Why is this credit card thief so stupid?
November 4, 2007 2:52 PM Subscribe
What is this Internet scammer trying to accomplish?
I have a small Internet business and sell scientific datasets. Today I saw a purchase for about $2000, for nine copies of some science data. This is a 6-disc DVD-ROM set and there is no download at all. Here's all the suspicious info:
* The charge and volume of the purchase was the big tipoff.
* It was placed with a gmail address
* The shipping address (10 Anson Rd, Hillrock IL 61151) is completely nonsensical... no part of it is a deliverable address
* The given delivery and cardholder name is Indonesian
* The credit card prefix is Banco Uno of Guatemala.
* The IP this was placed in is owned by ARBINET-UK2NET and georeferences to London
Needless to say I won't even be responding, but my curiosity is getting the best of me... what is the scammer trying to accomplish? Especially when the post office would just return all the stuff anyway? Is there a ring of thieves that just like to run up charges on random cards?
I have a small Internet business and sell scientific datasets. Today I saw a purchase for about $2000, for nine copies of some science data. This is a 6-disc DVD-ROM set and there is no download at all. Here's all the suspicious info:
* The charge and volume of the purchase was the big tipoff.
* It was placed with a gmail address
* The shipping address (10 Anson Rd, Hillrock IL 61151) is completely nonsensical... no part of it is a deliverable address
* The given delivery and cardholder name is Indonesian
* The credit card prefix is Banco Uno of Guatemala.
* The IP this was placed in is owned by ARBINET-UK2NET and georeferences to London
Needless to say I won't even be responding, but my curiosity is getting the best of me... what is the scammer trying to accomplish? Especially when the post office would just return all the stuff anyway? Is there a ring of thieves that just like to run up charges on random cards?
Did you try running the credit card number through your verification service? Maybe they just go from site to site entering bogus info to try and identify sites that don't verify credit card information up front before shipping.
posted by Octoparrot at 3:16 PM on November 4, 2007
posted by Octoparrot at 3:16 PM on November 4, 2007
I bet they were using your service to check and see if the card they had stolen was valid.
posted by swhitt at 3:40 PM on November 4, 2007 [1 favorite]
posted by swhitt at 3:40 PM on November 4, 2007 [1 favorite]
It seems possible that they were (possibly under the assumption that you were doing online verification) attempting to determine what the credit limit was on a stolen card (or attempting to determine if it had been deactivated) before going out to make "real" purchases with it...
posted by nonliteral at 3:42 PM on November 4, 2007
posted by nonliteral at 3:42 PM on November 4, 2007
Idea 1: Just somebody entering random data into the form, who happened to make up a random credit card number? Maybe someone wanted to get to the post-purchase confirmation page for some reason? A disgruntled customer of yours?
Idea 2: It could be someone trying to get revenge by making random charges on a stolen number. Just maxing out the card for a while screws them.
posted by IvyMike at 3:45 PM on November 4, 2007
Idea 2: It could be someone trying to get revenge by making random charges on a stolen number. Just maxing out the card for a while screws them.
posted by IvyMike at 3:45 PM on November 4, 2007
$2000 seems to be rather high for it to be a just a test purchase to see if the card's active, since they could test the activity by making a small purchase from any large online retailer or porn site.
Actually, a porn site would give them almost automatic verification, whereas with an online retailer they'd usually have to wait until the order ships to have proof that the card's active. That could be a delay of a few hours to a few days, depending on how fast the retailer operates.
posted by CKmtl at 4:00 PM on November 4, 2007
Actually, a porn site would give them almost automatic verification, whereas with an online retailer they'd usually have to wait until the order ships to have proof that the card's active. That could be a delay of a few hours to a few days, depending on how fast the retailer operates.
posted by CKmtl at 4:00 PM on November 4, 2007
Response by poster: It would be a public service to report this suspicious transaction.
Actually the last time this happened, I told both Visa and Wells Fargo (the owning bank) about it and they couldn't care less. Needless to say I have a very jaded opinion of credit card security... what exists I like to call "window dressing".
posted by chef_boyardee at 4:00 PM on November 4, 2007
Actually the last time this happened, I told both Visa and Wells Fargo (the owning bank) about it and they couldn't care less. Needless to say I have a very jaded opinion of credit card security... what exists I like to call "window dressing".
posted by chef_boyardee at 4:00 PM on November 4, 2007
Yeah, I can see why you wouldn't be in a hurry to repeat that. Thanks for doing it the first time.
posted by grouse at 4:12 PM on November 4, 2007
posted by grouse at 4:12 PM on November 4, 2007
I used to work at an order fulfillment warehouse. We shipped band memorabilia, for several prominent musical groups. In fact, if you've ever had a Rolling Stones hoodie or a Dave Mathews bumper sticker mailed to your door, it came from the company I worked for.
The way it worked is you had a cart filled with gray baskets, and a small scanner that told you the next item to put in the cart. It would keep track of around 10 different orders, and as you moved through the warehouse it would tell you the next items that had to be picked. Rush orders were blue containers (2 day shipping) and red (1 day shipping).
So, one day suddenly everyone has a lot of red and blue containers to fill. This isn't that normal, usually we would only have a couple dozen max for the whole day. And they were ordering crazy amounts of items -- like 10 XL Rolling Stones t-shirts. Finally, someone figured out what was going on, but not before we had mailed out a few packages filled with pricey merchandise.
Once they figured out what was going on, we all knew and as soon as you saw more than 3-4 of the same item going into a blue bin you would axe all of those orders. They all came in clusters, which suggests that someone was going through a bunch of credit cards at once. I'm not sure what they do with the merchandise at the end, if anything, but part of the goal is definitely to figure out whether the cards work or not.
I imagine they choose 1 or 2 day shipping because those were the orders we handled first, so that meant they would find out in just a few hours whether or not the credit card they had swiped was any good.
This was probably more detailed than I had to be
posted by Deathalicious at 4:51 PM on November 4, 2007 [1 favorite]
The way it worked is you had a cart filled with gray baskets, and a small scanner that told you the next item to put in the cart. It would keep track of around 10 different orders, and as you moved through the warehouse it would tell you the next items that had to be picked. Rush orders were blue containers (2 day shipping) and red (1 day shipping).
So, one day suddenly everyone has a lot of red and blue containers to fill. This isn't that normal, usually we would only have a couple dozen max for the whole day. And they were ordering crazy amounts of items -- like 10 XL Rolling Stones t-shirts. Finally, someone figured out what was going on, but not before we had mailed out a few packages filled with pricey merchandise.
Once they figured out what was going on, we all knew and as soon as you saw more than 3-4 of the same item going into a blue bin you would axe all of those orders. They all came in clusters, which suggests that someone was going through a bunch of credit cards at once. I'm not sure what they do with the merchandise at the end, if anything, but part of the goal is definitely to figure out whether the cards work or not.
I imagine they choose 1 or 2 day shipping because those were the orders we handled first, so that meant they would find out in just a few hours whether or not the credit card they had swiped was any good.
This was probably more detailed than I had to be
posted by Deathalicious at 4:51 PM on November 4, 2007 [1 favorite]
Needless to say I have a very jaded opinion of credit card security... what exists I like to call "window dressing".
Eh, good credit card security can be a mixed blessing. You know Bank of America? The guys who always try to "exceed" your "expectations"? Well, I'm in Cairo right now, and whenever I try to do anything, they "block" my "transaction" even though I specifically made a "note" on my "account" (the previous note I made was along the lines of "I am going to be in Cairo for a long, long time. Do not block any purchases or large transactions from Cairo until I tell you otherwise." Guess what happened when I tried to buy tickets back home on EgyptAir).
So if you want your credit card to be secure from thieves, make sure you are also trying to use the credit card too.
posted by Deathalicious at 4:56 PM on November 4, 2007
Eh, good credit card security can be a mixed blessing. You know Bank of America? The guys who always try to "exceed" your "expectations"? Well, I'm in Cairo right now, and whenever I try to do anything, they "block" my "transaction" even though I specifically made a "note" on my "account" (the previous note I made was along the lines of "I am going to be in Cairo for a long, long time. Do not block any purchases or large transactions from Cairo until I tell you otherwise." Guess what happened when I tried to buy tickets back home on EgyptAir).
So if you want your credit card to be secure from thieves, make sure you are also trying to use the credit card too.
posted by Deathalicious at 4:56 PM on November 4, 2007
Actually, many credit card scammers are now making small donations to nonprofits via the web to verify if the card is active. You get immediate verification, there's no shipping address to deal with, and it doesn't raise red flags with CC companies. I work in the development department of a large NGO, and we deal with this all the time.
posted by kimdog at 6:12 PM on November 4, 2007
posted by kimdog at 6:12 PM on November 4, 2007
I'm pretty sure nonliteral has it right, they're trying to find the card's limit & don't care about making a real purchase at your site.
posted by scalefree at 8:03 PM on November 4, 2007
posted by scalefree at 8:03 PM on November 4, 2007
Could they make a purchase, then do a return or complaint and get usable credit?
posted by theora55 at 8:29 AM on November 5, 2007
posted by theora55 at 8:29 AM on November 5, 2007
This thread is closed to new comments.
posted by grouse at 2:57 PM on November 4, 2007