Start Free Trial
How to reduce fake COD orders on Shopify — fraud prevention guide

How to Reduce Fake COD Orders on Shopify (Without Losing Real Customers)

By LeadForm Team

If you're running a Cash on Delivery store on Shopify, you already know the feeling: orders come in, you pack and ship, and then the package comes back. No payment. Just a returned parcel and a wasted shipping cost.

Fake COD orders — also called prank orders, ghost orders, or fraudulent COD — are one of the biggest profitability killers for merchants in MENA, Africa, and Southeast Asia. On average, 8 to 10% of all COD orders are outright fraudulent, and return-to-origin (RTO) rates across the industry sit between 25% and 35%.

That means for every 100 orders you ship, up to 35 may never result in a payment.

This guide will show you exactly how to identify, filter, and prevent fake COD orders on Shopify — without adding so much friction that your real customers give up before placing an order.

Why Fake COD Orders Happen

Before you can fix the problem, you need to understand why it exists.

Cash on delivery is unique among payment methods because the customer has zero financial commitment at checkout. There is no card to charge, no payment to process, and no money at stake until the courier arrives at their door. This is precisely what makes COD attractive to customers who distrust online payments — but it is also what makes it vulnerable to abuse.

Here is who is placing fake orders and why:

Prank buyers. People who place orders as jokes, usually with a real phone number but no intention of accepting the package.

Impulse abandoners. Customers who placed an order in the moment but changed their mind and simply ignore the delivery attempt rather than canceling.

Wrong information submitters. Customers who entered an incorrect phone number or address — sometimes intentionally, sometimes not. You ship to a ghost address.

Competitor sabotage. Rare, but it happens. Competitors place bulk fake orders to drain your operational capacity.

Understanding the source of your fake orders tells you which solution to prioritize.

The Real Cost of Fake COD Orders

Most merchants only count the obvious cost: the shipping fee. But the real financial damage is much deeper.

Consider a store shipping 500 COD orders per month at an average order value of $30, with a 30% RTO rate:

  • 150 orders returned
  • Shipping cost per shipment (outbound + return): ~$6
  • Total wasted shipping: $900/month
  • Operational time wasted processing returns: significant
  • Inventory tied up in transit instead of available for sale: significant
  • Ad spend that generated those fake conversions: wasted

At scale, this becomes a business-threatening problem. A merchant doing $15,000/month in COD revenue can lose $3,000 to $4,000 per month in direct costs from fake orders and returns — before even counting indirect losses.

5 Proven Methods to Reduce Fake COD Orders

1. OTP Verification Before Shipping

The most effective single intervention is requiring customers to verify their phone number via a One-Time Password (OTP) sent through WhatsApp or SMS immediately after they place an order.

Here is why it works: if someone placed a prank order or used a fake phone number, they simply will not respond to the verification message. No response within your defined time window means the order is automatically canceled — before you ever ship it.

The data on WhatsApp OTP verification is compelling. Merchants who implement this system within five minutes of order placement see 70 to 85% of COD customers confirming immediately. Those who do not respond are filtered out automatically.

Implementation on Shopify: Several apps offer this functionality. Look for solutions that integrate directly with the Shopify order flow and trigger verification automatically, without manual intervention.

Critical detail: Speed matters. Send the OTP within minutes of order placement, not hours. The faster you reach the customer, the higher their purchase intent still is — and the more likely they are to confirm.

2. Custom COD Order Form with Smart Fields

The standard Shopify checkout was not designed for COD markets. It collects the minimum required information and does nothing to qualify the buyer.

A custom COD order form changes this. By designing the form fields intelligently, you can reduce fake orders passively — before any verification step.

Fields that reduce fake orders:

  • Full phone number with format validation. A properly formatted local phone number is harder to fake than a randomly typed string.
  • Address with required landmark or neighborhood field. Vague addresses = failed deliveries. Adding a landmark field forces customers to think concretely about where they live, which deters prank buyers.
  • Explicit order confirmation checkbox. A simple "I confirm I want to receive this order and will pay upon delivery" checkbox adds psychological commitment. It does not stop determined fraudsters, but it eliminates many impulse abandoners.
  • Delivery time preference. Asking when the customer prefers delivery makes the transaction feel real and committed. It also dramatically reduces failed delivery attempts.

A well-designed order form filters low-intent buyers passively, reducing your fraud rate before any active verification step kicks in.

3. Partial Upfront Payment (Deposit Model)

The most financially committed approach: require customers to pay a small amount upfront — typically $1 to $5, or 5 to 15% of the order value — before the COD order is confirmed.

This works because it introduces real financial skin in the game. Someone placing a prank order is unlikely to pay even a small deposit. Serious buyers have no problem paying $2 to confirm a $30 order.

Trade-off to consider: This approach will reduce your conversion rate slightly. Some genuine customers who prefer pure COD will abandon the checkout. You need to test whether the reduction in fake orders outweighs the reduction in real orders for your specific market and audience.

In most COD-heavy markets like Egypt, Morocco, and Pakistan, merchants who have implemented the deposit model report that their net revenue increases despite slightly lower order volume — because they ship fewer worthless orders.

4. Risk-Based COD Restrictions

Not every customer carries the same fraud risk. Sophisticated COD management means showing or hiding the COD option based on risk signals.

Risk factors that justify restricting COD:

  • Geographic area. Some cities or zip codes have statistically higher RTO rates. Track this in your order data and restrict COD for known high-risk zones.
  • Order value. High-value orders carry higher fraud risk. Set a maximum order value threshold above which COD is not offered, or require OTP verification for all orders above that threshold.
  • Repeat undelivered orders. If a customer has previously refused a delivery or placed a fake order, tag them in your system and restrict their COD access on future orders.
  • Device and session signals. New devices, VPN usage, and unusual browsing patterns can indicate higher risk.

This approach requires some data infrastructure but pays off significantly at scale.

5. Post-Order Confirmation Call or Message

For merchants who cannot implement automated OTP systems immediately, a simple manual or semi-automated follow-up call achieves similar results.

The process: immediately after a COD order is placed, your team (or an automated system) sends a WhatsApp message or places a call to confirm the order. Orders that do not respond within 2 to 4 hours are flagged for review before shipping.

This is labor-intensive but highly effective. The simple act of a follow-up message filters out a large portion of fake orders, because fraudulent buyers never respond.

Building Your Anti-Fraud Stack: What to Implement First

If you are starting from zero, here is the priority order based on impact per effort:

Step 1 (immediate): Implement WhatsApp or SMS OTP verification on all COD orders. This single step typically reduces fake orders by 30 to 50%.

Step 2 (this week): Audit your order form. Add phone number validation, address landmark field, and confirmation checkbox. Zero cost, immediate passive filtering.

Step 3 (this month): Analyze your RTO data by geographic area. Identify your three highest-RTO zones and restrict or require OTP verification in those areas.

Step 4 (ongoing): Build a blacklist of customers with previous fake order history. Tag them in Shopify and exclude them from COD eligibility automatically.

What Not to Do

A few common mistakes that make the problem worse:

Do not add too much friction. If your verification process is complicated — multiple steps, confusing messages, long wait times — your genuine customers will abandon the order too. Every anti-fraud measure has a conversion cost. Keep it simple.

Do not wait for a big RTO month to act. Merchants typically start thinking about this problem after a bad month. By then, they have already wasted thousands in shipping costs. Implement prevention early.

Do not treat all COD customers as fraudsters. The vast majority of your COD customers are real people who genuinely prefer to pay on delivery. Your anti-fraud system should be invisible to them — filtering out the bad orders while keeping the experience smooth for everyone else.

The Bottom Line

Fake COD orders are a solvable problem. They are not an inherent cost of doing business in COD markets — they are a systems problem, and systems can be fixed.

The merchants who scale profitably in COD-heavy markets are not those who accept high RTO rates as normal. They are the ones who build an order qualification layer between checkout and shipping — verifying intent, filtering risk, and only shipping to customers who have demonstrated they are real.

Start with OTP verification. Build from there. Your shipping budget will thank you.

Back to LeadForm