Credit card thieves are everywhere, and they love shopping online. Most of the time people don't even need to steal a physical credit card to access your personal data - they can capture your personal information from insecure servers.

The effects of online cybercrime can be extremely damaging for both customers and businesses.

As a result of cybercrime, many businesses face chargebacks and lose money by sending orders that were never paid for.

Shopify has a built-in risk assessment function to help mark orders that look suspicious. These orders have been shipped through Shopify and meet certain fraud criteria.

Here's a closer look.

WHAT DOES IT MEAN TO RECEIVE A "HIGH RISK" FLAG?

A "high risk” flag means that someone who purchased one of your items meets certain criteria that calls the order into question from Shopify.

You will see it on the order page, marked with a small orange flag on the item line, and you will also receive a notification email if you're subscribed.

There are two levels of risk analysis you can receive, depending on your Shopify plan.

Shopify's basic members who do not use Shopify Pay will receive a risk summary. Click on the order number on your "Buy Orders" page to view it. The notification will tell you what criteria were found suspicious so that you can be better informed.

Companies that use the Shopify standard plan or higher (or Shopify basic with Shopify Pay) will get a higher level of coverage, and your enhanced risk analysis will actually tell you the level of risk associated with a purchase.

Higher-level risk analysis performs some additional checks.

The "Address Verification System" (AVS) examines whether the billing address the customer entered is the same as the credit card company has on file.

The "Card Verification Value" (CVV) is the small 3 or 4 digit code that appears on the back of your credit card. Requiring your customers to use it is a way to make sure whoever puts a card on your website has the card in their possession. This works because CVVs are prohibited from being stored.

"IP Address Check" allows you to see the country the customer bought in and if the country they live in is the same. An IP address check also includes blocking a customer from buying if his payment has failed several times, for example, if they are guessing the credit card or identifying details.

Alternatively, if you are a Shopify Plus merchant, try using Shopify Flow to automate your high-risk order reviews.

Here is a tutorial on how to set up an automation to send notifications to your customer service team to review high-risk orders.

WHAT SHOULD YOU DO IF SOMEONE IS BEING SUSPICIOUS?

If your risk analysis comes back with something suspicious, it's not a bad idea to check it again, especially if it's an unusually high-value order. Sometimes this only takes a few minutes and could save you money from a fraudulent purchase or chargeback.

Here are some things to look for:

ARE THE ADDRESSES THE SAME?

Check the IP address to see if the order was placed from the same country as the customer's address. The IP address will be at the bottom of an extended risk assessment. You can use a free tool to this find out. Also, take a look to see if you have multiple orders going to the same shipping address, but for different credit cards and billing addresses. These are signs of a suspicious transaction.

CONTACT THE CUSTOMER

Most customers appreciate when companies use proper due diligence with regard to online data security. Do not hesitate to call the customer and ask if they have placed an order with you. Most people would appreciate it if you are proactive in avoiding fraud. Ask them to verify some identifying details they should know from the top of their head. You'll have to follow your instincts, but if someone isn't able to answer basic questions, you should consider canceling the order.

DO A LITTLE RESEARCH ONLINE

Cybercriminals may have their information (such as their email address) posted somewhere online and marked as fraudulent. Perform a basic Google search for the email address used and "fraud", "scam", or a similar keyword and see if anything appears. If you find someone who is making suspicious deals, consider posting their email address in a comment to help the next person.

PROTECT YOURSELF FROM FUTURE ATTEMPTS

You can install Shopify "Watchdog", the Shopify Fraud Filter, which is an application that allows you to place filters to prevent common fraudulent practices. It is free and helps you detect some fraudulent orders that may go unnoticed.

MANUALLY PROCESS CREDIT CARDS

If you discover that fraud is a common problem in your business, consider manually processing credit cards rather than having them processed automatically. It can be a hassle, but it gives you an extra chance to detect fraud before it happens, rather than a chargeback after the order is shipped.

THE FUTURE OF DATA SECURITY

Data security is a booming industry and as more businesses are moving online it will continue to grow and increase in importance. Cybercrime affects both large and small businesses and can have a detrimental impact on your business. Here is an article from CSO that discusses companies that fell victim to some of the biggest data breaches of the 21st century.

It is important to proactively take steps to prevent data breaches on your website because it only takes one breach from cybercriminals for your business to lose trust from your customers.

What are you currently implementing in your Shopify stores to be proactive in preventing cybercrime? Comment below and let us know!