Results 1 to 19 of 19
  1. #1

    Someone running credit card fraud through me?

    I've received about 10 orders over the last 2 days bearing the same characteristics.

    90% of my orders are paypal, yet every one of these orders is with credit card.

    They all appear to be for Vietnamese domains, yet use very American names and addresses.

    1/2 of the credit card charge attempts are declined, but they'll try another (with an entirely different name) until it works. These charges range from $30 to $400 (they keep ordering biannually, which is a huge flag).

    Every single one has included a domain transfer (something I am not prepared to start until I can verify the legitimacy).

    $600 has already been deposited from the CC merchant to the bank, with another $1200 coming today. I'm thinking this has to be stolen credit cards.

    What's weird is they are actually loading legitimate looking websites, like one is starting a Vietnamese forum. Another opened a support ticket for help with a php script (not an exploit script). I find this very odd for scammers.

    Anyone know what my best course of action should be?
    Sean Shepard
    http://www.Ethoshosting.com - Socially Responsible Web Hosting

  2. #2
    Join Date
    Jan 2005
    Location
    In your server
    Posts
    2,945
    sounds a little odd to me, however i did have a client sign up that i was convinced was fraudulent until i saw their site and realised what they were doing, some SEO practitioners are signing their clients sites to different hosts worldwide.

    Hoever in your case it does sound a little like fraud if they keep trying different names and cards until the payment works, I would be wary of this and maybe alert your CC merchant
    If you need help about anything to do with WHT, check out the Helpdesk

  3. #3
    Join Date
    Apr 2009
    Location
    Dallas/FortWorth TX
    Posts
    1,703
    Sounds Fraud to me too

  4. #4
    Join Date
    Oct 2002
    Location
    /roof/ledge
    Posts
    28,088
    Quote Originally Posted by Ethoshostingcom View Post
    1/2 of the credit card charge attempts are declined, but they'll try another (with an entirely different name) until it works.
    And this doesn't set off any alarms for you? If someone is ordering and the card fails for whatever reason, they don't then use a card with another name if they are legitimate.
    This smacks of fraud, and you need to decline these outright. Don't let "hey it's a sale" cloud your judgment.
    Your one stop shop for decentralization

  5. #5
    Join Date
    Apr 2009
    Location
    Toronto
    Posts
    418
    Quote Originally Posted by bear View Post
    And this doesn't set off any alarms for you?
    Haha, that's pretty funny.

    Perhaps the OP is just hoping it is legit, but deep-down, knows it isn't.

    Would be great if one kept getting people signing up left-right and center..


    Lawrence
    Tired of Hosting? Let Us Buy You Out!

    BUYOUT HOSTING - Where Buyers and Sellers meet!

  6. #6
    Join Date
    Feb 2001
    Location
    West Michigan, USA
    Posts
    9,687
    The problem is that you've already set up one of these fraudulent orders. Now, you're going to have a huge influx of these - since they've successfully scammed you once.

    Good luck and be careful!

    --Tina
    ||| 99.999% Uptime SLA!!!
    Plenty of space and bandwidth to fit your needs!
    www.AEIandYou.com - - (WP Friendly - Premium Reseller Hosting and Cheap Dedicated Servers)

  7. #7
    Join Date
    Feb 2002
    Location
    New York, NY
    Posts
    4,618
    Quote Originally Posted by Ethoshostingcom View Post
    $600 has already been deposited from the CC merchant to the bank, with another $1200 coming today. I'm thinking this has to be stolen credit cards.
    Those transactions never should have been approved. Now when all the chargebacks come in, not only will they take the money back, but you'll probably get stuck with large chargeback processing fees.

    If you want to protect yourself, it would be best to do the authorization and capture separately. If you don't do the capture, the charge never hits the card.
    Scott Burns, President
    BQ Internet Corporation
    Remote Rsync and FTP backup solutions
    *** http://www.bqbackup.com/ ***

  8. #8
    Quote Originally Posted by bear View Post
    And this doesn't set off any alarms for you? If someone is ordering and the card fails for whatever reason, they don't then use a card with another name if they are legitimate.
    This smacks of fraud, and you need to decline these outright. Don't let "hey it's a sale" cloud your judgment.
    What's truly funny is you read my entire post yet still had to ask if any alarms were set off.

    The whole point of the thread is that all kinds of alarms were set off... just look at the dang thread title.
    Sean Shepard
    http://www.Ethoshosting.com - Socially Responsible Web Hosting

  9. #9
    Join Date
    Jun 2005
    Posts
    531
    Fraud fraud fraud.

    We found fraud from Vietnam to be so bad that it's on our list of automatic declines, along with Indonesia, Egypt, Tunisia, Nicaragua, and the Palistine Territory. Any attempted charge from any IP allocated to one of those countries gets a "Sorry, your card was declined" message. We don't even try to run the card.

  10. #10
    Join Date
    Feb 2006
    Location
    San Francisco, California
    Posts
    469
    Don't use the money it will all be taken back by the bank.

    Maybe they're trying to transfer these legit sites just to make it look more legit to you. You could always just deny transactions from all those "shady" countries, probably pretty much eliminate your fraud charges.
    Larry Bly
    Sandbox IT Solutions, LLC.
    www.SandboxITSolutions.com
    Dedicated Servers - Web Hosting - Consulting Services

  11. #11
    Quote Originally Posted by larry2148 View Post
    Don't use the money it will all be taken back by the bank.

    Maybe they're trying to transfer these legit sites just to make it look more legit to you. You could always just deny transactions from all those "shady" countries, probably pretty much eliminate your fraud charges.
    No one would have caught these automatically as being from another country. US ip addresses, US addresses, US credit cards. I know they are Vietnamese by the language they speak (the domains).

    I'll call my CC merchant tomorrow.
    Sean Shepard
    http://www.Ethoshosting.com - Socially Responsible Web Hosting

  12. #12
    Join Date
    Oct 2002
    Location
    /roof/ledge
    Posts
    28,088
    Quote Originally Posted by Ethoshostingcom View Post
    What's truly funny is you read my entire post yet still had to ask if any alarms were set off.
    You accepted and provisioned the orders/accounts, then asked if it was the right thing to do. That was my point.
    Your one stop shop for decentralization

  13. #13
    Quote Originally Posted by bear View Post
    You accepted and provisioned the orders/accounts, then asked if it was the right thing to do. That was my point.
    Your point is way off. I asked for the best way to rectify the situation considering the circumstances, not if I can keep stolen money. I never asked "if it was the right thing to do," I asked WHAT is the right thing to do.

    I never asked if using stolen credit cards as legitimate business was the right thing to do... that's stupid. If I didn't correct this I could be looking at around $700 in chargeback fees.

    I would provision them in any case (since it's done automatically on payment) and then investigate.

    I've already been in contact with Bluepay/Visa/Mastercard and the situation will be resolved by tomorrow.

    I'm not going to automatically cancel anything that's suspicious as some may be legitimate. I'll give it a little time to investigate and there is little harm they can do to the server in the meantime.
    Sean Shepard
    http://www.Ethoshosting.com - Socially Responsible Web Hosting

  14. #14
    Join Date
    Apr 2009
    Location
    Toronto
    Posts
    418
    Quote Originally Posted by Domainitor View Post
    Fraud fraud fraud.

    We found fraud from Vietnam to be so bad that it's on our list of automatic declines, along with Indonesia, Egypt, Tunisia, Nicaragua, and the Palistine Territory. Any attempted charge from any IP allocated to one of those countries gets a "Sorry, your card was declined" message. We don't even try to run the card.
    Couldn't they go through a proxy?

    Then again, i'm sure they could do a lot of things to circumvent the anti-fraud detection but it's easier to look for a provider that's not as keen.


    Lawrence
    Tired of Hosting? Let Us Buy You Out!

    BUYOUT HOSTING - Where Buyers and Sellers meet!

  15. #15
    Join Date
    Oct 2002
    Location
    /roof/ledge
    Posts
    28,088
    Quote Originally Posted by Ethoshostingcom View Post
    I would provision them in any case (since it's done automatically on payment) and then investigate.
    If not using some form of verification, automatic provisioning is a mistake. Something like Maxmind probably would have flagged these.
    there is little harm they can do to the server in the meantime.
    Do you really believe that?
    Your one stop shop for decentralization

  16. #16
    Join Date
    May 2006
    Location
    The Kingdom of LLAMEDOS
    Posts
    2,881
    Quote Originally Posted by Ethoshostingcom View Post

    I'm not going to automatically cancel anything that's suspicious as some may be legitimate.
    I would humbly suggest,
    you might like to 'start' from the reverse viewpoint,
    ie. 'I'm going to automaticaly cancel anything that's suspicious, as some will be non ligitimate'.
    With that starting place, your business is much less at risk,
    I mean no ligit purchaser will sue you for not accepting them,
    but boy there are just soo many risks if you 'accidently' accept a fraudster.
    _____________________________________________________________
    - There are many types of Marmalade -

  17. #17
    Join Date
    May 2006
    Location
    The Kingdom of LLAMEDOS
    Posts
    2,881
    Quote Originally Posted by bear View Post
    Do you really believe that?
    I guess it's a Free World, the OP can believe anything he wants to, at least thats what the invisible pink unicorn told me
    _____________________________________________________________
    - There are many types of Marmalade -

  18. #18
    Join Date
    Apr 2009
    Location
    Toronto
    Posts
    418
    Quote Originally Posted by Brian-de-vie View Post
    I would humbly suggest,
    you might like to 'start' from the reverse viewpoint,
    ie. 'I'm going to automaticaly cancel anything that's suspicious, as some will be non ligitimate'.
    With that starting place, your business is much less at risk,
    I mean no ligit purchaser will sue you for not accepting them,
    but boy there are just soo many risks if you 'accidently' accept a fraudster.
    Well, if it's a host starting out, they might have the "new business" mentality, which is "if i can accept money for it.. i'm going to do it!"

    This is a problem for growth, but is an attitude for a new start-up.


    Lawrence
    Tired of Hosting? Let Us Buy You Out!

    BUYOUT HOSTING - Where Buyers and Sellers meet!

  19. #19
    Join Date
    Jul 2003
    Location
    Waterloo, Ontario
    Posts
    1,132
    I've been dealing with quite a bit of fraud lately as well. I'm increasing my alert levels to the highest possible and calling every order to verify that they are the right person that made the order.

    Lately I have had people use the actual phone numbers of the people (reverse lookup) and it got the best of me. I would suggest doing the same thing and just call to verify every order, no matter how small it is.
    Right Servers Inc. - Fully Managed VPS and Fully Managed Bare Metal Servers in US & Canada. We want to empower entrepreneurs to grow their business, not their IT headaches. Managed is better.
    High Availability | SSD | DirectAdmin & Softaculous | Daily Backups |Firewall & Security |30 Day Money Back Guarantee

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •