|Odd behaviour - Billing page attack?|
| 11:34 pm on Sep 22, 2005 (gmt 0)|
Here's an odd one... For the last month or so, we've been seeing at least one daily event like this:
Someone comes to our website, adds a large count of any random product into their shopping basket, for a total of somewhere between $1000 and $2000, and then attempts to place the order, which always fails. They then repeat over and over and over, trying different combinations of credit card numbers, CVV2 codes and/or expiration dates. The first posting of the billing page seems to come from the web browser, but subsequent postings might be coming from some script, since they do not request the images that are included on the redirected-to-after-the-failure billing page.
The IP addressess of the "attackers" are all over the world, although the pattern is always the same.
Anyone know anything about this?