Hello,
For the past few days we have had an account (now two) where a person is making $2-$10 gifts through our TNEW contribution page. Each of these transactions are on a different credit card but all with the same name. We think he/she is testing to see if the cards are valid. It doesn't appear to be a bot because there is like a 5-10 minute break between transactions. We require the CVV on all online transactions so it appears they have that information as well. When we identified the first account we disabled the login but now we have a second account with the same name and similar circumstances. We reported the suspicious activity to our credit card processor (Vantiv) but haven't heard anything back yet. Has anyone else had this issue? What did you do to stop them? We are awaiting instructions on whether or not to refund the orders in case the legit owner issues a charge-back.
Thanks
Michael
Ages ago, before we had CVV, we had someone do this (precisely because we didn't have CVV enabled on our website yet). I know that mostly I just churned out the code to get CVV working online, but we may have also blocked their IP as well. You might talk to Web Products or RAMP about doing that. I'd like to think that someone in the credit card handling chain cares, but I'm pretty sure none of them do. If anyone does have a good place to report such things, I'm all ears, although we do have the advantage of being able to turn it over to an office here at the University.
Thank you. I checked the logs but didn't see the IP. Maybe the TNEW team can do that on their end. I will open a ticket.
We had this before. Like Gawain we blocked the IP of the original booker for a short time to deter them but also added additional security checks on addresses against card details to reduce fraud in general.
We had this happen, as well, but ours was definitely a bot. We added reCAPTCHA to the purchase path and blocked the IP address.
In New Jersey there is
https://www.cyber.nj.gov/
In Pennsylvania, I'm not sure that there is the same group. There appears to be.
www.oa.pa.gov/.../default.aspx
We just recently had this happen to us and the culprit charged dollar transactions thousands of times through our donation portal. We tried blocking his IP but he just used a new different IP. The cards he was charging were not from the US so Payment Express blocked countries outside the US and still he got through. We put a reCAPTCHA on our site and still he continued. We were haunted for an entire month with this and the charges were easy to spot because he always used the name JOE MAC. Finally we got a free subscription to cloudflare.com which put a stop to him for a short time. We thought the combination of cloudflare and the reCAPTCHA would work but he came back. We then purchased a paid subscription to cloudflare to give us more options and we got him stopped for about a month. Recently he broke through again and we increased our blockage and he is again stopped. We are hoping this is finally the end of it. Payment Express was amazing through all of this including waiving fees for the numerous charges this person ran through. We were shocked that even though we contacted authorities there was no help they could give us or those people who were the victims from the stolen card numbers.
Joe Mac has shown up on our site now. We are getting one of the chargeback notifications from our payment processor and when we go in, we notice the multiple transactions, all for $10, all different cards, Joe Mac as the name on the card and Leandro Neto as the name on the account. We are trying to figure out how we can stop him as well.
HI Terry, Did he come back after the most recent increase in blockage? Want to be able to let our team know if this is something we should try and pursue. Thanks! Ellen
Once we added reCAPTCHA and added a $20.00 a month clousflare.com paid service to blocked the IP addresses and we also had Payment Express block any credit cards outside of US. It was the combination of all these things that finally stopped it. I think the reCAPTCHA was the final straw which caused a big hurdle for them getting through. Do you have reCAPTCHA on your web site?