Jump to content
dev osCommerce
Forum
  • Checkout
  • Login
  • Contact Us
  • Get in touch

osCommerce

The e-commerce.

New Demo
Our Partners

PLEASE URGENT HELP AND ADVICE NEEDED

rommany

By rommany
in General Discussions

Recommended Posts

rommany

rommany

Posted
Posted

A customer that purchased a few items from us a few days ago has emailed us this below, Im really confused if this is real or not and i'm considering taking my site off line till i have more facts, as we always take our customers security seriously, i have done a test order ourselves and did not get any "security code request at the end of sale" the only thing we have got and have had for sometime is the verified by visa and that is set up and done by HSBC. So I'm really confused what i should do.

 

Please offer advice ASAP.

 

Thanks

 

 

Hello, I am writing to inform you that there is a group of Nigerians that have set up a security code request at the end of sale on your site.

It looks completely legitimate, and as if it has come directly from the bank. They request all personal, and card details for you to be able to complete the transaction, so you feel obliged to do so.

In my case my items were a gift from my mother, so I willingly input all of my parents details. Then a Nigerian man contacted the bank to change my fathers contact number,so that when the bank realised there was suspicious activity taking place they called the number, and the Nigerian man answered to reassure the bank that everything was fine. However what the man didn't realise was how senior my father was when he worked at the bank,so they instantly closed all of his accounts after realising that it wasn't him. Then contacted my father at home.

My parents are currently going through the lengthy process of changing all of there cards and account details, and are left without access to there money. Potentially they could have lost everything.

By no means am i blaming your company,as i should have realised that there was something suspicious when asked for so much personal information, but i think you should SERIOUSLY consider warning customers in the future that these types of frauds that are taking place, and that it is happening off the back of your company name!

With the greatest respect I wont be using your site again, as this has been a massive inconvenience for my parents. But it has made me aware of this type of fraud.

Please could someone contact me regarding my order, as I am expecting to receive my items any day now, however I have obvious concerns of the authenticity of the site.

 

Kind regards

Rebecca xxxxxxxx

07813 xxxxxxxxx

To: xxxxxxxxxxxxx

Subject: Order Process

From: enquiries@xxxxxxxxxxxx

Date: Fri, 17 Oct 2008 13:03:55 +0100

 

xxxxxxxxxx

------------------------------------------------------

Order Number: 4645

Detailed Invoice: xxxxxxxxxxxxxx_history_info.php?order_id=4645

Date Ordered: Friday 17 October, 2008

 

Products

------------------------------------------------------

1 x Cow Fur Pointy Baby Hat () = £9.00

Size 1-2 Years

1 x Cow Buggysnuggle () = £48.95

------------------------------------------------------

Sub-Total: £57.95

UK Royal Mail Rates (Shipping to GB : 0.80 kg(s)): £3.95

Total: £61.90

 

Delivery Address

------------------------------------------------------

xxxxxxx

 

Billing Address

------------------------------------------------------

xxxxxxxx

 

Payment Method

------------------------------------------------------

Credit/Debit Card

Link to comment
Share on other sites
germ

germ

Posted
Posted

The first thing you should be doing should be either take the site offline until you get this figured out, or check your files for code that doesn't belong.

 

Or both.

If I suggest you edit any file(s) make a backup first - I'm not perfect and neither are you.

 

"Given enough impetus a parallelogramatically shaped projectile can egress a circular orifice."

- Me -

 

"Headers already sent" - The definitive help

 

"Cannot redeclare ..." - How to find/fix it

 

SSL Implementation Help

 

Like this post? "Like" it again over there >

Link to comment
Share on other sites
rommany

rommany

Posted
  • Author
Posted

Thanks Jim,

 

 

Ive took the shopping cart payment method off line as soon as I saw the email so no orders can be placed, i checking all files but have spotted nothing and I have contacted my HOST but they will not answer till the morning.

 

But I'm still none the wiser.

Link to comment
Share on other sites
GemRock

GemRock

Posted
Posted

i have doubt about this alledged security breach. it could well be 2 completely unrelated coincidences that s/he received a scam email at the time s/he placed the order. the question to ask is how technical minded is the customer, how did s/he know it aws nigerian (although it is well known that a lot of scams are coming from that country). and you should demand a full copy the email including header if it was an email, or more facts/description of the web page (if from a web page) taking out all personal opinions, ie, not what s/he thought it may be such as using the word nigerian if s/he has no evidence (the website or email did not say they were nigerians). if you got the evidence then it could be a police matter (inform the police internet crime investigators). it could well be that you are completely innocent and the customer somehow linked the two together.

 

I would not take the site off line if i see no clear evidence such as more than one customer reported this or your own thorough tests/examination of files fail to show any evidence.

 

Ken

commercial support - unProtected channel, not to be confused with the forum with same name - open to everyone who need some professional help: either PM/email me, or go to my website (URL can be found in my profile).

over 20 years of computer programming experience.

Link to comment
Share on other sites
GemRock

GemRock

Posted
Posted

one more thought: it could also be the case that the customer's computer has been infected with virus that managed to install some scam-ware that monitors the computer's internet activity and redirects the user to a scam web page which was what s/he was tricked into.

 

Ken

commercial support - unProtected channel, not to be confused with the forum with same name - open to everyone who need some professional help: either PM/email me, or go to my website (URL can be found in my profile).

over 20 years of computer programming experience.

Link to comment
Share on other sites
rommany

rommany

Posted
  • Author
Posted

Thanks Ken

 

I agree but its still playing on my mind, I have checked all files and none have been altered over the past few months or so, the site is hack proof as far as my host is concerned.

 

I will call her tomorrow and try to find out more details, she claims that she was asked for the details at the end of the checkout "security code request at the end of sale on your site" this is the but that is bothering me, and I can not see what she would get out of this.

 

I have noticed she logged in 3 times twice today to check her order but not once have called us, if a company stole my parents card details i would be on the phone to them in a blink.

 

Its a mystery.

 

Thanks again

Link to comment
Share on other sites
rommany

rommany

Posted
  • Author
Posted
one more thought: it could also be the case that the customer's computer has been infected with virus that managed to install some scam-ware that monitors the computer's internet activity and redirects the user to a scam web page which was what s/he was tricked into.

 

Ken

 

That's what my partner said, that they think it must be scam-ware on her site.

 

Ive done a test order and saw no problems.

 

I will leave it till the morning and talk to my host for a second option then call her, that should be fun..

 

Thanks again ken..

 

dave

Link to comment
Share on other sites

Archived

This topic is now archived and is closed to further replies.

Go to topic listing
×
×
  • Create New...