Fraudulent and fake orders: how to detect and how to counter
19.05.2023 17:05
Online store managers often encounter invalid orders that can harm the store's performance.
Fake orders are fake orders created by people who do not intend to buy goods from an online store. They pursue their own mercenary goals. Fraudsters attack with such orders to:
- earn money by creating fictitious data and accounts,
- disrupt the operation of the online store,
- worsen customer service and lower its rating.
In general, false orders are just a drop in the bucket, one of the types of e-commerce manipulation.
Attackers can achieve their goals in other ways: luring users' data to purchase goods in an online store, selling unrealistic goods through fake websites, using phone calls, SMS phishing with viral links, and other blackmail methods.
In this article, we focus on common situations when fake orders are created and ways to deal with dishonest buyers, fraudsters and competitors.
Typical examples of fraudulent and fake orders
Fake payment receipts
This fraud scheme is most common on marketplaces like OLX. Usually, such platforms have a function of reserving funds from buyers to protect them from dishonest sellers. However, buyers can also be dishonest. Fraudsters forge payment receipts using cards with a zero balance. The unsuspecting seller sends the goods to the specified address. However, after receiving the order, the reserved money never gets to his account. Instead, the fraudster gets the goods for free.
Such situations occur not only on OLX but also on regular online stores and marketplaces. Experts recommend checking fake receipts through the state service check.gov.ua, where you need to enter the online service or bank from which the "payment" was made and the receipt code.
Orders from competitors
Competitors can place fake orders to hinder your business, overload the contact centre, which leads to a decrease in your store's rating. By sending a bunch of fake orders, managers do not have time to process them, which is why other real orders suffer.
To detect suspicious actions on the part of "customers", you need to analyse incoming traffic in Google Analytics, where you can see which channels are most often attacked with empty orders.
Today we received an order in our store. During the call, the customer said that she hadn't ordered anything, and that bad people had added her phone number to many orders on the Rozetka website. The order, of course, was rejected. I know that such situations can lower the store's rating, so maybe it's the work of competitors." (Yaroslav, a seller at Rozetka)
Theft of user data
Online shopping is not uncommon for other users to have their personal data stolen, such as their name, contact phone number and card details. The user may not be aware that an order has been placed using their phone number and money has been charged to their card.
This way, criminals can receive money from the card in the form of goods without physically possessing it. To avoid liability in their home country, fraudsters often carry out such fraud with cards of citizens of other countries, and receive the goods through proxies.
Orders with criminal intent
Some people may place orders with the intention of stealing the seller's data, hacking into the system, or causing other types of damage. This can be an attack by computer viruses or particularly dangerous ransomware viruses that are sent to the seller in a private message along with the payment receipt.
The main advice is to never click on links from buyers, and to correspond only in official chat rooms of marketplaces, which should be more protected from such attacks.
Technical errors
It's important to remember that not all invalid orders are created by malicious actors. Sometimes, technical failures or problems with payment systems can occur, which can make payments appear fake. Therefore, it is important to conduct additional checks before taking any action.
Returning fictitious orders
Some customers may use the service to return goods they did not buy. They place fake orders with the intention of returning the goods and receiving a refund to their card, which they have again falsified.
Test orders
Sometimes people place orders without intending to buy anything, but only to test the ordering system or to get free advice.
Cash on delivery orders
Buyers often ask the seller to send the goods by cash on delivery, and then refuse to accept them at the point of delivery. In this way, they cause direct material damage to the store, as the seller pays for the round-trip delivery service in case of cancellation of the purchase. Such orders are especially common among children and unconscious teenagers who choose something in a store and place an order for no reason. And then they simply forget about it. In addition to the financial costs, the store receives additional work to process "puff orders".
Десь пів року тому, ввів обов'язкову оплату всіх замовник на суму до 200₴. Повернень меньше стало на 68% і витрати зменшилися на ці повернення 1000-1500₴/на місяць.
— ФОП 20% (@FOP_20) May 18, 2023
How to recognize fraudulent activities on your website?
These signs will help you easily recognize attacks on your online store:
➣ a lot of orders of the same type left within a certain period of time,
➣ incorrect entry of information in the phone number and other personal data fields. For example, strange names, delivery methods - everywhere the first post office,
➣ identical goods in one order, or multiple orders from one person,
➣ inability to confirm the order and contact the customer because the number is invalid.
Methods of combating fake orders
Identity verification. Require customers to provide reliable information about their identity: full name, address, phone number, and email. Use additional verification methods, such as phone or email confirmation via SMS.
Payment authentication. Analyse customer payment data, including card details, for any signs of fraud or unusual activity. As mentioned above, refer to check.gov.ua.
Reliable security systems. Use anti-spam software to protect your website from hacker attacks. Such software can detect and block fake orders. In addition, make sure that your website complies with the international requirements of the HTTPS protocol and SSL certificate.
The HTTPS protocol has redirects and allows you to encrypt user data, but it cannot prevent the theft of confidential information from pages cached in the browser.
Use an order confirmation system to verify the authenticity of information provided by customers. For example, emails, phone numbers, delivery addresses, etc.
Analyse orders. Before or during the confirmation process, review the order details: amount, product types, to exclude false or suspicious orders.
IP address monitoring. Track the channels from which orders come. If you notice a large number of orders coming from the same IP address or geographic area, this may indicate suspicious activity.
Install a CAPTCHA system on your website to detect bots.
Contact the customer. The easiest way to detect a problematic order is to call the customer and find out what you don't understand.
Thank you for your feedback! It will be published after being reviewed by a moderator.
Related articles
-
19.02.2026
5 laws of power for an entrepreneur: how to manage a team so as not to lose business
5 Laws of Power for Entrepreneurs: How to Keep Your Team Under Control, Avoid Manipulation, and Not Lose Your Business in Retail
-
17.02.2026
How to give the owner back control if the hired manager has gone too far
How to regain control for the owner if the top manager has taken over: indicators in Torgsoft, access, sabotage, action plan without conflict
-
17.02.2026
Where to look and how to check suppliers in Ukraine: 5 non-obvious tips for retailers
5 Unobvious Ways to Find a Direct Supplier: In-Store Certificates, Labeling, Warranties, Watermarks
Go back to the previous step