Most of my hosting and domain registrations are my own clients, but occasionally I'll get an order out of the blue through my website.
That is what happened late last week. I got an order and the credit card cleared through my 3rd party processor, which has verified by visa and mastersecure, so I thought i was safe. Turns out the person was a spammer and that the credit card MAY be (and most likely is) stolen and I may be SOL on the registration fee.
My question is can I take over the domain? It's locked so that they cannot transfer away, but i also don't want my company associated with a domain which has sent hundreds, possibly thousands of email within 36 hours of being registered.
I'm sure i'm not the only domain reseller that this kind of issue. How do you handle it?
While I try to sort this all out I've terminated their hosting and I have changed their password on their domain management account so that they just can't change the nameservers to another unsuspecting host.
Any guidance would be appreciated.
Sari
If the spamers are stupid enough to do what you say, then they deserve all they get - and you do not want to be seen as an accessory.
You seem unsure, however. Surely the card is either stolen or not ... and that's all you need to know. To get involved is to risk all. Don't!
I am 99.9% sure that the credit card was stolen, I am waiting for confirmation from my 3rd party processor (we're playing phone tag right now).
Your comment about getting involved puzzles me somewhat (it could be the lack of sleep). Are you suggesting that I just leave the domain as status quo and let them do what they will with it even if it hasn't been paid for?
As for the police, I honestly didn't think of that. I'm not sure what they can do considering that I am based in Canada, the credit card is from the US and who knows where the spammer is.
In the meantime, I've had a very very similar order come through which I have not placed and refunded the credit card.
thanks again!
Sari
The registrar will then suspend access to the domain name and possibly refund the fee. Better proactively take it up with them before something else happens.
I say talk to the police, because if they have used the card for this, likely they've used it elswhere; every bit of info will help - though as you say, a conviction is unlikely!
But better coming from you than them coming to you!
When I say don't get involved, I simply mean don't get into a slanging match with the perp - leave that to others.
Most police departments have an online fraud section, though often it's a state secret!
I finally got in touch with the 3rd party processor late yesterday and they said that they couldn't confirm that the card is stolen as the transaction went through. But the recommended that I refund the transaction and be charged the "minimal" refund fee rather than wait and possibly be charged the large chargeback fee. So I refunded the card.
I've been playing phone tag with the registrar all day yesterday, so I'm hoping to get in touch with someone today to find out what I can do with the domain. I sure as heck don't want it! ;) Will registrars refund fees in this instance? It would be a huge relief if they did!
It seems like the effects of having this spammer for a day and a half never ends! I discovered yesterday that my IP has been blacklisted by a major Canadian ISP as well as a result of this! So, I've been trying to find out what I need to do to get off their list.
What a nightmare this whole experience has been!
Thanks again for your advice!
S.
