Case Study: Connecting the Dots to Combat Fraud

Data is everywhere. When you step back and look at it from a holistic view, it can be quite overwhelming. Take a step closer, and you can begin to connect the dots.

As a Marketing Manager in e-commerce, my team leaned heavy on the creative side. I had two to three copywriters who built product pages and created content. I had a photographer and stylist who also acted as my creative lead. I had a graphic designer who also filmed and edited video and managed social media.

They did all of this under my direction, while I took on the roles that required more technical and analytical expertise: SEO, SEM, Web Development, etc.

Early in 2017, the Customer Service department caught wind of a concerning trend. A few customers called in claiming they have never purchased from us, yet their cards had been charged anywhere from $400 to $700 from our company.

Photo by Jefferson Santos on Unsplash

What was happening?!?

Early Fraudulent Findings

Our early findings found that third parties were using stolen card information to place an order using that individual’s card and billing address, and shipping it to a nearby location within the same zip code.

It was unlikely to be the work of one individual, given that the zip codes spanned the country.

It was possible that some sort of organized crime was taking place, given the breadth of the situation, but also seemed that the amounts were small fries for that type of operation.

No, it was most likely somewhat random individuals following instructions from the dark web to get free product using stolen credit card information. (NOTE: This is all alleged, as we never obtained verifiable proof.)

Using Google Analytics to Combat E-Commerce Fraud

The Marketing department sat just opposite a cubicle wall from Customer Service. Overhearing the Customer Service manager discussing the issue peaked my interest when she noted that these orders were going to different locations around the country.

At the time, I spent a few hours a day in Google Analytics. While not the most robust analytics system out there, it provided a more than adequate glimpse of customer data.

In e-commerce, you can connect your store and cart to Google Analytics, and create goals to track conversion rate, product purchases, order data, and more. Knowing this, I asked the Customer Service Manager for a list of fraudulent orders.

We knew the fraud was stemming from orders with a different shipping and billing address. If we could find other common data points in how the orders are placed, we can predict whether or not an order is fraudulent.

Patterns Emerge in the Data

What constitutes a pattern? One or multiple data points that align across multiple seemingly random events.

We knew the following simply by knowing which orders were fraudulent:

  1. Only a handful of specific high dollar value items were targeted.
  2. Fraudulent orders would be billed to one address but shipped to another in the same zip code.
  3. Orders only contained one or two unit of those products.

Alright. That’s a starting point. But for a company that shipped out 200 to 300 orders a day, it was far from enough to combat the issue. We needed more.

Knowing the order numbers, I could use Google Analytics to see how those orders were placed and determine whether or not it was fraudulent. Time to connect the dots.

Photo by NASA on Unsplash

Google Analytics allowed me to matrix order data from all of the known fraudulent orders. By digging into the specifics of how these orders were placed, and other data within the dashboard, I was able to find several trends:

  • These orders had no Source / Medium attribution. This means they either visited the site directly (example: a URL copied and pasted into the browser) or their source was masked and hidden (clicking a link from a site not visible to Google).
  • These orders landed directly on the Product Page purchased. This means that it was highly targeted. Suspect orders landed on the product page, made the purchase, and left in the matter of a minute or two.
  • Orders targeted similar high dollar value items within the same product category, and they always contained just one unit.

Now we’re getting somewhere. Other commonalities existed, but the above bullets were enough to allow us to flag any order that came in for those items, and check to see if it was fraudulent.

Flagging Potential Fraudulent Orders

Knowing there’s a pattern of fraud means nothing if you cannot develop a way to combat it. Discussing the issue as an interdepartmental management team, we developed a process in hopes of flagging potentially fraudulent orders.

Interdepartmental Monitoring:

The products in question were marked with instructions for warehouse pickers. If the item was the only on an order, these employees would take it to a supervisor for verification and next steps.

Photo by chuttersnap on Unsplash

Warehouse workers were in the loop regarding the type of fraud and the patterns we were seeing. This level of transparency was empowering and rewarding for them when they found such an order.

Being in Google Analytics so frequently, I checked incoming orders regularly, sorted by dollar value, to see if any jumped out as possible issues.

The Customer Service manager monitored incoming orders in NetSuite, our Enterprise Resource Planning system, for the same.

Three departments, all working together, and all in the loop to combat fraudulent activity. So we had a process to flag orders that might be fraudulent. But what next?

A Process for Verification

Potentially fraudulent orders would come to the Customer Service manager, who would work with me to confirm they fit the pattern before taking next steps.

If the data points aligned, we decided we need further verification. We would contact the phone number associated with the order, and request further verification the order was legitimate.

Photo by Berkeley Communications on Unsplash

Given the type of product we sold and the dollar values involved, customers were always happy to provide further verification to confirm their order was legitimate. Due to the types of patterns involved, most orders that had these commonalities were fraudulent.

Thriving at the Intersection of Chaos and Innovation

The owners of the company often said “We thrive at the intersection of chaos and innovation.” It was a mantra we took to heart, and it’s one I continue to hold dear to this day as a personal mantra.

Throughout my career, I have found myself at fast paced, diverse organizations. I have been in roles that require me to pivot from one task to another without hesitation or complaint. Roles that require things to be done one way one day, and another way the next. Days that are truly never the same.

It could be stepping away to devise a plan to combat fraud, creating a contingency plan for large-scale events, or assisting on the sales floor on a busy day.

In today’s professional work environment, we have to be comfortable thriving at the intersection of chaos and innovation.