Jump to content

Dealing with fraudulent charges

Posted by Hydrogen, in Store 09 September 2012 · 1,290 views

As most of you must have seen by now, we have just banned user emotoyol from using our site. Through a series of strange events, we discovered that the user had used stolen credit cards on our site to purchase two and a half years of advanced membership at once. In this blog post, I'll explain what happened, how we resolved it, and what we've done to make sure it never happens again.

What happened
Neocodex admins receive notifications from multiple data sources whenever someone makes a purchase on our website. I personally receive emails and push notifications on my phone. By now, we've gotten to know our most frequent customers and are diligent about correcting any mistakes in purchasing. Some of you have received a PM from me when you didn't get the coupon discount that you deserved or accidentally paid twice for a product that you only wished to pay once for. In all of those situations, we've resolved the issue quickly and efficiently so that everyone can be on their way.

On September 2, 2012, Neocodex admins received a notification that one user, emotoyol, had purchased $157 worth of advanced membership in five minutes. Mostly everyone purchases one month, three months, or six months at a time. In case you are wondering, $157 equals about two and a half years of advanced membership! As I always do when I see something weird, I contacted the user about the transaction.

Posted Image

As you can see, the user read the PM on September 7, 2012 last, but never responded. In a bit of a strange series of events, we discovered that this user had stolen the credit cards used in making these purchases. Our Facebook page started receiving posts by two people, one of which was the person who had his credit card stolen. They were both, understandably, pretty angry about the situation.

Posted Image

I got in touch with the Facebook user who had his credit card stolen by email and we discovered that the issue was a lot larger than just his credit card. I discovered from the credit card processor's logs that emotoyol, while living in Malaysia, had used a credit card from the United States of America, Denmark, and Greece, all within five minutes to purchase advanced membership from our site.

How we resolved it
We have refunded all of the payments received by emotoyol back to their originating credit cards. In addition, we have banned emotoyol from our site based on account, IP address, and hardware ID.

Neocodex admins are currently working to resolve this issue with Stripe (our credit card processor). So far, we've only sent an email to Stripe informing them of the issue. Being the first time I've ever had to deal with fraudulent activity, we've deferred to them on what the best plan of action is. We may be contacting the local authorities regarding this user and will provide whatever information is necessary to help with the investigation.

What we have done to make sure it will never happen again
The ability to purchase such large quantities of advanced membership at once was due to a bug in our e-commerce system which allowed users to upgrade to and from deprecated packages that were still set to have infinite amounts of stock instead of the zero stock that they should have had. That bug has been fixed in our system and should not occur again.

Furthermore, we have implemented extra fraud checks by purchasing a subscription to Maxmind.net. Maxmind analyzes transaction information and returns a fraudulence score back to our servers which can help us determine whether or not a transaction should be reviewed or declined. These fraud checks run in addition to the fraud checks that are run by Stripe (our credit card processor) and Paypal, depending on which payment method you choose.

This was the first time we've had to deal with truly fraudulent payments on Neocodex. As with all firsts, I can truly say that I've learned a lot in the last two hours :p. While we have refunded all transactions, I sincerely hope that we can get the money back to the people it belongs to. Credit card fraud is serious business and this was a strange situation to wake up to on Sunday morning :p. The investigation is still ongoing, but I believe that the changes we have made will protect us in the future from getting into this situation in the first place.

If they went to the effort of stealing credit card information I would have thought they'd go for something tangible to buy rather than something that can be easily taken away. O_o
  • Report
Yes, I forgot to mention that in the blog post, but we were incredibly lucky that the user didn't purchase Neocash cards -- we would have had to eat those losses by refunding the money to the original credit card holders while also losing out on inventory that we had actually purchased. Hopefully those protections that we've put in place will prevent that from happening in the future.
  • Report
I wonder if Neopets have the ability to rescind codes obtained from say shoplifting etc.
  • Report
Possibly, but I hardly think they would accept our request :p
  • Report
Wow incredible job Hydro and Administrators.
  • Report
Fantastic work guys!
This is why I love this site :)
  • Report
>steals multiple credit cards
>only purchases membership on a cheating community

Brb, laughing.
  • Report

Possibly, but I hardly think they would accept our request :p

"I was on the way back from the store with my 20 Neocash cards to use on my account and somebody mugged me".
  • Report
Great work. I had a keylogger on my computer once. Lucky I did not have credit card though he did get into my paypal and took $15 for something though I got it back.
  • Report

Wow. Crazy stuff. I'm glad to see that, as a new user, fraudulent instances are taken care of very well.

  • Report

Search My Blog

Recent Comments

Latest Visitors