homepage Welcome to WebmasterWorld Guest from 54.211.73.232
register, free tools, login, search, pro membership, help, library, announcements, recent posts, open posts,
Pubcon Platinum Sponsor 2014
Home / Forums Index / WebmasterWorld / Ecommerce
Forum Library, Charter, Moderators: buckworks

Ecommerce Forum

    
authorize.net attacked
merchants subject to thousands of $$ costs
Crazy_Fool

WebmasterWorld Senior Member 10+ Year Member



 
Msg#: 274 posted 9:56 am on Apr 24, 2002 (gmt 0)

carders have been attacking authorize.net testing card numbers until they get one that works. as a result, merchants are being billed for every attempt.
[msnbc.com...]

 

tedster

WebmasterWorld Senior Member tedster us a WebmasterWorld Top Contributor of All Time 10+ Year Member



 
Msg#: 274 posted 10:47 am on Apr 24, 2002 (gmt 0)

I have one client who was hit pretty hard at first, but AuthorizeNet is acting equitably. So far no compaints except for lost time - and that's the criminals' fault most of all. I'm sure AN has been hit pretty hard just with labor costs to straighten it all out.

Hacker chatrooms talking it up, indeed. This is not just some prank. I hope they nail 'em!

Reflect

10+ Year Member



 
Msg#: 274 posted 3:42 pm on Apr 24, 2002 (gmt 0)

I hadn't even noticed it on my accounts, yet. Hope they nail that down FAST.

Brian

EliteWeb

WebmasterWorld Senior Member eliteweb us a WebmasterWorld Top Contributor of All Time 10+ Year Member



 
Msg#: 274 posted 4:05 pm on Apr 24, 2002 (gmt 0)

I love how they refer to carders as hackers. I thought since all the other media fools were embarressed about this they would learn by now. Seems not, as if they havn't.

BTW, Authorized.net is at fault here, they should have limitations to stop IP's from accessing the system after X amount of attempts as other credit card sites do. Fraud online is so high, and for a company not to impliment ways of stopping this is plain stupidity.

Hah, you don't think I'd ever pay that bill if the company wanted to charge me x.00 per try. hahahha. Hope none of you here got hit by authorized' stupidity.

fortweb

10+ Year Member



 
Msg#: 274 posted 8:28 pm on May 3, 2002 (gmt 0)

98% of that fraud comes from a few small countries. If those people would have been using a .htaccess file to deny problem countries, those criminals would not have been able the enter their site and use it for a card tester.

I just posted in this forum about a site I built to help web merchants identify and block fraud, www.combatfraud.org

Rick

wasmith

10+ Year Member



 
Msg#: 274 posted 1:40 am on May 4, 2002 (gmt 0)

>> Hah, you don't think I'd ever pay that bill if the company wanted to charge me x.00 per try

It would not be my first bill to not pay based on the laws I am currently regulated by. IMHO everybody should read the rule book ... or at least have a basic understanding of the rules of the game. Contract laws (and state restictions) are a must.

tedster

WebmasterWorld Senior Member tedster us a WebmasterWorld Top Contributor of All Time 10+ Year Member



 
Msg#: 274 posted 9:35 pm on May 25, 2002 (gmt 0)

Thought this thread was worth an update. Authorizenet has taken strong steps and made changes that seem to have stopped this problem in its tracks for my clients. They are a solid company and are handling this episode very well in my book.

I've been involved with credit card sales and fraud for over 20 years and this has been some of the finest support I've experienced.

One of the important safeguards is accepting transactions from authorized addresses only. The problem?

Not all browsers handle referers properly, and I'm not just talking about the old relics here - Netscape 6.1 (fortunately not that big a market) is quite buggy at handling referers with form submission - a common purchasing situation online.

So, our only recourse right now is to deny online purchase to people using browsers that don't accurately send referers. Not a big deal so far, but I'm not happy about denying service to someone using a relatively new, mainstream browser.

It's time for the browser companies to get very sharp. Security issues can cripple online commerce altogether. Referer handling, HTTPS, SSL, P3P, TLS - flawless support here is mandatory. Hackers are criminals, and usually not of the dumb variety.

Global Options:
 top home search open messages active posts  
 

Home / Forums Index / WebmasterWorld / Ecommerce
rss feed

All trademarks and copyrights held by respective owners. Member comments are owned by the poster.
Home ¦ Free Tools ¦ Terms of Service ¦ Privacy Policy ¦ Report Problem ¦ About ¦ Library ¦ Newsletter
WebmasterWorld is a Developer Shed Community owned by Jim Boykin.
© Webmaster World 1996-2014 all rights reserved