Community Forum

Bad Customer - Linda Juan


#1

Wanted to share info for a suspicious “customer” that successfully placed an order with us via Vin65. I have canceled the order. The shipping address does not exist.

The “customer” Linda Juan (see more details of their exploits below)
https://badbuyerlist.org/buyer/20d50757a2d52cb06bee09be

There were 4 earlier attempts at the transaction - all failed as a bad card.
The 5th succeeded but with a bogus (non-existent) shipping address and a bad email and Phone Number. I thought that this could not happen!

The only explanation for this is that they are attempting to plant a malicious script on the computer by planting some invisible code embedded in the Customer Details.

My advice is this: If you receive a order from Linda Juan, then inspect the shipment details first, then decide if you want to cancel the order.

I would also suggest deleting the customer record from your POS - don’t edit or open the details as this may activate the malicious script.


#2

Hi @david1 - thanks for sharing.

We brought this to the attention of our development team. After some review, we can confirm that no malicious code was inserted but we certainly take these issues seriously. We adhere to best practices to prevent XSS and cross-scripting attacks.

Cheers!