Page 1 of 2 12 LastLast
Results 1 to 25 of 34
  1. #1
    Join Date
    Mar 2001
    Posts
    163

    Credit Card Fraud 101

    I just spent 45 minutes composing this email to one of our resellers on what credit card fraud is all about, and I thought I would share it with you guys, for whatever it's worth...

    ---------------------------------------------------------------------------------

    Re:Fraud

    You do not have to tell them anything. They are criminals.

    You are lucky the card was declined.

    Guess it's time for a crash course in Credit Card Fraud 101.....

    Credit card fraud runs rampant in the hosting industry. For most hacker-frauds, it is a "fun" thing to do. In short, they do it because they can. They don't get long term "free" hosting and hosting companies always catch up with them, one way or another. The fraudulent accounts are terminated. Somehow, this is "fun" for them, but it costs hosting companies untold time and money.

    Stolen credit cards are used all over the internet. They are stolen and used immediately, so the owner of the credit card has no idea that anything is wrong until much later. If the correct credit card #, cardholder name, and expiration date are used on your order form, and no fraud checks are performed, nobody figures it out until the cardholder gets their monthly statement and starts screaming.

    In this case, the cardholder will inevitably file a chargeback request against your company. The funds that you received for the order will automatically be taken out of your business account, and your company will be hit with a processing charge by your merchant account processor. Your risk factor will also increase with your merchant account processor. If your risk factor gets high enough, your merchant account processor says bye-bye to you.

    Here are our Anti-Fraud guidelines:

    - Any order from overseas is immediately suspect. Especially orders from Malaysia. Malaysian orders are automatically rejected by us. Period.
    - Always check that the name on the order matches the name on the credit card.
    - Always check that the billing address on the order form matches the credit card billing address.
    - If the order is for more than 1 months service, it is immediately suspect. Hacker-frauds will usually pick the most expensive plans and sign up for the longest period, i.e., one year.
    - Orders for domain registrations over 1 year are immediately suspect. Again, they sign up for the maximum term.
    - Is the phone number on the order legit? i.e., if the order is from the USA, is it a USA phone number, not international.
    - Does the area code of the phone number from the order form match the city listed in the order form? Use reverse phone # lookup.
    - If the account is a domain transfer, do a whois on the domain. How does that look? Real addresses and phone numbers?
    - Are the email addresses on the order legit? i.e., not @yahoo.com or @hotmail.com or @hushmail.com?
    - Is the email address on the account legit? If it is snert@snert.com, go to snert.com, see what it is. Does it even exist?
    Use a reverse email address lookup, see if the email address is real.
    - Is the address on the order form legit? Go to mapquest.com and look it up.
    - If you suspect fraud, email them. Ask for more info and confirmation that the order was placed by them.
    - Lastly, if you are even the least bit suspicious, call the phone # on the order. Ask them if they placed the order. Ask them to repeat the credit card number, expiration date, and exact name on the card back to you. Ask them for the 3 digit number on the back of the card at the end of the signing line. This is the definitive way to assure that they have the card in their possesion and are not using stolen imprints.

    Once you do all these things, you will either be confident in the order, or suspicious. In some ways, it's more instinct than anything. But rest assured; If it smells bad, It is Bad.

  2. #2
    Join Date
    Jun 2001
    Location
    Southern California
    Posts
    259

    Thanks

    Thanks for the info. Im sure It'll be useful to me and other webhosts.

    -Kyle
    -Kyle Reilly
    http://www.kylecool.com - My Website
    http://kylereilly.com -KyleReilly.COM :: MY WEBSITE

  3. #3
    Join Date
    Mar 2001
    Posts
    163
    Kyle, thanks.

    I just hate to see anyone go through what we went through. We had a rash of Malaysian fraud attacks back in June that we are still getting chargebacks for.

    Thanks!

  4. #4
    Join Date
    May 2001
    Location
    Tokyo, Japan
    Posts
    94
    I think the msg by Coran is very exhaustive and detailed... but I personally think that the generalisation that Malaysians are frauds is rather discriminating...

    I'm speaking as a Malaysian... and I know there's quite a number of Malaysians in this forum. I can clearly understand the situation that you're in, but it's not that credit card frauds don't come from any other countries.

    I'm not trying to invite flames or what... but just would appreciate if you could post in a better tone about that. Just because you had tons of frauds from Malaysia, that doesn't mean you should get the whole world to shut its door from genuine Malaysians doing business here and on the web.

    Ask around in the forum, there's quite a number of hosts who are happily serving Malaysian clients.

  5. #5
    Join Date
    Jan 2001
    Location
    Los Angeles
    Posts
    209
    Ahh.. Coran.. Very educational but a little too late for me. =)

    This past weekend, we just got hit by a fraudulent order worth ($397.02). This person ordered our most expensive hosting plan and paid annually including a domain registration. The contact info and billing info matches the name on the card and everything. So I confirmed the order and processed the card. However, while doing a routine check of our logs I noticed this person acted very suspicious and wasn't rational for someone looking for hosting especially with the package he ordered. He went straight to the order page and never bothered looking at other plans. Tracing his ip, discovered that he was from a university in Indonesia.. By that time, the order was already batched so I couldn't void it.. The following monday, I decided to call up the owner of the card (in Mass.) and inform her of this order also hoping she hired an Indonesian web developer to setup her site. Unfortunately the phone number on the order was also fake. With the help of technology ( hehe ), I found her number and called her. She then thanked me for letting her know and she later called me back and told me that the person who illegitimately used her card also purchased a bunch of stuff over the weekend. Eventhough I lost a few dollars ($10 for the domain and transaction charges on the credit card) and I'm happy that I helped someone out. I guess I learned to double check everything before I let my batch get processed.

  6. #6
    Join Date
    Jun 2000
    Location
    Southern California
    Posts
    12,136
    I'll add one more that wasn't listed...

    IP check. Just for the heck of it, you can attempt to match the IP with the address given. I'd flag an order with a U.S. based address that was submitted from an IP address elsewhere.
    HostHideout.com - Where professionals discuss web hosting.

    • Chicken

  7. #7
    Join Date
    Sep 2000
    Posts
    34
    You know what's funny about this whole issue is how some of the banks could seemingly care less if their customers card numbers have been stolen or not.

    While double checking a couple of fraudulant orders several months ago I found that the phone numbers and addresses where fakes. Obvious fraudulant orders using stolen credit card numbers. I called my merchant account provider who said the cards were not reported stolen but that I should call the card issuing banks. At this point all I wanted to do was to alert them so that they could tell their customers to cancel the cards or at least let them know to watch for fraudulant transactions on those cards. After getting run around for about an hour, one bank thanked me and said they would alert the customer. The other, I think it was Citibank, said that it was against their policy to tell their customer about the kind of fraudulant activity I described to them claiming it was a privacy issue. I told them I didn't want any info on the customer I just wanted them to call the customer and ask him if he was aware of the charges. Nope, wouldn't do it. I'm sure that customer was pleased to see his statement the next month.

    I guess that some banks don't care if there is fraud as long as they can do a chargeback and screw the merchant. Spend the extra couple of minutes it takes to background your online credit card orders. It can save you charge back fees and quite possibly your merchant account.

  8. #8
    Join Date
    Jun 2000
    Location
    Southern California
    Posts
    12,136
    Had a similar experience while confirming an order, but this was to the individual. The order looked odd, so we called the phone number listed either on the signup form, or the domain (can't recall), about the questionable transaction, asking them to call back (the person was out).

    Next day, left another message, "This card was used for blah blah..."

    No call back.

    I'd think you'd want to find out some info about this if it was used without your permission, or confirm the order, but this person never contacted us, despite numerous attempts, so ohhh well...
    HostHideout.com - Where professionals discuss web hosting.

    • Chicken

  9. #9
    Join Date
    Mar 2001
    Posts
    163
    Auyongtc,

    Just to clarify, we are not discriminating against Malaysians. We just happened to get a bunch of fraudulent orders that said they were from Malaysia. The addresses, phone numbers etc. were all bogus, so who knows is they were really from Malaysia. I have my doubts, actually. Maybe they used Malaysia in the drop down list on our order form because they liked the sound of it. Maybe they were from the USA. Bottom line is, we had no idea where they were from because every peice of information on the orders was fake. I have absolutely nothing against Malaysians. I am going to retract my statement that we blindly reject orders from Malaysia, but we certainly scrutinize them very thoroughly and have found that with us anyway, most are fraud. Sorry if I offended you.

  10. #10
    Join Date
    Mar 2001
    Posts
    163
    AP and Chicken,

    I would have to agree. The banks that we have dealt with really don't seem to care about credit card fraud. You would think that at least the cardholders would care, but it seems that many of them know that if they request a chargeback, they will get it.

    The thing that blows my mind is how brazen some of these people are. We had one that was absolutely fraudulent that slipped through somehow. Got the chargeback. Checked their account. They had a fully functional e-commerce site running on the stolen credit card. We repeatedly tried to contact them via email (probably bogus) and by phone (bogus), to no avail. Suspended their account. Nothing. No contact. Unbelievable.

  11. #11
    After reading your writing
    i want to share my experience about a fraud

    six month ago i get ver very good offer from hosthem.net(they are scam) they asked for my credit card and other info but there is a strange thing hey want these to faxed them. As a people living in Turkey it was very difficult for me but at the end i do it.
    after waiting one week i get no response and and a week after i learned they gone.

    i forget them and made agreement with an other company
    after 4 months i get my crdit statement and see somebody spend 1000$ in infrastructure.com

    i called them they understand me and charge my money back
    but what i want to explain

    1-)you said alot of way for a host to find customer is cheater but what we(customer) can do a host is scam or not
    2-)you said there s a chargeback fee i am sure i paid more for telephone and renewing my new card

    what i wanna say i think visa mastercard or other card firms

    must have a firm that handles all credit card process in world and they must have offices in all over world and every time somebody makes and purchase over 50$ 100$(i am ont sure) they call and ask"have you made this purchase"

    yes it may be cost to much to settle it for them but they alredy have offices all over the world and i think it is the best until we pay our fees by our retinas rather than credit cards

  12. #12
    Thanks Coran for the crash lesson in Fraud,
    This morning we got a pretty interesting signup.

    IP traced to US
    Credit card address in Vanuatu
    email for client is in Indonesia
    Chose the most expensive plan for 1 year.

    I checked the domain name he requested to be associated to the account and found out it was registered to a totally different person and different address. Also, by typing http://clientdomain.com
    , I got "domain disabled, contact customer support" message.

    So, I emailed the client and asked to confirm the domain and to my surprise (not really), he emails back with totally different domain name which is registered for a third person in Indonesia.


    what a nice way to start the day.....
    CW3 Web Hosting - Merchant Accounts-Private Label Reseller Plans
    http://cw3host.com and http://home.cyberweb3.net

  13. #13
    Join Date
    Nov 2000
    Location
    Dundee, UK
    Posts
    1,366
    Joana, i got exactly the same this morning. Credit card address in Vanuatu and ordered the largest plan for a year.

  14. #14
    SplashHost, is it Mencul ?
    Last edited by Joana; 10-15-2001 at 12:22 PM.
    CW3 Web Hosting - Merchant Accounts-Private Label Reseller Plans
    http://cw3host.com and http://home.cyberweb3.net

  15. #15
    Join Date
    Mar 2001
    Posts
    163
    The dead giveaway is that, at least for us, they always order the most expensive package for a year. Our most expensive plan (that we advertise is $99.95/month), so those fraudelent orders are over $1000. Really easy to spot in our order log.

  16. #16
    Join Date
    Mar 2001
    Posts
    163
    Joana, SplashHost, that's enough for me to declare it a pattern. I guess Vanatu is the new Malaysia.....

  17. #17
    What's funy about the whole thing was when I kind of got alarmed about the order, I emailed the guy asking to confirm the domain he wants to use. Well, he emailed back 2 hours later stating a totally different domain name from the order.

    When I checked the new domain name he requested, it was registered under a different name and diferent country. It was a Live domain with different contact Info.

    That person got the billing cancellation notice due to fraud and asked to email us if he thinks it was in error. Guess what, No email from him yet.
    CW3 Web Hosting - Merchant Accounts-Private Label Reseller Plans
    http://cw3host.com and http://home.cyberweb3.net

  18. #18
    Join Date
    Nov 2000
    Location
    Dundee, UK
    Posts
    1,366
    Yeah the guys name was Mencul. Maybe he is filthy rich and just couldnt decide what host to use so just decided to try them all lol

  19. #19
    Originally posted by Joana
    SplashHost, is it Mencul ?

    By cracky they hit me yesterday, IP traced to @Home in New Jersey.

  20. #20
    Hopefully you were able to avoid them in the first place and did not create an account for them. Yes, IP traced to @ Home and it seems to be the same guy. Credit card info is correct by the way.
    CW3 Web Hosting - Merchant Accounts-Private Label Reseller Plans
    http://cw3host.com and http://home.cyberweb3.net

  21. #21
    Join Date
    Oct 2000
    Posts
    567
    Originally posted by Joana

    IP traced to US
    Credit card address in Vanuatu
    email for client is in Indonesia
    Chose the most expensive plan for 1 year.
    Joana, I'm from Indonesia.
    I guess his/her IP is from inte**acket.net ??
    For you reference that a lot of Indonesian ISPs using inte**acket.net as their direct uplink provider.
    I know that a lot of carders here in Indonesia.
    Take a look at this URL: http://go.to/yogyacarding
    anybody care to report it to go.to and geocities.com?

    The other possibility why you get an US IP, perhaps this pathethic bastard person log into a US server shell account and use lynx command to fill out the order form.

  22. #22
    Join Date
    Mar 2001
    Posts
    163
    sodapopinski,

    I checked out http://go.to/yogyacarding. I don't understand the language. Are carders credit card fraud people? Is this site offering stolen credit cards. If so, I will be more than glad to contact Geocities.

  23. #23
    Join Date
    Oct 2000
    Posts
    567
    Originally posted by Coran
    sodapopinski,

    I checked out http://go.to/yogyacarding. I don't understand the language. Are carders credit card fraud people? Is this site offering stolen credit cards. If so, I will be more than glad to contact Geocities.
    Yes, they are carders credit card fraud people community.
    If you translate the languange you will see that they teach people how to use stolen credit card safely

    I also try to explain it to go.to and geocities.

  24. #24
    Coran,

    You pretty much hit the nail on the head. We have an order screening protocol that is very similar to what you listed. Spotting fraudulent orders is usually pretty easy once you get the hang of it. I would say that the "most expensive plan/longest term" is one of the largest giveaways - that and invalid phone numbers (I suppose they figure that if they put an odd looking number in, we will just assume it is from some weird country where "92**401" is a valid number. )

    This is definitely a useful tutorial for those who would rather not learn things the hard way.

    Regards,
    Matt Lightner
    mlightner@site5.com
    Matt Lightner - http://www.mattlightner.com/
    - First initial to the last name at the mail service provided by the world's largest search engine
    - Founder and CEO (Former) Site5.com, sold in 2008
    - Really honestly wants to be a good WHT citizen but can never remember all the correct etiquette. Mods, sorry in advance

  25. #25
    Join Date
    Oct 2001
    Posts
    193

    Angry

    Most of the countries we receive fradulant orders from are:

    Russia
    Ukraine
    Lithuania
    Indonesia
    Pakistan, Islamabad (just started getting these about 2 weeks ago)


    Jeff

Page 1 of 2 12 LastLast

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •