Results 1 to 3 of 3
  1. #1
    Join Date
    May 2003

    Posted on a Hacking Forum as Cardable


    I look at all our main hosting website's referrals each day to see where new traffic is coming from, and at what pace. I noticed last night a topic from some foreign forum linking to my website, and it didn't look promising (I'm not a fan of dark colored forums linking to our legitimate hosting company). I couldn't properly translate the forum, so I left it be. Last night we got 6 new hosting sign ups, all of them looking fairly suspicious (third world countries, fake websites, non-registered domains, take your pick).

    I looked at my referral log after this and saw this topic (registration is required, not worth it, you can see the post below) coming up several times. Basically it says:
    Cardable Hosting (Tested By Me)
    All you need is a good credit card with cvv2 and faking IP
    I'm sure this guy jacked the message from that asian forum, but translated it for me. I know we're not cardable because we pre-approve all of our clients, and we don't have a homebrew credit card processor (we use 2checkout, and we also use paypal, but don't accept CC payments through them), but it's pretty frustrating because we're getting more and more signups as the day goes on, and it's getting harder and harder to differentiate legitimate signups (there are some happening) from the fraudulant ones.

    I warned all of the other hosts listed on that page, but I'm just wondering if there's any way to ultimately protect ourselves from these people other then warning them with words like we did in that forum. Even though hosting is a retarded thing to card (chargebacks in a couple days, hosting account terminated, what was the point?), I would like (for the sake of being a reputable business) to not be considered "cardable". If this means halting payments from 2checkout, I'm open to suggestions for other credit card merchants which may have a higher level of security.

    I'm mainly looking for suggestions on how to furthur protect ourselves, and for any other similar stories you may have that have yielded positives results from actions you've taken.

    Last edited by pixd; 03-12-2004 at 11:50 AM.

  2. #2
    Join Date
    Nov 2003
    You are basically doing all you can do, even though 2CO approves the order, call them anyway and verify all that you can, if you still think it may be a fraudulent order, best to deny it than regret it later.
    You can also alert 2CO to the information you have obtained through your logs and with the translated part of the forum. They will not ignore it. Make sure you call them though as their support system is lacking.. I found a call is always handled much better with them.
    And to answer your other question, most spammers are only looking to be hosted a couple days with a fraudulent card, that is all the time they need to get 1000's of spam sent out.
    Freckle Face

  3. #3
    Join Date
    May 2003
    Thanks for the tips. I'll be sure to alert 2checkout of this promptly.

    As for the spamming, I never really looked at it from that perspective, and that's a lot more worrisome then them just dumping a couple files and sharing them with the time they have on the server.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts