Wanted to share info for a suspicious “customer” that successfully placed an order with us via Vin65. I have canceled the order. The shipping address does not exist.
There were 4 earlier attempts at the transaction - all failed as a bad card.
The 5th succeeded but with a bogus (non-existent) shipping address and a bad email and Phone Number. I thought that this could not happen!
The only explanation for this is that they are attempting to plant a malicious script on the computer by planting some invisible code embedded in the Customer Details.
My advice is this: If you receive a order from Linda Juan, then inspect the shipment details first, then decide if you want to cancel the order.
I would also suggest deleting the customer record from your POS - don’t edit or open the details as this may activate the malicious script.
We brought this to the attention of our development team. After some review, we can confirm that no malicious code was inserted but we certainly take these issues seriously. We adhere to best practices to prevent XSS and cross-scripting attacks.
Hi, We have just had the same thing happen to us. Somebody managed to place an order that looked suspect from the get-go. The address was non existant. Spoke to eway and they suggested it was credit card washing - finding out which cards are still active. Watch out folks this is a bit thing now.
Hello, this same thing has now happened to us twice to the tune of over $4000…00.
Has anyone had any luck with stopping these from happening before the product is shipped ?
what about a successful chargeback fight result?
thanks
I just want to bump this up the thread as this happened to us last night. The “Linda Juan” script tested 28 credit cards before one was successful. Fortunately it was not for one of our more expensive items.
I really appreciate that I saw this thread earlier and recognized this as soon as I saw the order this morning.
I hope WD is able to figure out a way to deter this in the future. reCaptcha to submit an order? Automatically suspend an order after 3 failed CC attempts?
