from the stores. Consumers are protected. Banks are protected. Stores are not.

    I've contacted Paypal to ask about the seller protection. These 6 transactions were not covered because they were made with a credit card and not with a paypal account.
    I've called the police and they won't do anything because I need to contact the London police myself. Even If I did that, I would not recover anything.... I would get satisfaction that maybe they are getting a slap on the wrist.
    I've called the postal service and although it's postal fraud, it's too small an amount for them to do anything... and I still wouldn't get anything back.
    I've called my business insurance. I'm covered for theft but have a 1,000 dollar deductible. Since each order was below the deductible, and they view each as a separate act of theft, I get nothing.

    All Paypal offered is that I sign up with a service that will cost us $50 a month and give us "information" about "possible" fraudulent activity. I've tried one and they basically tell us not to ship to anyone with a hotmail, gmail, live, yahoo, or other free email service address. But the kicker is that no "fraud watch" service will cover you if you do get involved in fraud. YOU still have to make the final judgement on wether a transaction is good or not.

    I feel very very vulnerable. (and poor)

    ReplyDelete
  19. And another update..... we just got a 7th chargeback! Yup, another one. Same scenario. USA billing address, fake recipient name, delivered to England (just outside of london), similar order amount, hotmail email address.

    so now we're at $4600 in fraudulent orders. I'm sooooooo ticked off. I'm gathering all the info and calling London police. I can't stand this anymore.

    I can't afford this. What a screwed up world we live in.

    ReplyDelete
  20. Fran,
    I just saw while checking the internet for gift certificate fraud, I so feel for you! I've had it all, bounced check, stolen credit cards, the newest ones are now they buy gift certificates in large amounts, after the code is released they either sell it and/or do a chargeback. I caught 2 this week. Now if I even suspect an order I check it out, it may delay the order (& much more work for me!) but I've been able to catch 7 last year & 2 so far this year. The kicker is PayPal will charge you $20 chargeback fee plus the fee for the original charge on top of the funds already lost.
    Once they know they can use stolen cards on your site, it is shared... so be on the watch for more.
    If you need more information please feel free to contact me.

    ReplyDelete