
Recover 4x more chargebacks and prevent up to 90% of incoming ones, powered by AI and a global network of 20,000 merchants.
Address fraud is when a scammer places an order using a fake, stolen, or deliberately mismatched billing or shipping address to obtain goods without paying for them. For e-commerce merchants it drives lost inventory, chargebacks, and fees. The fastest defense is layered address verification — AVS, CVV, 3-D Secure, geolocation, and velocity checks working together.
This 2026 guide explains how address fraud works, the red flags to watch for, the verification tools that stop it, and how it fuels chargeback fraud.
Address fraud is a form of identity-related fraud in which a criminal supplies false address information to obtain products, services, or credit they never intend to pay for. In e-commerce it almost always involves a stolen card number combined with either a fake shipping destination or a spoofed billing address.
There are two main variants. Billing address fraud uses false or stolen billing details to push a payment through, while shipping address fraud redirects goods to an address — often a freight forwarder or vacant property — that can't be traced back to the fraudster.
Fraudsters obtain card and identity data through phishing, data breaches, or the dark web, then use it to pass checkout checks. Social engineering helps them extract missing details directly from victims, while VPNs and proxies mask their true location so an order looks like it originates near the billing address.
Once an order clears, goods are frequently sent to a reshipping mule or forwarding service that relays them onward, breaking the trail. The genuine cardholder only discovers the unauthorized charge later — and disputes it, leaving the merchant liable.
The most direct hit is financial: merchants lose the goods, the shipping cost, and the sale value, then pay chargeback fees on top when the cardholder disputes the transaction. Repeated fraud also inflates your dispute ratio, which can push you toward card-network monitoring programs.
Beyond dollars, address fraud damages reputation through cancelled orders and refund friction, and it can create compliance exposure if a business repeatedly fails to detect fraudulent transactions.
Most address fraud shows a recognizable pattern at checkout. The signals below are strongest when several appear together on the same order.
| Red Flag | Why It Signals Risk | Recommended Action |
|---|---|---|
| Billing and shipping addresses don't match | Classic sign of a stolen card shipped elsewhere | Run AVS and manually review before fulfilling |
| Shipping to a freight forwarder or PO box | Used to hide the true destination and dodge tracing | Flag for review; request an alternate address |
| Multiple orders, different cards, one address | Indicates card testing or a reshipping mule | Apply velocity limits; block repeat offenders |
| Order pushed through after an AVS mismatch | Billing address doesn't match issuer records | Decline or hold until verified |
| Rush shipping on a high-value first order | Fraudsters want goods before the chargeback lands | Add manual review for new, high-value buyers |
| IP geolocation far from the shipping address | Order likely placed via VPN or proxy | Cross-check with device fingerprinting |
No single tool catches every case, so effective prevention layers several checks that each close a different loophole. The table compares the core methods.
| Method | What It Verifies | Strength / Limitation |
|---|---|---|
| AVS (Address Verification System) | Billing address vs. card-issuer records | Free via processors and widely used; covers billing only, not identity |
| CVV / Card Security Code | Shopper has the physical card | Stops basic stolen-number fraud; useless if full card data is stolen |
| 3-D Secure (Visa Secure, etc.) | Cardholder identity via issuer authentication | Shifts fraud liability to the issuer; can add checkout friction |
| Geolocation / IP checks | Whether device location matches the address | Catches proxy and VPN abuse; VPNs can still mask location |
| Delivery address verification | Address is real and deliverable | Cuts failed deliveries; doesn't confirm the buyer's identity |
| Device fingerprinting & velocity limits | Repeat or high-risk behavior across orders | Catches card testing and mules; needs a fraud tool to run |
Round out the tooling with operational habits: manually review flagged orders, train staff to spot suspicious patterns, keep customer data clean and secure, and monitor transactions continuously so you can act before goods ship.
When a stolen card or fake address is used, the genuine cardholder eventually sees the charge and disputes it as unauthorized, producing a fraud chargeback the merchant almost always loses. Undelivered or misdelivered goods create the same result when the buyer never receives what they ordered.
Strong address verification is one of the most effective ways to prevent these disputes before they start. For the cases that still slip through, a robust representment process — or automation — is essential to recover revenue lost to friendly and criminal fraud.
A fraudster buys a stolen card number online, enters the real cardholder's billing address to pass AVS, then ships the goods to their own address or a freight forwarder. The genuine cardholder later disputes the charge, leaving the merchant with the loss.
AVS compares the billing address a shopper enters at checkout with the address on file at the card issuer. A full match signals a legitimate cardholder; a mismatch flags the order for review or decline. It's the most widely used address-fraud control, but it verifies billing details only — not the shopper's identity or shipping address.
No. AVS checks only the billing address, so a fraudster who has the cardholder's full details can still pass it and ship elsewhere. Pair AVS with CVV, 3-D Secure, geolocation, and velocity limits for meaningful protection.
Mismatched billing and shipping addresses, freight-forwarder or PO-box destinations, multiple cards shipping to one address, rush shipping on large first orders, and IP locations far from the delivery address.
Yes. When a stolen card or fake address is used, the genuine cardholder disputes the unauthorized charge, producing a fraud chargeback. Strong address verification is one of the most effective ways to prevent these disputes.
Address fraud is preventable, but only with a layered strategy: verification tools like AVS, CVV, and 3-D Secure, backed by monitoring, staff training, and clean data. Treat it as an ongoing risk-management practice rather than a one-time setup.
For the fraudulent chargebacks that get through, Chargeflow automates evidence gathering and representment across every reason code — with pay-only-if-we-win pricing. Start for free to protect your revenue on autopilot.

Recover 4x more chargebacks and prevent up to 90% of incoming ones, powered by AI and a global network of 20,000 merchants.