We recently read an account of a fraudulent order that was placed for $50,000 worth of goods. The bogus order wasn’t caught until the invoice went unpaid. Only when confronted about the past due invoice was the true story uncovered.
Apparently, the thief had rented a suite in the same building as the business. He simply placed the order, collected the delivery and vacated the premises with the goods. He was long gone by the time the invoice hit the past due date.
Maybe your business is an ideal target for thieves. For those whose inventory would bring a nice price on the street, this kind of fraud is worrisome. But there are measures you can take to minimize being taken by a thief.
The very first step with every order from existing customers is to check the ship-to address. There are certainly legitimate reasons that one may choose to use a different ship-to than what they usually use. That alone is not necessarily an issue. It simply must be verified before the order is shipped.
New customers must go through a process of validation before credit is approved in the first place. When an order is placed, there is another set of checkpoints to consider:
- Visit the company web site for addresses and email verification
- Validate the customer through Duns listings and Hoover listings
- Verify their business certificate
- Search the company on Google or other search engines
- Call the company headquarters for phone verification (Don’t simply trust the number on the application. Find the company online and compare the numbers.)
- Check the purchase order. Is it unusual in any way or is it standard to this company’s processes?
- Check out the customer’s domain (URL)
A fraudulent credit app is challenging to spot. In part because fraudsters will head straight to the top using the CEO or president’s signature so as to not have the app come into question. And this is where the Internet can really unveil the truth.
LinkedIn is an excellent source for validating information. Names and titles are listed as well as company websites. This is great when working to verify the credit app, but what about a purchase order?
While it’s hard to know if the signature on a PO is the CEO’s, sometimes, experience coupled with common sense is enough to spot a fraudster. For instance, it’s unheard of for the CEO or president of a billion dollar company to be the one placing an order for 100 laptop computers. It’s a red flag of mass proportions.
In a case like that, the fraudster posing as the CEO will typically take a ‘sky is the limit’ attitude on price. Who cares what those 100 laptops cost? There will be no price banter because he knows he’s not paying the bill. Another blazing red flag.
Any time you see a URL that’s been slightly altered from a real customers legitimate domain, it’s a problem. Fraudsters love this one. They can add one letter or number to an existing domain and it will often go unnoticed. The more subtle the difference … the better! Use Domain Age Tool online to know exactly how long that domain has been around.
Protecting your business from fraud isn’t easy and there’s no bulletproof system for doing so. But by employing the above checkpoints, you’re more likely to spot trouble that’s brewing.