Is it me or has anyone here experienced extensive credit card fraud by clients originating out of Asia??? I don't mean to be offensive to people from that part of the worlsd, but it all leads me to believe they enforce no laws against this bold criminals.

Watch out for one especially bold crook - he goes by the name Sandi Sain - and may go by many other names. He is in Malaysia. He signed up with us, paid for one one - using a stolen card, then signed up at several other places using other stolen cards and then also paid for one year at this other places. We found out after the actual card owner in Missouri filed for a chargeback. Investigating further we noticed he had signed up at several other places. We called the other webhosts and found that he was using different stolen cards.

His goal seemed to be that whenever he got caught at one place, he simply transfered his files and pointed his domains to the new location. His domain name is http://www.sandisain.com and also http://www.sandi.com. Watch out for him. You may be his next victim. We may just stop taking orders from that part of the world altogether or begin forcing this people to pay via Wire Transfer before any accounts are set up!

Sorry,

http://www.sandi.com does not belong to this criminal. He signed up using that domain name and I just found out he never even registered the domain name and it actually belongs to someone else

Hello Jburnley,
I am also from Malaysia. it is not that we do not have laws on credit card fraud here. Is there any info or log files you can provide to me? I will see what you can do about it. At least you may be able to get the authorities to arrest them.
And for clients from Asia, yes, I agree that most of them like to use fake credit card. Though I am from Malaysia, I have always been advised not to simply take orders from Asia region. Try to avoid clients from that region if you are worried about fraud.

Is the culprit from Malaysia or from Indonesia? Java barat is in Indonesia.


Registrant:
sain,sandi (SANDISAIN-DOM)
caringin no.3
bandung, jawa barat 40223
ID

Domain Name: SANDISAIN.COM

Administrative Contact, Billing Contact:
sain, sandi (XX34047) sadies@indonet.com
sain,sandi
caringin no.3
bandung, jawa barat 40223
ID
0818220896 (FAX) 123 123 1234
Technical Contact:
WorldNIC Name Host (HOST-ORG) namehost@WORLDNIC.COM
Network Solutions, Inc.
505 Huntmar Park Drive
Herndon, VA 20170-5142
1-888-642-9675

Record last updated on 25-Mar-2001.
Record expires on 19-Feb-2011.
Record created on 19-Feb-2001.
Database last updated on 13-Apr-2001 09:04:00 EDT.

Domain servers in listed order:

NS.1STCOMWEBHOSTING.COM 64.176.60.150
NS2.1STCOMWEBHOSTING.COM 64.176.61.135

Bandung, Jawa Barat is indeed in Indonesia. My hometown is in Jakarta (the capital) and Bandung is about 110 miles from Jakarta. If you know the address, it's usually easy to get the phone number for that address. Also, why don't you contact indonet.com and ask for this culprit's information?

Anyway, quite embarasshed if this culprit is indeed from my country :(

cheers,
:beer:

You absolutely must record the IP# with each order you take, and use something like SamSpade.org to check where the IP# originates from. If the name and address for the credit card is listed as being in the US, but the IP# indicates they're using an ISP in Indonesia, you know something is probably not right.

[Edited by IntelligentHosting.com on 04-14-2001 at 12:46 AM]

Sorry, this person is actually from Indonesia. However we have had similar problems with clients in Malaysia as well. Anyway, anybody in Malaysia that wants to help get this person off the streets should may find his phone number helpful. Here it is 08184255137. It is sad but soon many hosts may simply stop doing business with clients from this part of the world.

Yes we see many many frauds attempted from Malaysia every week.

Hello
We have been instructed by our bank not to accept business from South East Asia.
Its unfortunate for the honest people out there but its really not worth thte risk for us to continue operating in that market.

Gordon

Dear Jburnley,

I am not sure whether the phone number you stated is valid. I could not figure out whether they are from the peninsular or the Sabah-Sarawak-Kalimantan area. Do you have his address ? Well, I have heard here that authorities here are paying rewards for those who report cybercrime but I have no idea on how to report them. Anyway, I would try to get more info into this matter as I am interested in getting into web hosting too. What I would suggest is you record down their IP. Then send an email to the ISP here. Normally they are the ones tracking down the culprit. If you need any assistance, please do not hestitate to contact me.
Regarding taking orders from SEA, I would advise you not to receive payments in terms of credit card. Only offer wire transfer or Bank draft. Only setup the account once you get the payment. Well, honest customers will understand the problem you are facing and they will gladly do what you require from them. Get them to send by registered post, if they send money order or bank draft.
;)

One other thing. These culprits usually target foreign web hosting service provider is because local companies here will always try to contact their customers when they receive their first order. And if they use fake credit card, the companies here would lodge a police report and get the ISP to investigate the matter.
If you are using internet phone and you can contact your new clients here, I think you can minimise the chances of fraud as these culprits usually do not enter the correct phone numbers for fear of being caught.
I will post the info on how to get these culprits here once I have acquired them from the ISPs.
I would like to ask you guys one thing. Are these culprits using their real address when registering their domain name? Do you get their Malaysia address while doing a whois on the domain name? if they have, it would be a lot easier to get them.
I heard the ministries here are trying to make a cyberlaw here. Perhaps feedback from foreign companies would greatly help. I will see what I can do for you guys.

Here's one for everybody. We had a customer recently that used an address and card info from Ohio (USA), had an IP address from Canada and their contact email address was a free Russian email address.

We didn't need to think twice of whether or not that was a fraudulent sign up.

We contacted the CC company to make sure and the card was in fact stolen.

It is such a waste of our time as hosts and customer service providers to have to spend the time to monitor these fraudulent sign up's rather than using our time to provide a better service for our legitimate customers.

Agree???

Also...We hate to point a finger at anybody but 99 percent of our fraudulent sign up's do come from foreign countries such as Malaysia, India, etc. :mad: But, we will not stop accepting new accounts from these countries because we do in fact have quite a few customers from these counties that are legitimate.

We oo have stopped any sign ups from Malaysia as a result. Out of around 54 Malaysia signups this year only one was legit and verified. That speaks for itself.

We intercepted another CC fraud case this morning, this time around from Pakistan. I think regardless of how much you try to prevent this things from happening (recording the IP's and that sought of thing) they will always happen. Seems to me like this people are so bent on fraudulently using stolen cards.

Kind of makes me thank God for America - can you imagine what doing business in some of this countries could be like?? Not to say we do not have our own problems here though, at least the laws will catch up with you pretty quickly if you fraudulently used a CC that did not belong to you.

Good thing we have laws against credit card fraud here. Think how often it does happen here with laws. All the money grubbin theives we have in America... ohh god without credit card fraud laws.

Yikes!:bawling:

Zach

Yes
Our bank told us that if the perpetrator was in the UK they would pass the details to the Police and it would be dealt with, but with these other countries they have found little point in reporting the issue because .com companies are viewed as american and subsequently a justifiable target for political reasons.

We have never had a CC problem like this with our UK brand which is identical apart fromt he currency and the domain extension.
I think this speaks for itself.......

Gordon

Almost all of our credit card fraud is from asia/middle east.

-Brendan

Originally posted by Ericwenlong
...
I would like to ask you guys one thing. Are these culprits using their real address when registering their domain name?
...
Sometimes. This is another way of verifying a questionable order; if they indicate they're transfering their domain name from another service, check the WHOIS information.

Sometimes the domain name will be listed as being owned by a person with a US address, but the order will show a completely different name and US address. Although there are legitimate reasons for doing this, it still should be counted as a red flag, especially if the contact e-mail address is from a free service (HotMail, etc.).

I live in Asia and I personally have committed credit card fraud several times just because I live here. In fact, all my friends have too! You can call us the Asian Fraud Mafia. If you need to contact us, call our L33T AzN PriDe BoYz in the states at 548-283-6578.


Andrew

The telephone number you mentioned seems to be like a cell phone in Indonesia....

SANDI SAIN is one of the Asian clients that used over 700 dollars in stolen credit card funds with us. When we threw him off the servers and contacted the FBI he quickly signed up with a new host here in the US, we contacted his new host and they too knock him off - he used a stole card with them as well. Then he contacted the third host and signed up with them as well. They too have kicked him out. Watch out for this criminal. His name is "Sandi Sain" and the domain name is http://www.sandisain.com