Jump to content
  • Checkout
  • Login
  • Get in touch

osCommerce

The e-commerce.

Suspicious traffic during checkout


shipperskipper

Recommended Posts

We went through several activities trying to help a customer from Japan to check out on our US based online store. I don't think we'll ship this order but I found the incoming traffic interesting while observing "who's online" during the 1 hour ordeal.

 

- Customer initiates checkout and request name change after the transaction went through (strike one).

- Customer is told the order cannot be modified after processing so it is cancelled, but customer is welcome to try again with the correct name on the card (last name needs edit)

- Customer re-enters the order. Just before and during the process, I receive hits from two different IP addresses in Australia and one in the US on the very same product followed by hits similar to

 

/shopping_cart.php?pID=99%7B1%7D1 from the US IP address.

 

- Customer now enters different billing and shipping address which is strike two (strike-out in my book). Order cancelled again from our side stating that billing and shipping address must be the same.

- Customer comes back once again, and the same disco dance of IP hits on the same product from Australia and the US repeats itself.

 

What can this be, some sort of IP masking and coordinated hack? Anyone seen anything like this or am I just paranoid? We got all the recommended security add-ons btw.

 

Thanks!

Link to comment
Share on other sites

If it looks like a hack, walks like a hack, and quacks like a hack - It's a hack.

:-"

 

Or in your case only an attempted hack...

:thumbsup:

If I suggest you edit any file(s) make a backup first - I'm not perfect and neither are you.

 

"Given enough impetus a parallelogramatically shaped projectile can egress a circular orifice."

- Me -

 

"Headers already sent" - The definitive help

 

"Cannot redeclare ..." - How to find/fix it

 

SSL Implementation Help

 

Like this post? "Like" it again over there >

Link to comment
Share on other sites

Archived

This topic is now archived and is closed to further replies.

×
×
  • Create New...