You may notice an increase in fraudulent orders (e.g., expensive items ordered to a new shipping address for an existing account, which was canceled or disputed by the customer), and you want to know if the customer information was compromised.
Customers' credentials are encrypted and stored in a secure database on our side. However, if customers use weak passwords, their accounts still may be hacked and orders can be placed using saved credit card details. You can recommend to the customers to create strong passwords and regularly update them.
Additionally, we can configure your website to force customers to enter their credit card details each time they place an order. To implement this setting, submit a request to Symphony support.
Requests to implement the feature to force customers to enter credit card details each time should be elevated to the PS team.
If a custom reports an increase in fraudulent orders, check if they are sent to the same delivery address:
- From Manage, navigate to Customer Service > Orders.
- Find one of the orders and check the delivery address:
- Check the address for other orders reported by the customer.
- If the address is the same for all orders, elevate the case to the PS team to investigate the issue further and check if there is something similar between these orders and how the user(s) logged in when placing the order.
- If the address is different, the orders are not related to each other and you should send the information from the public section of this article to the requester.