What Is Triangulation Fraud?
Triangulation fraud is a sophisticated three-party scam where a criminal acts as an invisible middleman between a legitimate customer and your store. The customer thinks they’re buying from a legitimate (often deeply discounted) store, but the criminal uses stolen credit cards to purchase from you and ship directly to the customer.
How Triangulation Fraud Works
Step 1: The Fake Storefront
The fraudster creates a convincing storefront (often a clone of real stores) offering popular products at below-market prices. These storefronts appear on marketplace sites, social media, or standalone websites.
Step 2: The Legitimate Customer
An unsuspecting customer finds the deal and places an order on the fake storefront, paying with their real credit card. The fraudster now has the customer’s shipping address and a payment.
Step 3: The Stolen Card Purchase
The fraudster takes the customer’s order details and places an identical order on your real store using a stolen credit card, shipping directly to the customer’s address.
Step 4: The Fallout
The customer receives their product and is satisfied. The stolen card holder discovers the charge and files a chargeback. You lose the product, the revenue, and pay chargeback fees - while the fraudster keeps the customer’s payment.
Warning Signs
- Mismatched billing and shipping - Billing address doesn’t match shipping address, and shipping address belongs to a seemingly legitimate person
- Orders from known fraud sources - VPN, proxy, or datacenter IPs
- Order patterns matching clone sites - Products and quantities matching items listed on suspicious external sites
- Chargeback spikes where recipients claim they didn’t order
Business Impact
Financial Loss
You lose the product value, shipping costs, and pay chargeback fees. The fraudster profits from the customer’s payment.
Chargeback Ratio
Triangulation fraud drives up your chargeback ratio, potentially triggering payment processor penalties or account termination.
Reputation Damage
Customers who discover they bought from a scam associate the experience with your brand, since your packaging and shipping labels are on the box.
Operational Burden
Investigating triangulation fraud is complex because the recipient is a real person who genuinely wanted the product.
How SecurEcommerce Helps
Clone Detection
Triangulation fraud often relies on clone sites that copy your store:
- Canary tokens detect when your content is copied
- Typosquat scanning finds lookalike domains
- Risk scoring prioritizes genuine threats
Traffic Blocking
Block the fraudulent order sources:
- VPN and proxy blocking prevents anonymous orders
- IP blocking for identified fraud sources
- Geographic restrictions for high-risk regions
Proactive Defense
- Monitor for clone sites that might be used as fraudulent storefronts
- Block traffic patterns associated with triangulation schemes
- Reduce chargeback exposure through geographic controls
Prevention Strategies
Detection
- Monitor for clone sites selling your products at deep discounts
- Flag orders where billing and shipping are in different countries
- Watch for orders matching products listed on suspicious external sites
- Track chargeback patterns for triangulation signatures
Blocking
- Block VPN and proxy traffic at checkout
- Restrict orders from high-risk geographic regions
- Block datacenter IPs from placing orders
- Implement address verification
Response
- Report clone sites used for triangulation immediately
- Work with payment processors on fraud pattern data
- Document triangulation patterns for chargeback disputes
- Alert customers about unauthorized sellers of your products