Fact Check

'Card Not Present' Scams

Should vendors be wary of doing business with Nigerians who are looking to charge large purchases to credit cards?

Published June 17, 2004


Scam:   Vendors have been duped into shipping large orders to Nigeria, only to find they've been paid with stolen credit cards.


Origins:   Nigeria is recognized as one of the most corrupt places on Earth, having become notorious as a hotbed of international theft, chicanery, and fraud. Within that country almost no business transaction is free from the taint of bribery, and it has been estimated that seventy percent of the goods entering Nigeria are smuggled in.

This West African country gained its dubious international reputation in the 1980s after government corruption and a fall in oil prices crippled its economy. It is crushed under an estimated $30 billion debt, soaring unemployment, and galloping inflation. According to the United Nations Development Program, seven of every ten Nigerian citizens earn less than $1 a day.

In this environment, chicanery has become a way of life because very little else pays nearly as well. Although the country's leaders have pledged to tackle the international fraud rings and clean up the graft that thrived during the lawless years of military dictatorships, theft has

become so much a part of Nigerian culture that those who perpetrate it do so with little fear of punishment, let alone possess any real sense of wrongdoing. Many of those Nigerians who make their living through larceny believe that if caught they need only return a part of what they've taken for the matter to be fully resolved — the concept of going to jail for having victimized others is just not a part of the thought process.

Nigerian scam artists are masters at defrauding those who live in other nations. They have been highly successful at this endeavor through the venerable Nigerian scam, and they just recently have begun scalping many via the cashier check scam. But of late they have seemingly also discovered the potential of "card not present" (CNP) credit card transactions. CNP sales offer enterprising thieves the opportunity to have the goods they are stealing shipped directly to them — all it takes are seemingly valid credit card numbers and less-than-savvy merchants to victimize. Given that Nigeria is host to a thriving black market that makes disposing of ill-gotten goods not only an easy but lucrative undertaking, CNP theft is a natural for that land's swindlers to have turned their hands to.

Prior to the Internet, CNP (card not present) transactions were termed MOTO (Mail Order/Telephone Order) sales. CNP sales differ from point of sale (POS) transactions in that merchants do not ever see the actual cards or the persons proffering them. Whereas charge card sales made in stores conclude with prospective buyers presenting themselves and their chargeplates to the vendors, credit card purchases made over the phone, through the Internet, or by mail are effected merely by providing the data printed on the cards. These transactions are thus far less secure undertakings for merchants to engage in, given that the information being provided can't be even somewhat confirmed by a glance at the cards, or the identities of the buyers established by having them show additional proofs of who they are.

The CNP scam works like this: A retailer is contacted by phone or through e-mail by a prospective buyer looking to purchase a largish quantity of goods with a credit card. Often these goods are to be shipped to Nigeria, with the buyer unconcerned about the tremendous cost of transporting the order. In some cases, the buyer will look to split the cost of the order across a number of credit cards.

In a number of cases, Nigerians looking to disguise their identities have taken to placing calls through relay telephone systems that had been set up to assist the deaf. (As to how that works, hearing-impaired phone users type text messages on teletypewriters [TTY]. These text messages are relayed to specialized call centers where they are converted into spoken word for the people at the other ends of the phone lines. When these other parties reply, their messages are converted into text and relayed back to the hearing-impaired users.) Such "relaying" disguises what would have been otherwise telltale accents. Also, because there is no cost for this service, Nigerians can make these calls to businesses in the U.S. without racking up international phone charges.

Only after the goods have been shipped does the seller come to the realization that the credit card used to effect the transaction was stolen. By then it is too late — the goods are gone, as is the "buyer."

Merchants have to be especially wary of fraudulent credit card purchases because they bear the financial burden of any losses so incurred. Whereas a shopper who is robbed of his chargeplate is liable for only the first $50 of charges subsequently made against it, the merchant who accepts a purloined card is left holding the bag. If a thief uses hot plastic to "buy" thousands of dollars worth of goods from an overly trusting shopkeeper, that shopkeeper is out the value whatever the thief left the store with or had shipped to him — there is no $50 cap on the seller's losses.

We've grown accustomed to thinking of "businesses" as large financial entities, the sorts of mercantile behemoths that can easily weather a little theft here, a little fraud there. However, often the retailers who fall victim to this form of theft are small businesses run by single proprietors dependent on their shops' income for their livelihood. In those instances, there is no big, thick cushion of profits piled on profits, no built-in allowance for "shrinkage" (the retail term for losses due to pilferage) — the theft is a direct blow to people struggling to make a go of it. Indeed, larger businesses are less likely to fall prey to such fleecings in that their employees responsible for dealing with credit card transactions have been trained in what to look out for. In Mom 'n' Pop stores, training often amounts to only whatever instructions the person doing the hiring comes up with; if that person isn't savvy in fraud circumvention, the clerks he or she trains won't be either. Also, those operating or working for small outfits are far more likely to let desire to make sizable sales temporarily blind them to the dangers inherent to big CNP orders. Larger sales mean more in small shops, and they mean more not just to the owners but also to the employees involved because, being fewer of them, they are far more likely to benefit from the shop's success vis-à-vis more money being available with which to fund raises or underwrite improved incentive and benefit plans.

Here is a sampling of some Nigerian-run CNP frauds that successfully scammed small businesses out of their goods:

  • In December 2003, an Omaha firm that made Christmas lights and decorations found itself taken to the tune of about $10,000 — it had shipped goods to a buyer in Nigeria who had used a stolen card. The defrauded company became suspicious only when the buyer then looked to order American flag displays and five expensive Sony telephones, the latter not even being something the company vended.
  • In April 2004, a Lancaster, Pennsylvania, man who ran his own computer business was defrauded of $15,000. He filled and shipped three orders (including one for 65 ink-jet cartridges) before being asked by his customer for one hundred disc drives which the buyer planned to pay for by dividing the bill among eight credit cards. The proposed transaction raised enough of a red flag for the man to realize what had been going on. The thief had taken the added precaution of covering his tracks well: because the calls had been placed through a relay operator, they could not be traced and no voice was heard. (Such calls are typically placed by the deaf.)
  • In the summer of 2002, a bookstore owner in Richmond, Virginia, was duped out of $9,200 worth of goods when she accepted four orders in August and September via the Internet for a total of 270 Bibles and 31 electronic hand-held Bibles to be mailed to Nigeria. The loss put the bookstore into further financial distress — sales had been languishing before that, and the owner hadn't taken a salary since May of that year.
  • In April 2003, a non-profit organization in Albuquerque lost close to $1,000 in goods when it accepted a credit card charge for a large number of T-shirts. Its losses could have been far greater in that the thief was attempting to place a further 12 orders when the first theft was discovered. (Even then, the "buyer" had the gall to call the non-profit to insist the bad credit card number was simply a mistake.)

Sometimes those looking to move stolen merchandise to Nigeria do so by way of having the goods first shipped to U.S. addresses before being repackaged for transit to their final destination of the black market in Nigeria. They position innocent parties in the U.S. to act as temporary guardians of the incoming bounty, an act that gives vendors the false security of their goods being delivered to American addresses (from which they would assume they could be reclaimed if anything went wrong with the sale). Those desperate to make a bit of money will find themselves approached by Nigerians who will claim they are in the business of provisioning shops in that faraway land, but that their having to ship items piecemeal is killing their bottom line because the freight charges are murder. Would the dupe consent to their using his house as a central collection point where they could assemble their various purchases into one super shipment, or even doing the repackaging and shipping on their behalf? But of course they would be willing to pay a fee for the use of the premises for as long as their consignments were taking up space and to recompense him for his trouble.

The best such unwitting dupes can hope for are understanding police officers, in that sooner or later the boys in blue are bound to come knocking as one defrauded vendor after another reports having shipped goods to that address. In a worse scenario, those whose homes are being used as way stations will be assumed to have been in on the racket and will find themselves charged with receiving stolen goods:

  • In January 2004, a Mishawaka, Indiana, man fell in with such a scheme, storing items for a Nigerian woman who had convinced him she was starting up a business in her land and needed him to serve as a central collection point for her purchases prior to mailing them to her. The dupe met the woman (known only as "Brown Sugar") in an Internet chat room. Computer company Hewlett-Packard twigged police to what was going on after two computers bought from it with stolen cards showed up as having been shipped to the Mishawaka man's address. Police recovered DVD players, cameras, boots, clothing, and herbal and sexual supplements from the man's home. No charges were laid against the man because the investigation into the matter showed him to be a victim, not one of the perpetrators.
  • In July 2003, 42-year-old Leonett G. Knoll of Albany, New York, was charged with receiving stolen property after police discovered $50,000 worth of purloined goods at his house that he was preparing to ship to a confederate in Nigeria. Like the unnamed Mishawaka man, he too had been befriended in a chat room and persuaded to serve as a collection point for items to be freighted to Nigeria.
  • In February 2003, a New Hampshire couple were arrested after local police and U.S. Postal inspectors found a large amount of stolen merchandise in their home that they intended to reship to Nigeria.
  • A December 2003 news story out of Anchorage, Alaska, reports that at least two people in that city were roped into becoming receivers of stolen goods via a newspaper ad looking for folks interested in making money at home using the Internet. On the promise of being paid later by check, these folks received goods from local companies and shipped them off to Nigeria, only long afterwards realizing they'd been part of a crime.

Most of the time those who are using stolen credit cards to move goods to Nigeria are operating from that distant land and thus lie well outside the grasp of U.S. law enforcement. It is the sad reality of such thefts and frauds that they go unpunished because their perpetrators are safe in another jurisdiction.

But sometimes the perpetrators make the mistake of operating where American justice can get its hooks into them. In March 2003, 19-year-old Ikemefuna Iwunoh was arrested in Wichita on federal charges for his part in such thefts. The young man had been part of a group of Nigerian nationals who had hacked into computer systems to steal credit card numbers from across the country and had used some of the numbers so collected to order a variety of goods delivered to his home (for later reshipment to Nigeria, where they would fetch double their value on the black market). Some days as many as 40 boxes (containing computers, printers, shoes, and clothing) were delivered to his door. Three others in Pittsburgh were charged along with Iwunoh: Itobore Oshobe, 24; Ote Kadana, 23; and Andrew Ikepeme, 19. Investigators estimated that the apartment in Wichita was the base for about $100,000 in fraudulent charges between August 2002 and March 2003.

Barbara "charge of the light-fingered brigade" Mikkelson

How To Avoid Falling Victim To CNP Scams:

  • Always keep in mind that electronic approval of a credit card vets only that the charge account itself is valid; it does not guarantee that the person presenting it to you is its legitimate holder. Verify with the issuer that the card has not been reported stolen before proceeding with any large order.
  • Be wary of any CNP transactions (Internet, mail, telephone order) where one or more of the following indicators are present:

    • Larger than normal orders.

    • Orders placed where card numbers used are similar and/or sequential.

    • Orders going to international addresses.

    • Orders consisting of several of the same item.

    • Many orders shipped to a single address.

    • Orders shipped rush or overnight.

    • Orders originating from free e-mail addresses.

    • Orders where the "ship to" and "bill to" addresses are different.

    • Orders with requests that costs be split on one card or across several cards.

  • When faced with a suspect order, verify the customer's billing address, either electronically or by an automated phone system via accessing an Address Verification System (AVS).
  • Turn down orders which involve shipping goods to Nigeria.
  • Stop believing in the chimera of "something for nothing."

Additional Information:

    Foiling Credit Card Fraud   Foiling Credit Card Fraud   (Bankrate.com)

Last updated:   11 July 2011


    Gilligan, Gregory.   "Credit Cards Used to Buy Bibles Turn Out to Be Stolen."

    Richmond Times Dispatch.   16 November 2002   (p. C1).

    Johnson, May Lee.   "Internet Fraud Reported."

    South Bend Tribune.   10 January 2004   (p. A1).

    Jordon, Steve.   "Nigerian Scam Fools Omaha Firm."

    Omaha World Herald.   12 December 2003   (p. B1).

    King, Ronette.   "Scams Thrive on Corruption, Rampant Poverty."

    [New Orleans] Times-Picayune.   9 June 1996   (p. F1).

    Murphy, John.   "Reform in a Country of Cons."

    The Baltimore Sun.   20 February 2004   (p. A2).

    Tsong, Nicole.   "Internet Scammers Succeed in Schemes Duping Alaskans."

    Anchorage Daily News.   15 December 2003   (p. B1).

    Albuquerque Journal.   "AG Warms of Net Scam."

    10 April 2003   (Business Outlook, p. 20).

    Associated Press.   "Former Community College Student Arrested in Black-Market Scam."

    7 March 2003.

    Associated Press.   "Arrests in Wichita and Pittsburgh in Credit Card Scam."

    7 March 2003.

    Lancaster New Era.   "Business Here Loses $15,000 in Scam."

    5 April 2004   (p. B1).

    The [Albany] Times Union.   "Cops Link Scam, Web, Nigeria."

    25 July 2003   (p. B14).

    WMAQ-TV, Chicago.   "Caller Gives Two Credit Card Numbers."

    26 April 2004.