Results 1 to 19 of 19
-
06-16-2009, 11:50 AM #1WHT Addict
- Join Date
- Apr 2009
- Posts
- 165
Someone running credit card fraud through me?
I've received about 10 orders over the last 2 days bearing the same characteristics.
90% of my orders are paypal, yet every one of these orders is with credit card.
They all appear to be for Vietnamese domains, yet use very American names and addresses.
1/2 of the credit card charge attempts are declined, but they'll try another (with an entirely different name) until it works. These charges range from $30 to $400 (they keep ordering biannually, which is a huge flag).
Every single one has included a domain transfer (something I am not prepared to start until I can verify the legitimacy).
$600 has already been deposited from the CC merchant to the bank, with another $1200 coming today. I'm thinking this has to be stolen credit cards.
What's weird is they are actually loading legitimate looking websites, like one is starting a Vietnamese forum. Another opened a support ticket for help with a php script (not an exploit script). I find this very odd for scammers.
Anyone know what my best course of action should be?Sean Shepard
http://www.Ethoshosting.com - Socially Responsible Web Hosting
-
06-16-2009, 12:39 PM #2Retired Moderator
- Join Date
- Jan 2005
- Location
- In your server
- Posts
- 2,945
sounds a little odd to me, however i did have a client sign up that i was convinced was fraudulent until i saw their site and realised what they were doing, some SEO practitioners are signing their clients sites to different hosts worldwide.
Hoever in your case it does sound a little like fraud if they keep trying different names and cards until the payment works, I would be wary of this and maybe alert your CC merchantIf you need help about anything to do with WHT, check out the Helpdesk
-
06-16-2009, 05:40 PM #3Web Hosting Master
- Join Date
- Apr 2009
- Location
- Dallas/FortWorth TX
- Posts
- 1,703
Sounds Fraud to me too
-
06-16-2009, 05:46 PM #4
And this doesn't set off any alarms for you? If someone is ordering and the card fails for whatever reason, they don't then use a card with another name if they are legitimate.
This smacks of fraud, and you need to decline these outright. Don't let "hey it's a sale" cloud your judgment.Your one stop shop for decentralization
-
06-16-2009, 06:27 PM #5Aspiring Evangelist
- Join Date
- Apr 2009
- Location
- Toronto
- Posts
- 418
-
06-16-2009, 06:53 PM #6Invented the Internet
- Join Date
- Feb 2001
- Location
- West Michigan, USA
- Posts
- 9,687
The problem is that you've already set up one of these fraudulent orders. Now, you're going to have a huge influx of these - since they've successfully scammed you once.
Good luck and be careful!
--Tina||| 99.999% Uptime SLA!!!
Plenty of space and bandwidth to fit your needs!
www.AEIandYou.com - - (WP Friendly - Premium Reseller Hosting and Cheap Dedicated Servers)
-
06-16-2009, 10:42 PM #7Backup Guru
- Join Date
- Feb 2002
- Location
- New York, NY
- Posts
- 4,618
Those transactions never should have been approved. Now when all the chargebacks come in, not only will they take the money back, but you'll probably get stuck with large chargeback processing fees.
If you want to protect yourself, it would be best to do the authorization and capture separately. If you don't do the capture, the charge never hits the card.Scott Burns, President
BQ Internet Corporation
Remote Rsync and FTP backup solutions
*** http://www.bqbackup.com/ ***
-
06-16-2009, 11:43 PM #8WHT Addict
- Join Date
- Apr 2009
- Posts
- 165
Sean Shepard
http://www.Ethoshosting.com - Socially Responsible Web Hosting
-
06-17-2009, 01:16 AM #9Web Hosting Evangelist
- Join Date
- Jun 2005
- Posts
- 531
Fraud fraud fraud.
We found fraud from Vietnam to be so bad that it's on our list of automatic declines, along with Indonesia, Egypt, Tunisia, Nicaragua, and the Palistine Territory. Any attempted charge from any IP allocated to one of those countries gets a "Sorry, your card was declined" message. We don't even try to run the card.
-
06-17-2009, 01:42 AM #10Web Hosting Evangelist
- Join Date
- Feb 2006
- Location
- San Francisco, California
- Posts
- 469
Don't use the money it will all be taken back by the bank.
Maybe they're trying to transfer these legit sites just to make it look more legit to you. You could always just deny transactions from all those "shady" countries, probably pretty much eliminate your fraud charges.█ Larry Bly
█ Sandbox IT Solutions, LLC.
█ www.SandboxITSolutions.com
█ Dedicated Servers - Web Hosting - Consulting Services
-
06-17-2009, 01:50 AM #11WHT Addict
- Join Date
- Apr 2009
- Posts
- 165
Sean Shepard
http://www.Ethoshosting.com - Socially Responsible Web Hosting
-
06-17-2009, 06:59 AM #12
-
06-17-2009, 10:02 AM #13WHT Addict
- Join Date
- Apr 2009
- Posts
- 165
Your point is way off. I asked for the best way to rectify the situation considering the circumstances, not if I can keep stolen money. I never asked "if it was the right thing to do," I asked WHAT is the right thing to do.
I never asked if using stolen credit cards as legitimate business was the right thing to do... that's stupid. If I didn't correct this I could be looking at around $700 in chargeback fees.
I would provision them in any case (since it's done automatically on payment) and then investigate.
I've already been in contact with Bluepay/Visa/Mastercard and the situation will be resolved by tomorrow.
I'm not going to automatically cancel anything that's suspicious as some may be legitimate. I'll give it a little time to investigate and there is little harm they can do to the server in the meantime.Sean Shepard
http://www.Ethoshosting.com - Socially Responsible Web Hosting
-
06-17-2009, 10:11 AM #14Aspiring Evangelist
- Join Date
- Apr 2009
- Location
- Toronto
- Posts
- 418
-
06-17-2009, 10:42 AM #15Your one stop shop for decentralization
-
06-17-2009, 12:12 PM #16Brian King of LLAMEDOS
- Join Date
- May 2006
- Location
- The Kingdom of LLAMEDOS
- Posts
- 2,881
I would humbly suggest,
you might like to 'start' from the reverse viewpoint,
ie. 'I'm going to automaticaly cancel anything that's suspicious, as some will be non ligitimate'.
With that starting place, your business is much less at risk,
I mean no ligit purchaser will sue you for not accepting them,
but boy there are just soo many risks if you 'accidently' accept a fraudster._____________________________________________________________
- There are many types of Marmalade -
-
06-17-2009, 12:15 PM #17Brian King of LLAMEDOS
- Join Date
- May 2006
- Location
- The Kingdom of LLAMEDOS
- Posts
- 2,881
-
06-17-2009, 12:32 PM #18Aspiring Evangelist
- Join Date
- Apr 2009
- Location
- Toronto
- Posts
- 418
-
06-22-2009, 07:37 PM #19Premium Member
- Join Date
- Jul 2003
- Location
- Waterloo, Ontario
- Posts
- 1,132
I've been dealing with quite a bit of fraud lately as well. I'm increasing my alert levels to the highest possible and calling every order to verify that they are the right person that made the order.
Lately I have had people use the actual phone numbers of the people (reverse lookup) and it got the best of me. I would suggest doing the same thing and just call to verify every order, no matter how small it is.Right Servers Inc. - Fully Managed VPS and Fully Managed Bare Metal Servers in US & Canada. We want to empower entrepreneurs to grow their business, not their IT headaches. Managed is better.
High Availability | SSD | DirectAdmin & Softaculous | Daily Backups |Firewall & Security |30 Day Money Back Guarantee