Good morning, merchant.
Please direct your attention to the screen. A new case file has just landed on your desk.
Your mission, should you choose to accept it, is to investigate a suspicious transaction that has infiltrated your Shopify store.
The order looks like this: $125 item, one red flag, one more red flag, and eight green signals staring back at you. Shopify's high risk of fraud analysis has delivered its verdict -- well, sort of. It flagged two things in red: the order characteristics match patterns from past fraudulent orders, and the customer's IP address is 1,220 km from the shipping address. Everything else checked out: CVV is correct, the billing address matches, there’s only one payment attempt, and no proxy detected.
This is exactly what happened with this merchant:
“I received a high risk order, the item costs 125 dollars. I looked around and based on my analysis(or shopifys analysis and some similar questions here on reddit) that customer might file a chargeback in order to get item for free?”
So, do you cancel? Do you ship? Do you pick up the phone?
The answer is rarely obvious, and the default instinct, cancel anything suspicious, can cost more than the fraud itself. I mean just look at horror movies. They got it done best: the fear of the monster is often worse than the monster itself. Similarly, it's the fear that a fraudster might be there that cost retailers $443 billion globally every year in false declines. That's nine times more than actual fraud losses.
In the US alone, merchants lose approximately $118 billion annually to legitimate orders that get wrongly blocked and the sad part is 39% of those customers never come back. And why should they?
So, we’ve made this guide to help you understand what these warnings actually are, mean, and how they can have a direct impact on your revenue.
Let me give a setup of what is actually happening behind the scenes when that red flag appears. Contrary to popular belief, there is no tiny fraud investigator in your dashboard squinting at transactions with a magnifying glass. It’s all machine learning algorithms that Shopify's uses for fraud recommendations trained on historical transactions across all Shopify stores.
Every fraudulent order that ever rolled through the platform has fed this model, and when your incoming order pattern-matches anything in that history, the system flags it.
Shopify has seen billions of transactions. It knows what a stolen-card order looks like. The problem is, it also knows what a perfectly legitimate order looks like - and in the case shared above, it might be that those two things look identical to the algorithm.
According to Shopify's senior data science manager for Payments and Risk, the model has been trained on over 10 billion transactions across millions of merchants. Impressive, but also humbling, because 10 billion data points still can't read a single one of the 86 billion neurons in your customer's mind.
The system scores every order on a risk level: low, medium, or high. Indicators are marked green (usually seen on legitimate orders), red (usually seen on fraudulent orders), or grey (additional context worth noting). Medium and high-risk orders get a warning symbol next to the order number. What the system does not do is make the decision for you. That call is always yours.
That being said, here are a few common indicators to look out for:
Here's how to read a Shopify high risk of fraud flag without defaulting to panic:
A single fraud signal is a yellow light. But five or six firing at once is a flashing neon sign that a chargeback is on its way.
If the order:
You're no longer looking at a coincidence. This is the type of order that typically deserves cancellation.
In this case, one or two red flags are present, but your payment signals are strong (CVV correct, billing zip matches). The best thing to do here is a quick verification email, something like: "Hi Ethan, thanks for your order! We're just confirming a few details before we ship. Could you reply from the email used at checkout to confirm your shipping address?" Legitimate customers respond. Fraudsters, who often have no idea what email address was used, typically don't.
This takes two minutes and saves you the guesswork. If you get a response that matches the order details, ship it. If you get silence after 24 hours, cancel and refund.
This is your single low-weight flag like IP distance only or no other signals, combined with correct CVV, matching billing zip, normal order value, and a clean payment. This order is almost certainly legitimate. Canceling it costs you revenue and, statistically, one in three of those customers you'll never see again. So, fulfill it, document your decision, and move on.
Absolutely, it does. And, in this case, the IP distance flag deserves its own roast.
Shopify's own merchant community has been vocal about this for years:
“All of a sudden I’m getting notice that some of my orders are high risk for fraud (based solely of the ip address - or availability of an ip of the shopper) 1. at&t mobile is notorious for reporting IP as the next biggest city, 2. shoppers don’t only place orders from their home.”
So, anyone using an Android on AT&T, shopping from a hotel, placing an order while traveling, or buying through a VPN will trigger the IP distance flag even when billing address, CVV, and card number all match perfectly. This could be snowbirds ordering from Florida when their card is registered in Michigan or someone placing an order on the highway using mobile data from a different cell tower region.
These are your customers. In situations like these, Shopify's High Risk warning has a false-positive rate high enough that hitting "Cancel Order" seems unavoidable.
However, the merchants who have been doing this long enough develop a feel for the difference. An IP 200 miles away with a clean payment profile is not the same as an IP from a different continent alongside multiple failed card attempts. Shopify's fraud analysis is a black box, it won't tell you exactly which characteristics triggered the "similar to past fraudulent orders" flag, and not all indicators are shown to merchants. So you learn to weight what you can see.
Useful fact: If you think the single most complained-about fraud trigger in the Shopify community forums is stolen cards. Think again because it's legitimate customers on AT&T mobile data getting flagged as high-risk.
So, here are a few quick gut-check questions before canceling any high-risk order on Shopify:
Friendly fraud now accounts for 40 to 80% of total fraud losses, and Shopify's algorithm is completely blind to it. Why am I telling you this? Because you could just get a chargeback dispute to fight with whatever post-purchase documentation you managed to collect.
This is where the mission changes. Getting the cancel/verify/fulfill decision right on high risk orders protects you at the point of sale.
One of the best ways to reduce chargebacks is to give customers a better option. When people know their purchase is protected and there's a simple way to get help if something goes wrong, they're less likely to call their bank first. They contact their warranty provider instead.
At SureBright, we help merchants offer warranty coverage that protects the customer's purchase: their investment, their confidence in buying from you, and most importantly, their peace of mind. When that safety net exists, the "I want my money back" reflex gets replaced by "I'll file a claim." That's a better outcome for the customer, and it keeps your chargeback rate from climbing because of disputes that were never really about fraud in the first place. And yes, it delivers stronger margins that finally adds a smile to your accountant’s face as well.
So, schedule your demo today and find out all the benefits you can unlock within a few minutes.
.jpg)
M Khizar is a writer enjoys making complicated things feel simple. He writes about warranties, ecommerce, and the small details people usually overlook, until they matter. His work focuses on clarity and helping readers make smarter decisions without overthinking it. Outside of work, he enjoys reading, writing personal blogs, and binge eating with friends.
