Online Store order - Something fishy?

egan007 · 23-07-2007 10:50am #1

I run an online store,
I got an order through over the weekend that was a bit strange,

The customer details were garbage text including the email address.
However the Credit card number appears to be valid.

I checked the ip and it's untraceable. probably internal (86.45.133.192)

I can't imagine putting in my CC details without any name address etc on any website.

Something smells fishy about this.
Is it possible it's a bot running some code top find holes or something similar.

Any advice?

DJB · 23-07-2007 10:57am

If it looks fishy, it usually is. Who's your payment service provider? Realex or someone... contact them and ask them. Don't process the card until you are sure it's valid. Try contacting the customer as well.

It looks too dodgy to process IMO!

PixelTrawler · 23-07-2007 11:02am

Could very easily be someone using a real card thats not theirs. Work colleague (wallets left lying around), child, disgruntled partner, some idiot etc etc.

I wouldnt process it. If there are any contact details not garbage try.
If not give the number through to the processor. Im sure they have a way to get the details to the bank. The bank can then contact the person and report possibly unauthorised use of their card.

egan007 · 23-07-2007 11:09am

Thanks for the replies,
No customer info at all available.

We process the cards offline ourselves so it does not go through a provider.
I'll contact the bank and report possible unauthorised use.

CuLT · 23-07-2007 11:31am

According to DNSStuff.com, the IP originates in Cork, and was used by an eircom customer.

egan007 · 23-07-2007 2:22pm

Cool, nice one. Thanks

mneylon · 23-07-2007 4:03pm

egan007 wrote:

Thanks for the replies,
No customer info at all available.

We process the cards offline ourselves so it does not go through a provider.
I'll contact the bank and report possible unauthorised use.

Are you encrypting the credit card data on the server?

Are you using a dedicated server?

Is your bank aware that you are processing "card holder not present" transactions?

TheWaterboy · 24-07-2007 8:51am

Sorry if Im hijacking this thread but I have had the same problem over the past three weeks with dodgy looking orders - about 5 in total all from a variation of the same email address and sometimes the same delivery address. IP address and card type each time is different.

Worldpay has flagged these with a WARNING so I have contacted the email address each time and still no reply. Some of the orders are very big > 500 euro while others are quite small < 30 euros.

I have contacted Worldpay. Anyone any advice on what else I can do

egan007 · 27-07-2007 5:10pm

blacknight wrote:

Are you encrypting the credit card data on the server?

Are you using a dedicated server?

Is your bank aware that you are processing "card holder not present" transactions?

HI

Yes CC is encrypted.

Shared reseller - yours infact

Yes, I have a merchant account.

CoNfOuNd · 27-07-2007 5:15pm

I would not process any payment if you are not able to contact the customer first. Chances are it's unauthorised use and you are right to inform the credit card company, although normally serious attempts to open an account with someone elses card will have real-looking details on them and not just garbage. The garbage would tend to suggest it's perhaps not a human entering it.

egan007 · 27-07-2007 5:32pm

CoNfOuNd wrote:

The garbage would tend to suggest it's perhaps not a human entering it.

Good point, i think it's time to add the Letter Entering to the signup....

I

Online Store order - Something fishy?

Comments