Address FraudWhat Merchants & Consumers Need to Know About Fake Address Scams

Unmasking Address Fraud: How to Spot it — and Stop it — Once and for All

Picture this: you’re an online merchant, and you're contacted by a customer who is demanding a refund for items they never received.

Naturally, you try to verify the information the customer provides about the transaction. You check the address to authenticate the buyer’s identity… but the addresses don’t match. When you look a little closer, other details seem to have been changed without the customer’s knowledge.

What happened?

Your buyer might’ve been hit by an address fraud scheme. This isn’t a new trick by any stretch of the imagination. But, given the rise of digital commerce, its frequency and scope have increased significantly in recent years.

What is Address Fraud?

Address Fraud

[noun]/ǝ • dres • frôd/

Address fraud is a tactic by which fraudsters use stolen credentials to access a user’s account and change their physical address information. Address fraud enables other fraudulent behaviors, like redirecting goods purchased by an authorized user to the fraudster’s address.

Address fraud is a type of identity theft that occurs when a fraudster uses someone else's physical mailing address, or even a fake address, to facilitate illegal activities.

This can include obtaining credit, goods, or services under false pretenses. It can also apply to other criminal schemes, though. In essence, it could also involve any case of fraud that's dependent on a fake address — opening a bank account, school enrollment, insurance schemes, etc.

This often happens when a criminal impersonates someone else to provide false mailing address information about that individual. For instance, one may impersonate a consumer and contact the Post Office, claiming that the victim has moved to a new address (i.e., the fraudster’s address). The fraudster requests that all mail be forwarded to this new location, so they begin receiving the victim’s mail, including potentially sensitive information.

Address fraud can impact both consumers and merchants, resulting in financial loss and reputational damage for both parties. Resolving the situation is a long, time-consuming process.

How Does Address Fraud Work?

There are a lot of different practices that fall under the umbrella of address fraud. The exact scheme depends on the fraudster's intentions and the specific type of address fraud being executed. However, the steps and methods criminals might use to commit address fraud generally go as follows:

Common Examples of Address Fraud

So, we’ve got a basic rundown of how these attacks are often conducted. However, address fraud can manifest in various forms, each with its unique set of methods and goals. What are some specific address scams that readers should know about?

The following are some of the most common types of address fraud that individuals and businesses may encounter:

Consequences of Address Fraud

Address fraud can have wide-ranging and severe consequences for both consumers and merchants. The following are some of the key impacts and challenges faced by consumers and businesses as a result of address fraud:

Consequences for Consumers

Consumers, whose personal information may be used to facilitate address fraud, will bear the initial costs of these scams:

Consequences for Merchants

In the end, though, most cost end up getting passed along to merchants through the dispute process, along with other consequences:

Whichever way you slice it, address fraud is bad news for everyone. That said, how can consumers and merchants tell when they’ve been targeted? And, what can members of either group do to stop it?

Address Fraud Warning Signs: Consumers

There are a few ways consumers can tell if someone has hijacked their address for another scheme or is diverting their mail. The following are some red flags that may indicate address fraud:

• Unexpected Mail: Receiving mail or packages addressed to someone else, or for items you didn't order, could be a sign of address fraud.
• Unfamiliar Accounts or Charges: Discovering unfamiliar accounts, loans, or charges on your credit report or bank statements.
• Inaccurate Personal Information: Receiving letters or bills containing inaccurate personal information, such as an incorrect name or address.
• Missing Mail: Not receiving your mail? Or does it appear that mail has been tampered with? This could indicate someone is intercepting or forwarding your mail.
• Debt Collection Notices: Receiving debt collection notices for accounts you didn't open, or loans for which you never applied? This may be another sign.
• Credit Report Inquiries: Regularly checking your credit report can help you spot unauthorized inquiries or new accounts opened using your address.
• Suspicious Emails or Calls: Be cautious of unsolicited emails or phone calls asking for personal information. They could be an attempt to gather information.
• Denied Credit or Services: If you're unexpectedly denied credit or services due to poor credit history or suspicious activity, this may be a sign of address fraud.
• Changes to Your Online Accounts: Notifications about changes to your online accounts, such as updated shipping addresses or new orders.

Being aware of the warning signs of address fraud can help consumers take prompt action to protect their personal and financial information.

What about merchants, though? What role should they play in helping to detect and prevent address fraud?

Address Fraud Warning Signs: Businesses

Merchants must also be vigilant in identifying potential address fraud, as it can lead to financial losses and reputational damage. The following are some warning signs that may indicate address fraud from a merchant's perspective:

• Multiple Orders to the Same Address: Receiving multiple orders from different customers shipping to the same address is a red flag, especially if the items ordered are of high value or easily resold.
• Address Mismatches: When a customer's billing and shipping addresses don't match, or the shipping address is in a different country.
• Unusually Large Orders: Large orders that are inconsistent with a customer's typical purchasing behavior, particularly if the orders involve high-value items or express shipping.
• Multiple Payment Methods: If a customer uses multiple credit cards or payment methods to complete a single transaction or a series of transactions.
• Transaction Velocity: A series of transactions made in quick succession from the same IP address or using the same shipping address.
• Customer Complaints: If you receive customer complaints about not receiving their orders or if the orders were shipped to the wrong address, this may indicate address fraud.
• “High-Risk” Destinations: Be cautious of orders shipping to destinations known for high rates of fraud or where reshipping services are prevalent.
• Unusual Shipping Requests: Watch for customers who request shipping to a third party, such as a "friend" or "relative," or who ask for packages to be left in a specific location rather than delivered to the shipping address.

This list is by no means exhaustive. There are seemingly infinite ways in which mailing addresses and credentials can be used against consumers, merchants, and financial institutions. But how can potential victims protect themselves and their businesses in the long term?

Preventing Address Fraud

Both consumers and merchants can take proactive steps to minimize the risk of becoming a victim of address fraud. Merchants may not be directly affected by address fraud schemes. However, they face financial impacts like chargebacks for purchases that never arrive at the cardholder's doorstep.

It doesn’t matter whether an attack is centered on an individual or business. In either case, awareness and planning are excellent ways to prevent address fraudsters from succeeding.

Tips for Consumers

Some tips and best practices we recommend for consumers to adopt as protections against address fraud include:

While this might seem slightly counterintuitive, selecting paperless billing can place an additional security layer between mail recipients and fraudsters. To take that further, we would also advise account holders to set up a billing-specific email address that will be difficult for fraudsters to gain access to in a typical online breach.

There are many good reasons to own a Post Office box, but one of the best is to use it to keep personal addresses separate from other business information. Material like billing, banking, and other hard financial data could be more secure if sent to a P.O. box, rather than being left in an easily-accessible mailbox.

Users should take advantage of two-party authentication for online accounts whenever available. A cybercriminal who has a user’s account credentials will still be required to verify themselves via SMS or email before any changes can be made. It puts in place an additional layer of verification that wasn’t there before.

Most incidents of identity theft and address fraud are the result of passwords being compromised via email and social media. Combatting this vulnerability is crucial to preventing fraud. Utilizing password management software like 1Password can help cardholders and merchants keep their data locked down tight.

Tips for Merchants

So, those are a few tips for consumers. What about merchants, though? To defend against address fraud, we suggest that merchants:

Use strong customer authentication processes, such as AVS (address verification services), multi-factor authentication, or 3D Secure, to verify the identity of customers during transactions.

Use a variety of fraud prevention tools, such as geolocation tracking, IP address monitoring, and device fingerprinting, to identify suspicious transactions and detect potential fraud. Ensure that these are deployed as part of a multifaceted, multilayer strategy.

Regularly review transactions for signs of address fraud, including multiple orders to the same address, mismatched billing, and shipping addresses, or unusually large orders. Keep tabs on new developments in fraud trends and behaviors.

Develop clear policies for handling returns, refunds, and chargebacks to minimize the risk of fraud. Ensure that these policies are followed closely, yet are flexible enough that they can be adapted to individual customers’ needs.

Need More Help?

By implementing the preventive measures outlined above, both consumers and merchants can significantly reduce the likelihood of falling victim to address fraud.

Being proactive in safeguarding personal information and financial data, monitoring transactions, and staying vigilant for warning signs of fraud are critical steps in combating address fraud. For merchants, though, we have to note that fraud detection can be a little more complex.

Not all fraud comes from conventional, third-party criminal sources. That’s why we also strongly recommend seeking professional assistance to handle more difficult-to-manage loss sources, like friendly fraud.

For merchants who wish to limit their vulnerability to address fraud and related chargebacks, Chargebacks911® can help. Call us today for a free ROI analysis that can prove prevention is the best medicine.