One of my clients has a new Parts Manager in a new store, and it didn’t take long for the crooks to seek him out. Here’s how it went down.
- Day 1: The bum calls in representing himself as a buyer for a small import/export company. He calls from in state, but wants the parts shipped out of state. He orders 4 parts and pays for it with a credit card which goes through without a hitch. This was so small they didn’t even set him up as a customer in the DMS; mistake number 1.
- Day 3: The bum calls again to say he got the parts and now needs some more. This order is larger, but still not exceptional. He offers to arrange the shipping through FedEx to “save everyone some money.” Once again the order goes through without any problems.
- Day 6: The bum calls in again and now wants to place a serious order. The Parts Manager gets a bit suspicious and asks him for a copy of his ID and Credit Card, which he complies with. Turns out both are bogus; surprised? You shouldn’t be but our young PM was. After checking these documents out the order is filled and payment goes through on the same credit card.
- Day 10: The bum calls again and places a similar order to Day 6 (didn’t want to spook the mark yet.) The only difference this time is the shipping address changes.
- Day 13: The bum now places a big order to the second address and, unbeknownst to the PM has the first credit card rejected. The Cashier is handling the transaction and accepts a second credit card without notifying the Parts Manager. No one is the wiser at this point; mistake number 2.
- Day 18: The bum now places a huge order, paying for it with the same second credit card. Just hours before the shipment goes out a letter arrives from the credit card company notifying the store that the first card is stolen and they are not paying any of the charges. No phone call; freakin’ snail mail! The bum acts indignant and wants his parts, but it doesn’t happen. No one notifies the police; mistake number 3.
- Day 32: Another freakin’ letter arrives from the second credit card company with the same story. The card number is stolen and they won’t pay. To add insult to injury FedEx was never paid by this creep so they’re going after the dealership for the freight as well. This guy got everyone!
I’d like to say this is an isolated incident, but it’s not. Thieves have been around since the beginning of man, but they’ve never had the tools these guys (and gals) have today. Talking to my friends in law enforcement it is nothing to create an authentic looking ID card from a laptop computer, or credit card for that matter. Hackers steal identities and use that info to steal money and goods which can be quickly turned into cash. Everything the bum bought was small and easily sold; spark plugs, sensors, etc., nothing real big or expensive. He may well be in the export business, just not legitimately.
How do you protect yourself from these creeps? The first step is to be suspicious. This was a small store in a non-metro market without an internet presence. The first question should have been “How did he find us?” Instead the counterman got sucked in by what looked to be a great new wholesale customer. So what should they have done?
- By the time order #2 came in the bum should have been set up in the DMS with a real customer# and Tax ID. The fact that the parts were going out of state should have been a red flag to look into him more completely.
- By the time Order #3 came in it was probably time to do an Equifax or D&B on him. Also, the credit card company should have been contacted personally to get a second approval which may have made them liable to share in the losses. If this failed then the losses would have been capped at less than $200.
- The Parts Manager should have been informed of any payment issues so he could have followed up with the credit card issuer that rejected the order. This is a great argument for the parts department doing its own cashiering.
- The Police should have been notified during the transaction process so they could trap the bum while he was stealing from the store. I know everyone was embarrassed, but this was the time to put pride aside and stop the crook before he got away and started doing the same thing to someone else.
The moral of this story is “If it’s too good to be true, it probably is.” Looking back on this, there were red flags flying everywhere, but everyone was focused on the sales and communications broke down in a number of key areas. Just like local wholesale, not all internet and phone business is good business. Pick and choose your customers carefully.