I was somewhat amused, in a gallows humor kind of way, to learn in a recent article about credit cards that credit card companies take the hit for fraudulent transactions. Sure they do, some of the time. But I can tell you that retailers, especially small retailers like us, take most of the losses especially online.
I’ve spent nearly two decades as an internet retailer combating online fraud. I’m not alone - sometimes I get calls from friendly competitors who want to alert others of the rip-offs and scams that have recently ensnared them. Lately we have gotten hit with a series of smaller frauds that you should be aware of, since it involves the woodworking customer.
Over the course of eBay’s existence it has been pretty common for some random seller to steal a picture and description of an item off a regular e-commerce site and then flog it on eBay at more than the retail price. If the item sells, the seller then buys the item and has it dropped shipped to the eBay customer. This system exploited the buyer’s ignorance but isn’t theft. It was pretty common, and I guess it still goes on. However with easy price discovery and the ubiquity of Amazon, this method of sales is hard to pull off unless the seller can get the merchandise wholesale (which the legit resellers do).
Much further along the dark road is this: sell the item on eBay for whatever you can get, then buy the item with stolen credit card information you can pick up on the Dark Net for a few bucks. You don’t need to buy wholesale! Since you aren't actually paying for the merchandise - but you get the money from the buyer - it's win-win. Oh right, except for the merchant in the middle, acting in good faith (and in our case, conscientiously including tips, any available rebate information and a friendly salutation on the packing slip). We and other merchants ship the merchandise, happy for the sale, and then a month later we discover that the person who "bought" the item didn't actually do so at all. Since we thought we were sending a present bought from one person to another (with different shipping and billing addresses) we get charged by the credit card company - the stolen amount plus a penalty fee - because it's obviously our fault.
Why am I telling you this?
If you buy new tools on eBay, and the seller does not have a lot of feedback, and the price is below normal retail, chances are you are the unwittingly participating in a fraud. Obviously this might not be true 100% of the time, but if a price is too good to be true, it's too good to be true. One other tip to watch out for: the item is listed as in the US but the seller profile shows another country. I buy on eBay, although rarely new stuff, and the overwhelming number of buyers and sellers are honest folk. But the tiny percentage of rotten apples is keeping me up at night.
Join the conversation
|The opinions expressed in this blog are those of the blog's author and guests and in no way reflect the views of Tools for Working Wood.|
Credit card issuers dumping the costs fraud like this on small retailers is a terrible externalized cost, right up there with major polluters. Small retailers have zero data, expertise, or energy to identify fraud of this kind. By contrast, the banks have all of those necessary elements and already utilize them in their fraud detection systems. But they lose incentive to continue investing in fraud prevention when they're allowed to leak those costs onto their retailer and cardholder customers.
Curious, what is the container(?) from which the change is spilling in the photo?
I had originally wanted to use a dented paper cup as the container but I didn't have one last night when I took the picture. What I did have was this giant copper thimble that I seem to have inherited - no idea what it was originally for. I normally use it for holding misc. change.
These days, most people in nearly all cases can receive and act on fraud check notices in seconds anyway, so it's not like it needs to delay even time-critical notices such as a supermarket transaction too much.
In the past, some credit-card numbers would have been stolen by people at "point of sale" -- especially when manual credit card transactions (imprints) were commonplace, since they had a copy of the credit-card imprint. The potential for this only seems to exist in "over the phone" orders these days, since the card rarely leaves the customer's hand for electronic transactions (ie. face-to-face, not internet).
These days, some businesses are not adhering to the PCI DSS credit card data security standards, and hacking of these business' computer systems is resulting in mass numbers of credit card numbers (plus other valuable info) being stolen when a breach occurs. For example, it is an absolute no-no to store someone's credit card number "on file", particularly if it is not encrypted.
If you're a hacker, you don't target the behemoths like Amazon for this kind of info, you target the businesses that might be just large enough to have a good source of CC numbers, but perhaps small enough to not have PCI DSS compliant systems.
These businesses are often the "ground zero" for any fraud that goes on, but I've never really heard of them being accountable to any degree. I guess that's because whilst we know that any given breach will contribute to the "mass" of stolen credit cards available, no one can necessarily prove a particular breach revealed the details of a particular card.
The other problem is that those companies that do suffer a breach are very, very reticent to reveal it, obviously because it makes them look bad (incompetent even).
My point, however, is that if you tighten up the "source" of stolen credit cards, then you indirectly reduce the amount of CC fraud.
Perhaps the silliest thing with all this is that a solution is already available that's pretty damn effective. A simple SMS phone message with a challenge code to the customer's mobile phone will pretty much kill any opportunity for fraudulent use. Obviously you'd only use that if the card was not a "direct read".
They are asking $137.00 for a used copy of Campaign Furniture from Lost Art Press.
New the book is $47.00 (with free shipping) from LAP.
I asked the seller why they are asking so much but they did not respond.
LAP got a laugh out of it. It's why I usually go straight to the main company if buying new.
Thanks Joel. Your company is a good one.
Thanks for doing the job you do. I know I appreciate it- and I think of you guys every time I use my awesome tuned Baldor grinder.
Mail order I accept cheques (checks) and can wait till they clear before sending items. Our banks now have to clear cheques in 4 days after which they have to take responsibility if they bounce. Kevin Frey mentioned SMS messages to verify a card perches, but here fraudsters have found ways to spoof phone numbers and also ways to send SMS messages which seem to come from banks. So be careful even on this.