hosted by liquidweb


Go Back   Web Hosting Talk : Web Hosting Main Forums : Running a Web Hosting Business : What the %!?&/! is going on? URGENT!!!
Reply

Forum Jump

What the %!?&/! is going on? URGENT!!!

Reply Post New Thread In Running a Web Hosting Business Subscription
 
Send news tip View All Posts Thread Tools Search this Thread Display Modes
  #1  
Old 07-15-2001, 09:49 AM
microsol microsol is offline
Web Hosting Master
 
Join Date: Jul 2001
Location: /dev/null
Posts: 1,219
Angry

What the %!?&/! is going on? URGENT!!!


Hello all your hosters, i need a advice what you would do in the following case:
I am running a small webhosting company or at least that's what i am trying. I have to partners actually.
So, at Saturday, 07 i got an order of an dedicated server for $298/month and $99 setup. The guy paid his setup fee per cc and i ordered the server at a local vendor. Because they didn't have any on stock i had to look around and found another vendor which could deliver the server in a short time after building it. Unfortunately the server was more expensive and i had to ask back, if the client wanted to go ahead with the higher cost giving him some facilities like more bandwidth and others.
But there was something suspicious on it because he signed up with, let me say "Mister Nobody" (This is a fictious name, of course). When i got his answers back by email, it came in as from "Mister Suspicious" (fictious as well) saying ok to everything but he needs his server as soon as possible (he signed up with one name and he had another name in his email client?, ) We gave him the date when we would be able to deliver it to him. The time went by, the cc transaction was accepted (we are using worldpay), the server came in, we set it up and sent an email telling him that his server is ready and we are waiting for his first month payment. Now comes the second suspicious part:
First he always showed hurry and when it came down to any action done by him, it was always friday or saturday and he didn't reply until monday. So, monday came and payment was made on his account but from another "Mister Whatthe****" saying he's his cousin and asking the root login and password to be sent to his cousins email.
The payment by cc from "Mister Whatthe****" for the server was accepted so we routed an IP block to his server and sent the root login to "Mister Playboy" (Mister Nobody and Mister Suspicious before!). He changed his name in his email client again but at least the fist name was the same as the one with which he made the cc payment when he signed up with us.
Time went by and we got an email (a part time worker helping us in peak times) from "Mister Playboy" asking to reverse his ip. He was told that he can do this himself running the DNS on his own server but to look at the manual of the server and to ask back if he don't know how to do it. , but it was actually stupid what the part time worker has told him because "Mister Playboy's" request to reverse a DNS for him showed already what he wanted to do and anybody else here would have mentioned our TOS.
The big **** came two days later:
We got an advise from some server owners and from another network (Operating in the same NOC) that there appears to be a problem in our network, because other server owners couldn't accesss their IP's and they checked theirs already.
We monitor servers for our clients to get their servers back up if they appear to be down before the client actually know about it.
So a alert was ringing and guess who's server it was?
Right, it was "Mister Playboy's" server. We went in and found out that he did not only take the ip block we assigned him, but from another clients!!!!
We shut the server down and sent an email to Mister Playboy telling him that we'll look at his server within the next hour and that we found out what he had done and that we have to go into the server to cancel the IP's which belong to other customers. And in the future PLEASE ONLY to use his assigned IP's.
We went into the server about 2 hours later (it was a very busy day) to find out that we could not cancel these unauthorized IP's from the control panel because the where some customization made to the server making it impossible to control anything from the control panel. He had taken the IP's not from our customers, but from another ISP operating in the same NOC and using the same backbone. The server was that modified to provide shell hosting (strictly forbidden in our TOS). Load average was 21.97. We made screenshots and sent them to him by email along a message that we have to restore the server to the factory setting and that his server will be back online within the next three hours and told him to look at our TOS and abide to it. This time we wouldn't charge him for the server restore but the next time he would face a fee of $99 per tech hour and that he can hold responsible for damages caused to the network(s). And he's paying $50 less than other clients for the same server!
As i said before, it was a very busy day and his server was up and running 18 hours after discovering the disaster.
We sent an email to Mister Playboy telling him that his server was successfully restored to the factory settings but before sending him the login we asked him to print out our TOS, signing it and to fax it back to us along with a copy of his id card or passport. . Next time he would face $99 per tech hour and/or disconnection of the server (of course it will be disconnected in these cases) and immidiate cancellation of the contract (monthly). In case if he want's to discontinue with our services we would have to charge him the the first month for the damage and wasted time caused of his server administration.
We got an email back asking for the login because the one he's got don't work
We sent him the same email again asking for the documents by fax and since then (saturday midday, yesterday) there's no answer from him. Ok, this was happen last weekend (when we asked for the first payment) as well, so we will see what's going to happen tomorrow, monday. I forgot to say that we know that he got our emails because we got the receipt back as delivered.
But he only was asking back when he could "access his server, it seems to be down" and another one "when could we guys respond him" (When we had the receipeds that he got the other mails).
But this story doesn't end here.
When the problem was happen i tried to phone him up but there where no person "Mister Playboy" at this number. So i made a reverse lookup of his phone and there's no entry for him. I checked his "Cousin", Mister Whatthe****, and his cc transaction also was accepted, the address was different, but the phone number and the email of him was the same as the one of his "Cousin" and because i tried to phone him i know that it's wrong. So i made an whois lookup, only to see the same data i already had. I tried to lookup the domain at which he offered shell accounts and this domain is registered to a completely different person in a different country (non US).
I'll see what's going to happen tomorrow and i'll tell you all. But i would like to know how you would react in this situation and what you would do. How are the possibilities for me to keep the money (it was really heavy this case) if he doesn't answer and open's a chargeback? Our TOS is clear and it was one of the heaviest violations we ever had.
Please post your comments. Thx for your time.



Sponsored Links
  #2  
Old 07-15-2001, 10:40 AM
auyongtc auyongtc is offline
Junior Guru Wannabe
 
Join Date: May 2001
Location: Tokyo, Japan
Posts: 94
Well oh well... looks like a case of internet fraud here...

I know, I've been young... (hehe, I'm still young anyway)... these stuff happens, better check with the CC owners to see if they authorized such transactions.

It's good that you refrained from giving him access till he signed the TOS... doubt it will ever come thru to your fax machine tho

Mainly these are ingenius works by teenagers who are so into shell accounts normally for ircbots or hacking purposes. And maybe that's why he's trying to use other people's IP addresses instead of his own

What do YOU think?

  #3  
Old 07-15-2001, 11:15 AM
microsol microsol is offline
Web Hosting Master
 
Join Date: Jul 2001
Location: /dev/null
Posts: 1,219
Quote:
Originally posted by auyongtc
Well oh well... looks like a case of internet fraud here...

I know, I've been young... (hehe, I'm still young anyway)... these stuff happens, better check with the CC owners to see if they authorized such transactions.

What do YOU think?
I've been thinking about it and i also think that this fax will never arrive (anybody to take this server over? )

I'll tell you more about worldpay: First when they fill the cc details in to pay, the payment only is listed as accepted when the owner and all the details are allright. Second, now they must fill in the security number from the back of the card. So they must HAVE the card actually.
After 3 days at worldpay and checking for stolen cards i think the order will be listed as authorized.

How can i find out the phone number of the owner of the card having only his name?
I know he lives in the US, but the street name and city could be wrong couldn't it?
The same as with the second payment (the monthly server cost) it comes from another person claiming to be the "Cousin" of the first one. This payment also was displayed as authorized after three days.

I also have the IP's where they signed up from so i can track these "suckers" (in case all this is fraudulent) and i will contact every possible justice department to kick their asses

Sponsored Links
  #4  
Old 07-15-2001, 11:31 AM
BenDoherty BenDoherty is offline
Web Hosting Evangelist
 
Join Date: Jul 2001
Location: UK
Posts: 478
Hi Microsol,

Bit og a bummer really i would kick their ass too, how much for taking the server over?

Give me all the details you have on these 2 twats and i will have a think, they must have left soemthing that u can use to trace, AOL accounts, ICq something

Ben

  #5  
Old 07-15-2001, 11:47 AM
microsol microsol is offline
Web Hosting Master
 
Join Date: Jul 2001
Location: /dev/null
Posts: 1,219
Quote:
Originally posted by BenDoherty
Hi Microsol,

Bit og a bummer really i would kick their ass too, how much for taking the server over?

Give me all the details you have on these 2 twats and i will have a think, they must have left soemthing that u can use to trace, AOL accounts, ICq something

Ben
I have EVERY evidence of them , but i would like to wait with details until this case is clear. I already contacted worldpay and asked them to investigate these transactions.

  #6  
Old 07-15-2001, 11:50 AM
BenDoherty BenDoherty is offline
Web Hosting Evangelist
 
Join Date: Jul 2001
Location: UK
Posts: 478
???? Damn it was getting excited about kicking somones head in . I hate people that fraud. Anyway ca i have that server free, lol!

Ben

  #7  
Old 07-15-2001, 11:51 AM
microsol microsol is offline
Web Hosting Master
 
Join Date: Jul 2001
Location: /dev/null
Posts: 1,219
Quote:
Originally posted by BenDoherty
Hi Microsol,

Bit og a bummer really i would kick their ass too, how much for taking the server over?
Ben
I sent you a private mail according to the board rulez

  #8  
Old 07-15-2001, 11:59 AM
BenDoherty BenDoherty is offline
Web Hosting Evangelist
 
Join Date: Jul 2001
Location: UK
Posts: 478
i havent got a private message email me bendoherty64@aol.com is u want

  #9  
Old 07-15-2001, 12:10 PM
auyongtc auyongtc is offline
Junior Guru Wannabe
 
Join Date: May 2001
Location: Tokyo, Japan
Posts: 94
But seriously, even tho that the transaction went thru, better check with the cardowners and all... or else you might just get surprised with a chargeback from the real cardowners, kinda sad to receive that, especially if worldpay charges a lot for the chargeback fees.

Maybe you can work things out with the real cardowners like sending them a check as refund instead, if it's really a fraud. And warn them that their card is in fraud circulation

  #10  
Old 07-15-2001, 12:16 PM
microsol microsol is offline
Web Hosting Master
 
Join Date: Jul 2001
Location: /dev/null
Posts: 1,219
Quote:
Originally posted by auyongtc
But seriously, even tho that the transaction went thru, better check with the cardowners and all... or else you might just get surprised with a chargeback from the real cardowners, kinda sad to receive that, especially if worldpay charges a lot for the chargeback fees.

Maybe you can work things out with the real cardowners like sending them a check as refund instead, if it's really a fraud. And warn them that their card is in fraud circulation
I checked the domain registered and hosted on the dedicated server of "Mister Playboy". The domain is registered to the same name which was used to make the initial setup payment for the server. Why should they make fraudulent transactions to pay a domain?
But it comes back to finding out their real phone numbers and addresses having only their names as a point to start with.

  #11  
Old 07-15-2001, 12:54 PM
Planet Z Planet Z is offline
Web Hosting Master
 
Join Date: Apr 2001
Location: Boca Raton, FL
Posts: 657
I don't think we would have ever set the server up. It seems the customer was very suspicious from the beginning. Also, you should have the customer sign and mail/fax the TOS/contract BEFORE you actually set the server up, not afterwards.

Just some friendly advice.

  #12  
Old 07-15-2001, 01:05 PM
microsol microsol is offline
Web Hosting Master
 
Join Date: Jul 2001
Location: /dev/null
Posts: 1,219
Quote:
Originally posted by Planet Z
I don't think we would have ever set the server up. It seems the customer was very suspicious from the beginning. Also, you should have the customer sign and mail/fax the TOS/contract BEFORE you actually set the server up, not afterwards.

Just some friendly advice.
I think it's very clear stated that with the signup the customers agrees to our TOS linking to it. Anyway there's are actually just a few hosts (very few) out there allowing egg-drop and irc bots and shell accounts.

  #13  
Old 07-15-2001, 01:14 PM
Planet Z Planet Z is offline
Web Hosting Master
 
Join Date: Apr 2001
Location: Boca Raton, FL
Posts: 657
Quote:
Originally posted by microsol
I think it's very clear stated that with the signup the customers agrees to our TOS linking to it.
Perhaps so. But that won't hold any weight legally or with your merchant account provider.

  #14  
Old 07-15-2001, 01:37 PM
microsol microsol is offline
Web Hosting Master
 
Join Date: Jul 2001
Location: /dev/null
Posts: 1,219
That leave still the question how to find out about the real customers. Any serious headhunters willing to find out? Maybe taking screenshots of any single detail to be used as evidence? If you want to help to find out contact me by ICQ (in my details) and i can give you more details to start with.
Thx

PS: I forgot something:
Would you post details on this board? I mean there can be many legal issues involved making things public.

  #15  
Old 07-15-2001, 02:09 PM
Planet Z Planet Z is offline
Web Hosting Master
 
Join Date: Apr 2001
Location: Boca Raton, FL
Posts: 657
Quote:
Originally posted by microsol
Would you post details on this board? I mean there can be many legal issues involved making things public.
No. The customer's information still shouldn't be posted publicly (IMHO), both because of privacy and legal concerns. However, if they've done something illegal (credit card fraud), you should certainly pass the information on to the proper authorities.

Reply

Related posts from TheWhir.com
Title Type Date Posted
TextDrive ‘Lifetime’ Customer Accounts to End This Week Web Hosting News 2014-03-10 13:54:34
China Could Pose Risks for US Cloud Computing Users, Service Providers: Report Web Hosting News 2013-12-17 15:15:34
Web Host 405 Networks Acquires Huevia Web Hosting Web Hosting News 2012-07-30 16:16:02


Thread Tools Search this Thread
Search this Thread:

Advanced Search
Display Modes
Postbit Selector

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off

Forum Jump
Login:
Log in with your username and password
Username:
Password:



Forgot Password?
Advertisement:
Web Hosting News:



 

X

Welcome to WebHostingTalk.com

Create your username to jump into the discussion!

WebHostingTalk.com is the largest, most influentual web hosting community on the Internet. Join us by filling in the form below.


(4 digit year)

Already a member?