VP-ASP :: Shopping Cart Software

Shopping Cart Software Solutions for anywhere in the World

US/Canada(Toll Free): +1 888 587 2278
Europe/UK: +44 (020) 7193 9408
Australia/New Zealand: +61 3 9016 4497

VP-ASP Shopping Cart Customer Forum

Home | Profile | Register | Active Topics | Members | Search | FAQ
Save Password
Forgot your Password?

 All Forums
 VPCart Forum
 Credit card fraud and hackers
 Fake orders increasing
 New Topic  Reply to Topic
 Printer Friendly
Author Previous Topic Topic Next Topic  

Starting Member

18 Posts

Posted - March 06 2008 :  16:33:34  Show Profile  Reply with Quote
Sorry to resurrect this, but this problem is recently getting out of order. We are now getting hundreds of fake orders, and our office staff are wasting lots of time trying to figure out the fakes from the real ones. All of these orders fail Authorize.net, but they still clog up our incoming orders screen, and result in hundreds of "suspicious transaction" emails from them.

On top of that, we are sometimes missing real orders that somehow get flagged as fakes or fail for some valid reason - someone mis-types their information, or tries to enter two orders one after another (this fails our Authorize.net IPVelocity Filter).

Has anyone found a way to avoid these bogus orders? I checked and we don't come up on the first several pages of Google for people using the allinurl: search, but somehow they are still finding us.

I saw suggestions for changing page names elsewhere in the forums. Does anyone have recommendations of exactly which pages to rename? There are dozens of pages named shop* or shop_* and so many includes within includes that changing everything doesn't seem practical. Are there some main incoming pages that people are using as shortcuts for checking CC numbers?



VP-ASP New User

74 Posts

Posted - March 07 2008 :  13:41:45  Show Profile  Reply with Quote
I posted my "solution" to this problem in another thread: http://www.vpasp.com/virtprog/vpaspforum/topic.asp?TOPIC_ID=7492

Changing the message customers receive when their transaction fails can drive off the bad guys. The default message includes a reason why the transaction failed, and those reasons can be useful to fraudsters. By giving the same message no matter what went "wrong" with a transaction, the guys who are using your cart to validate credit card numbers will have to find someplace else to do their dirty work.
Go to Top of Page
  Previous Topic Topic Next Topic  
 New Topic  Reply to Topic
 Printer Friendly
Jump To:
Snitz Forums 2000