Just wanted to give everyone a heads up to some very sophisticated fraud that has been hitting us and possibly some of your (or your customers') websites.
We had someone call us up a couple of weeks ago and wonder why they had a charge on their card. That question isn't unusual for us because of how we run our cards but the customer said he didn't place the order and didn't know the recipient either. Accounting handed me 3 orders they thought were similar to that one and I checked them out. There was nothing in our system that really raised any flags individually, but when I started poking around the IPs I found that all of them had come from servers within The Planet. That was more of a red flag for me. This problem is NOT specific to them (had one from ntt.net this morning), nor is there any pattern to this. I can't even say ASL could protect you from this as geoblocking is useless against a hacked US machine.
I'm writing this to let you know that if you sell cheap electronics (they've left our other sites alone) you need to be aware that you might want to scrutinize your orders a bit more.
Look for things like strange customer names (these people pull random words in some cases; we had one order for a "Patient Lady") and mismatched shipping addresses. Just be aware that credit card fraud checks might not be enough.
Fraud alert for you ecommerce guys out there
Fraud alert for you ecommerce guys out there
"Its not a mac. I run linux... I'm actually cool." - scott