hosted by liquidweb


Go Back   Web Hosting Talk : Web Hosting Main Forums : Running a Web Hosting Business : regarding credit card fraud
Reply

Forum Jump

regarding credit card fraud

Reply Post New Thread In Running a Web Hosting Business Subscription
 
Send news tip View All Posts Thread Tools Search this Thread Display Modes
  #1  
Old 08-25-2000, 12:27 AM
akashik akashik is offline
ex-Aussie
 
Join Date: Aug 2000
Location: Tacoma, Washington
Posts: 9,576
Question

I haven't seem this addressed yet so excuse me starting a thread if I missed it...

I was wondering about the rate of fraud people suffer when they resell etc, and the consequences to the reseller when this happens. Is it something that's a day to day occurence, or once a month, or almost never. Is it a good idea to have a IP logging script on the signup page with the old "credit card fraud is a crime and you've been logged" followed by their IP address. It's one reason I was looking at something like Instabill as they seem to be fairly self-protecting, having the 'impending' status for accounts. (at least till the number is verified) I suppose it would be wise to watch where you advertise too. (ie. a banner at a warez site might not be a very good idea)

Understandably it's not something people are happy talking about, so I'm not looking for examples - just general opinions etc. I'd rather walk into this with my eyes wide open to the facts of it all than suddenly check my accounts one day to find a 60% chargeback rate.

Generally I find most people to be honest and worthy of trust and the fact online auctions even work at all lends credibility to general human nature. The amount of times people have surrendered passwords and account details to me to upload sites to their server shows there's a general sense of goodwill to most people online. I guess I just want to know about the 'bad people' and how much food they will be taking from my daughter's mouth

Reply With Quote


Sponsored Links
  #2  
Old 08-25-2000, 11:56 PM
angela angela is offline
Junior Guru Wannabe
 
Join Date: Aug 2000
Location: Christiansburg, VA, US
Posts: 54
Post

Unfortunately credit card fraud does occur. I would not say that it occurs frequently but probably about once a month we have a problem. There is also the problem with people who "disappear" when they still owe you money. Most frauds can be caught in time if you pay attention to the information that the client is providing. There is usually something that does not seem right.

------------------
Angela
Charity Webspace (division of WebAuthorities)
http://www.charitywebspace.com

Reply With Quote
  #3  
Old 08-26-2000, 10:49 AM
jtan15 jtan15 is offline
Aspiring Evangelist
 
Join Date: Jul 2000
Posts: 382
Post

akashik,

I have a suggestion for you. It helps crack down a large number of fake orders. It will take some time, but it is worth it.

On your order form, make sure to collect the user's browser's information and IP address. The first thing that you want to do is search in your web site's access logs to see if they browsed around your web site. Most fake orders will go directly to your order form and order. If you see that they went to several of your web pages, it is a better sign.

Next, you want to get to a unix shell. Type "traceroute IPADDRESS". This should give you a good idea of where the user is coming from. Try to depict what the user's host is. Go to that host's web site. See how good of a host it is. E.g. if it is a free host, that's more of a bad sign.

Next, you'd want to go to www.internic.net and do a WHOIS on the domain name that they want. It will show which whois server to use. Go to that web page and run another WHOIS. If the owner information is the same as the one who sent in the order, that's a good sign. If it's not, that's a bad sign.

Finally, here is the most important part. It will take a good 5-10 minutes of your time, but it is well worth it. Give the person who ordered the account a call. Just talk to them. Say "Hi, I'm just double checking your order with us, etc". See, when your credit card billing company checks the credit card with AVS, it has to match the address and phone number. Sometimes people will fill in a fake order with the phone number of a person who's credit card they stole, hoping you won't call. Sometimes, the person who you are on the phone with will wonder who the hell you are. Then I would suggest you read of a few of the digits on the credit card. If they are correct, say someone submitted an order with their credit card and you are now denying it.

One more resource you can use is www.anywho.com. Look up the person, and see if they are listed in the phone book. That's usually a plus.

And one more thing. If you DO get a fake order, go to that user's ISP and send a letter to their abuse department. Tell them that this IP address submitted this order at this time. If you can get their account disabled, that most likely will be the last time they'll mess with you.

Hope this helps.

------------------
Vincent Paglione
vince@jtan.com

Reply With Quote
Sponsored Links
  #4  
Old 08-28-2002, 10:57 AM
ARULKS ARULKS is offline
Disabled
 
Join Date: Aug 2002
Posts: 14
Vincent,
Good thought. I am wondering how to completely automate this process to save time and effort. Are there any tools/script available in the market or in this forum? Another thoguht worth considering is to bring the WHT community together to develop a open source script to protect ourselves from these fraudent buyers? United We Stand.

Reply With Quote
  #5  
Old 08-28-2002, 11:10 AM
the elf the elf is offline
Disabled
 
Join Date: Jun 2002
Location: North Pole
Posts: 115
If you people want to cut down on credit card fraud, don't force your customers to "submit" a credit card number before they have to order (or before they get the hosting). I would rather have a prick signup for hosting, then leave rather then have that same prick submit a fake/stolen credit number and have a charge back as a result. Make paying by credit card an option. Most of my customers have the option to pay by credit card. If you have a good billing system, yes, it will work. If you have too many customers to deal with then your not making enough to pay the staff to deal with them i.e. charge more.

Just think of it this way, if they want to scam you, let em. But... Let them scam you WITHOUT using fake credit card numbers. It will just cost you more in the long run if you force them to submit a credit card number. As one host a while ago found out when there merchant account was closed (due to charge backs).

Reply With Quote
  #6  
Old 08-28-2002, 12:13 PM
zoli zoli is offline
Web Hosting Master
 
Join Date: Jun 2002
Posts: 1,056
Wow, great thoughts Vincent.

__________________
Founder of TradeHolding.com B2B Network and OneLoveNet.com Singles & Dating
>> Business Blog
>> Business Links Directory

Reply With Quote
  #7  
Old 08-28-2002, 12:25 PM
Martie Martie is offline
Texas Female
 
Join Date: Mar 2000
Location: San Antonio, Texas
Posts: 3,689
2 year old post

__________________
HostCaters.com - Quality Web Hosting - Under A Gig! - Since 1999

Reply With Quote
  #8  
Old 08-28-2002, 12:26 PM
Lurleene Lurleene is offline
Web Hosting Guru
 
Join Date: Sep 2001
Posts: 305
elf ----- huh?

Scams are going to be by credit card numbers. So even if you offer other forms of payment (we do) the scammers don't care. They have credit cards, baby!

You can avoid chargebacks by following the few simple steps outlined by Mr. Paglione.

I just wanted to add that if you get a fraud order, not only should you report them to the ISP but also the issuing bank (assuming you caught the fraudulent card before processing it). Call 1-800-228-1122 to find out the bank of a MasterCard/Visa card if you don't already know if, then call them and connect with their Code 10 line. If it's an American Express or Discover you call them directly, I don't have their number here but if you're a merchant of theirs I'm sure you have it.

Reply With Quote
  #9  
Old 08-28-2002, 12:27 PM
Lurleene Lurleene is offline
Web Hosting Guru
 
Join Date: Sep 2001
Posts: 305
Quote:
2 year old post
Argh!

And I even did a passing glance at the dates. Hate that...

Reply With Quote
  #10  
Old 08-28-2002, 12:43 PM
the elf the elf is offline
Disabled
 
Join Date: Jun 2002
Location: North Pole
Posts: 115
Quote:
Originally posted by Lurleene
elf ----- huh?

Scams are going to be by credit card numbers. So even if you offer other forms of payment (we do) the scammers don't care. They have credit cards, baby!

You can avoid chargebacks by following the few simple steps outlined by Mr. Paglione.

I just wanted to add that if you get a fraud order, not only should you report them to the ISP but also the issuing bank (assuming you caught the fraudulent card before processing it). Call 1-800-228-1122 to find out the bank of a MasterCard/Visa card if you don't already know if, then call them and connect with their Code 10 line. If it's an American Express or Discover you call them directly, I don't have their number here but if you're a merchant of theirs I'm sure you have it.
I've had a few people signup just to upload CGI scripts (scripts that act like telnet), however, until they pay or confirm the account, CGI & PHP are disabled. Since I don't force customers to submit credit card numbers, I avoided a charge back by them using a fake/stolen or using a real credit card then charging it back.

Another point I tried to make was don't force the customer to pay before you setup the account. Some hosts take a while, the customer goes to another provider thus you get a charge back.

Reporting them to their ISP (if they are from Asian) won't do anything as we call know all the above they allow.

Reply With Quote
Reply

Related posts from TheWhir.com
Title Type Date Posted
Irish Ecommerce Security Startup Trustev Raises $3 Million Web Hosting News 2013-10-30 13:18:18
SiteLock, WebsiteAlive, SecureBuy Launch Chat and Credit Card Processing Solution Web Hosting News 2013-08-27 15:11:32
Five Men from Russia, Ukraine Accused of Massive US Hack Web Hosting News 2013-07-25 14:44:22
ITX Design Launches Service to Help Simplify PCI DSS Compliance Web Hosting News 2013-01-02 10:59:36
USC Alerts 34,000 Individuals Potentially Affected by Security Breach Web Hosting News 2012-08-22 15:07:23


Thread Tools Search this Thread
Search this Thread:

Advanced Search
Display Modes
Postbit Selector

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off

Forum Jump
Login:
Log in with your username and password
Username:
Password:



Forgot Password?
Advertisement:
Web Hosting News:



 

X

Welcome to WebHostingTalk.com

Create your username to jump into the discussion!

WebHostingTalk.com is the largest, most influentual web hosting community on the Internet. Join us by filling in the form below.


(4 digit year)

Already a member?