E-commerce
June 28, 2026
The order is flagged as "high risk" by Shopify Payments. You put it on hold, the legitimate customer receives a vague email, calls back furious, and abandons the brand. Or you ship a stolen card too quickly and lose the product plus the chargeback fees.
LexisNexis estimates that the total cost of fraud now exceeds $5.13 for every dollar lost in the US, and that 54% of US e-merchants report an increase in customer churn linked to anti-fraud measures (LexisNexis, True Cost of Fraud 2026).
This operational guide covers fraudulent order management from the support side: detection, review workflow, verification communication, false positives, and customer service scripts on Shopify. Distinct from the e-commerce fraud glossary, the chargebacks support (#87) and payment disputes (#86) guides: here the angle is fraudulent order vs. blocked good customer, before shipping.
Summary
Why does fraud management too often block good customers?
E-commerce anti-fraud tools protect your margin, but overly aggressive rules create false positives: honest customers whose orders are canceled or delayed without a clear explanation.
The double cost to balance
Undetected fraud: lost product + chargeback + processor fees.
False positive: lost customer + negative review + wasted CAC.
Overloaded support: "why is my order canceled?" tickets.
Why support is at the center
Chargebacks911 points out that refusing legitimate orders can cost up to 75 times more in revenue than fraud itself (Chargebacks911, Shopify prevention 2026). Support doesn't just execute cancellations: it is the human interface between the risk rule and the actual customer. Often wrongly blocked profiles: first-time purchase with a large basket, gift with a different address, VPN while traveling, expat's foreign card. See support cost analysis, payment declined checkout.
What types of fraudulent orders should support be aware of?
Mapping the order fraud types guides the review process without over-blocking legitimate profiles.
Third-party pre-shipment fraud
Stolen card: quick purchase, large basket, shipping different from billing, disposable email. Account takeover: hacked customer account, shipping address changed abruptly. Triangulation: fraudster resells on marketplace with your product. Card testing: micro-charges to test stolen cards: block by velocity, no manual review on every €1 order.
What is not the same thing
Friendly fraud: real customer disputes after receipt, chargeback angle (#87), not pre-shipment cancellation. Promo abuse: multi-accounts promo code, separate marketing policy. Refund fraud: return of a different product, customer service returns workflow.
Shopify and Stripe signals
Risk score Low / Medium / High in Shopify admin (Shopify, fraud analysis). AVS mismatch, CVV fail, velocity (N orders same card in 1 hr), IP geolocation vs delivery country. Stripe Radar: prioritize "review" rule rather than "block" except in extreme cases (Stripe Radar). See Shopify Payments, gateways explained.
How to structure a hold, verify, ship, or cancel workflow?
A documented support fraud workflow prevents decisions based on gut feeling and speeds up the review.
The five steps
Alert: automatic order tag `fraud_review` if risk > threshold or Shopify Flow rule.
Hold fulfillment: do not ship during review. SLA 4-24 hours depending on AOV.
Human scoring: customer history, address consistency, valid email/phone, resale target product, device fingerprint if available.
Decision: release (ship, tag `fraud_cleared`), verify (contact customer), cancel (cancel + refund, tag `fraud_confirmed`).
Documentation: Shopify order note: who, when, why, evidence.
Practical rules
Medium risk + known customer (2+ delivered orders): auto-release. High risk + new customer: verify, do not auto-cancel. AOV > €300: supervisor approves cancel. Digital goods: verify before sending download link. ShipStation or 3PL: hold until tag `fraud_cleared` is removed. See order edits, prioritize Shopify tickets.
How do you contact a customer for verification without accusing them?
The order verification must reassure the honest customer, never accuse them.
Channels and timing
Email + SMS if AOV is high. Send within 30 minutes post-order, not 24 hours: the customer is still engaged. Recommended subject: "[Brand] order #[X]: quick check before shipping". Avoid "fraud detected" in the subject line.
Standard message
"To protect our customers, we verify certain orders before shipping. Please confirm the last 4 digits of your card, the holder's name, or reply to this email. Shipping upon validation, within 2 hours."
What should never be said
"You are suspect", "fraud", "police" (except in extreme cases involving a lawyer). 72-hour silence: the customer leaves and posts a negative review. Never ask for the full CVV nor store sensitive data in a ticket: PCI compliance, Gorgias auto-redaction. AOV > €1,000: short call option or SMS OTP on billing phone.
If no response
Reminder at 48 hours, then cancel + refund according to documented policy. Premium brand: frame the verification as a concierge service, not a banking check.
What are the customer service scripts for cancelled, delayed, or under-review orders?
Standardized customer service fraud scripts preserve the relationship when an order is cancelled, delayed, or under review.
“Why is my order cancelled?”
“Our security system was unable to validate the payment. No final charge was made, or a refund will appear within 5 to 10 business days. You can place your order again or contact your bank if a charge is visible. Reference #[X].”
“I was asked for my card, is this a scam?”
“This is a standard anti-fraud verification by [brand]. We never ask for the full CVV or your banking password. Only the last 4 digits or a confirmation of identity. Official email: [your-domain.com].”
Indignant loyal customer and gift with a different address
Loyal: “I understand your frustration. Your history of [N orders] is noted. Immediate manual validation, free shipping on your next order as a gesture.” Gift: “This is normal for a gift. Confirm the recipient's name and your relationship with them, and we will ship today.”
Macros and escalation
Gorgias: FRAUD-001 verify, FRAUD-002 cancelled explain, FRAUD-003 false positive apology. Threat of bad review + consistent evidence: supervisor release. Manual release > €500: double validation agent + lead in Shopify note. See support templates, support chargebacks.
Which legitimate profiles are often mistakenly blocked?
Reducing false positive fraud improves conversion and NPS as much as blocking real fraudsters.
Profiles to not automatically cancel
Returning customer: 2+ orders delivered without incident.
Gift: gift message at checkout, explainable different address.
Corporate card: company name in billing.
Expat: FR card, EU delivery or known forwarder after a successful verification.
Influencer partner: internal whitelist list.
Concrete easing measures
Shopify segment "2+ orders fulfilled": bypass medium risk auto. First high AOV purchase: verify email + SMS, never auto cancel. Christmas period (Dec 15-24): ease gift rules, strengthen post-holiday. Recurring subscriptions: never hold without a card anomaly. Shopify estimates that up to 5% of legitimate orders can be wrongly rejected by overly strict systems (Shopify, fraud management 2026). A/B test thresholds: correlate chargeback rate vs false positive tickets.
Which Shopify and Stripe tools should be configured to limit false positives?
Configure the Shopify anti-fraud stack to review rather than systematically block.
Native Shopify
Fraud Analysis Low / Medium / High: support reads before holding. Shopify Protect: chargebacks covered on eligible Shop Pay orders, less aggressive cancel pressure. Manual payment capture if you wish to review before capturing. 3D Secure on carts > €200: shift liability to the issuer, moderate checkout friction (Shopify, fraud prevention).
Stripe Radar and third-party apps
Radar rules: block only extreme velocity or confirmed email blocklist; review for the rest. Signifyd, NoFraud, Riskified apps: compare decline rate vs false positive during a 30-day trial. Shopify Flow: auto-tag `fraud_review`, Slack alert #fraud, pause fulfillment. Review rules quarterly: patterns evolve, especially with AI-assisted fraud (74% of Veriff respondents report an increase in 2025).
PayPal and headless
PayPal Seller Protection: distinct dispute workflow, train support. Headless checkout: reimplement equivalent risk signals. See payment gateway guide, BNPL support.
How do you coordinate ops, support, and finance on at-risk orders?
E-commerce fraud management is cross-functional: ops, support, finance and tech share the same decision.
Simplified RACI
Ops / fulfillment: hold ship, release after cleared tag.
Support: customer contact verify, scripts, false positive handling.
Finance: refund cancel, chargeback link post-shipping.
Tech: Radar rules, Flow, 3PL integrations.
Fraud Owner: weekly metrics review, threshold adjustments.
Daily Process
Slack #fraud-review: order > €300 high risk ping with admin link. 7/7 review if international clientele. 5 min standup: orders hold > 24 hrs without action. Blacklist email/IP only after confirmed fraud, never after a false positive. Chargeback post-mortem: did the order pass review? Rule to be adjusted? Escalation matrix: AOV < €50 agent release | €50-300 verify | > €300 supervisor.
What proactive communication preserves the customer experience?
A well-managed fraud review customer experience can strengthen trust instead of destroying it.
Visible statuses and communication
Account page: "Order undergoing security verification, response within 24 hours" rather than a frozen "canceled" status with no context. SMS: "[Brand]: order #123 under quick review. Please reply to the email or chat." Branded Klaviyo email consistent with order confirmation, not a suspicious plain text email.
After release and false positive
Post-release email: "Order validated, shipping today". Confirmed false positive: -10% "sorry" code or free shipping, a cost lower than the lost LTV. Delay Trustpilot invite if the order was under fraud review. Help center: "Why an order verification?" without risk score jargon. See help center, assisted journey, pre-purchase objections.
Measured transparency
Do not publish your fraud rules (helps fraudsters), but explain the human process: "We verify certain orders to protect our customers."
Which KPIs balance prevented fraud and false positives?
Measuring avoided fraud and false positives together guides your settings, not the chargeback rate alone.
Essential KPIs
Fraud rate: % confirmed fraud orders post-review.
Chargeback rate: target < 0.65% to stay out of Visa monitoring programs (Shopify, 2026 fraud KPI).
False positive rate: legitimate customers unjustified cancel/review.
Verify conversion: % verify → shipping.
Time to review: median hold duration.
Tickets fraud_related: support volume.
Tags and monthly review
Gorgias: `fraud_review`, `fraud_false_positive`, `fraud_verify`, `order_cancelled_security`. Top 10 false positives of the month: pattern to whitelist. Balance: cost of avoided fraud vs LTV of lost customers. Cohort of new customers: false positive rate 3 to 5 times higher, invest UX verify. Klaviyo win-back flow after false positive. See tagging conversations.
How does Qstomy handle fraud review orders?
Qstomy manages blocked order questions 24/7 without accusing the customer, connected to Shopify.
Intents and tone
`order_cancelled_why`: status + refund delay. `fraud_verification`: explains process, reassures. `order_on_hold`: review delay + contact. `repurchase_help`: support after cancellation. The bot avoids the word "fraud", uses "standard security verification". Anger detection: immediate human escalation.
Sync and handoff
Order status, `fraud_review` tags, agent-visible internal note. Customer responds to verification in chat: agent handoff for release. Priority queue for `fraud_verify` tickets.
Encrypted DTC scenario
DTC fashion brand, 85 orders/day, 12% flagged medium/high risk, 34 "cancelled order" tickets/month, estimated false positive rate 28%.
Deployment of Qstomy fraud intents + macros FRAUD-001 to 003 + bot-visible hold status. 10-week result: fraud tickets -41%, verify conversion +22%, 19 false positive customers won back via sorry bot flow, chargeback rate stable at 0.38%, post-verify NPS +12 points.
Explore AI support and request a demo.
Which operational playbooks should be launched this week?
Playbook 1: audit of the last 5 cancel "fraud" orders
Shopify export cancelled security. How many customers contacted support again? This is your false positive proxy. For each case: verification attempted? Script used? Common pattern (gift, first purchase, country)?
Playbook 2: deploy hold-verify-release workflow in 72 hours
Shopify Flow tag `fraud_review` on medium+high risk. Pause 3PL fulfillment. Email verification template (section 4). SLA review 24 hours. Support training 45 minutes on 3 FRAUD scripts.
Playbook 3: mystery shop gift to a different address
Place a test gift order on your site. What happens? Auto hold? Verification email? Delay? This is your fraud UX audit under real conditions.
Playbook 4: whitelist recurring customers
Shopify segment 2+ orders fulfilled. Radar/Flow rule: medium risk + segment = auto-release. Measure chargeback rate over 30 days before wide release.
Playbook 5: monthly fraud vs experience review
Dashboard: fraud rate, false positive rate, verify conversion, chargeback rate. Meeting between fraud owner + CX owner: one KPI must not improve at the expense of the other.
Useful links
Effective anti-fraud means less fraud and fewer good customers blocked: both metrics matter, and support is the bridge between the two.

Enzo
June 28, 2026





