What the %!?&/! is going on? URGENT!!!

**dan2758** · 01-04-2009, 09:08 PM

Well oh well... looks like a case of internet fraud here...

I know, I've been young... (hehe, I'm still young anyway)... these stuff happens, better check with the CC owners to see if they authorized such transactions.

It's good that you refrained from giving him access till he signed the TOS... doubt it will ever come thru to your fax machine tho

Mainly these are ingenius works by teenagers who are so into shell accounts normally for ircbots or hacking purposes. And maybe that's why he's trying to use other people's IP addresses instead of his own

What do YOU think?

**aran7151** · 01-04-2009, 09:08 PM

But seriously, even tho that the transaction went thru, better check with the cardowners and all... or else you might just get surprised with a chargeback from the real cardowners, kinda sad to receive that, especially if worldpay charges a lot for the chargeback fees.

Maybe you can work things out with the real cardowners like sending them a check as refund instead, if it's really a fraud. And warn them that their card is in fraud circulation

**aran7151** · 01-04-2009, 09:08 PM

Originally posted by auyongtc
But seriously, even tho that the transaction went thru, better check with the cardowners and all... or else you might just get surprised with a chargeback from the real cardowners, kinda sad to receive that, especially if worldpay charges a lot for the chargeback fees.

Maybe you can work things out with the real cardowners like sending them a check as refund instead, if it's really a fraud. And warn them that their card is in fraud circulation

I checked the domain registered and hosted on the dedicated server of "Mister Playboy". The domain is registered to the same name which was used to make the initial setup payment for the server. Why should they make fraudulent transactions to pay a domain?

But it comes back to finding out their real phone numbers and addresses having only their names as a point to start with.

**aran7151** · 01-04-2009, 09:08 PM

I don't think we would have ever set the server up. It seems the customer was very suspicious from the beginning. Also, you should have the customer sign and mail/fax the TOS/contract BEFORE you actually set the server up, not afterwards.

Just some friendly advice.

**aran7151** · 01-04-2009, 09:08 PM

Originally posted by Planet Z
I don't think we would have ever set the server up. It seems the customer was very suspicious from the beginning. Also, you should have the customer sign and mail/fax the TOS/contract BEFORE you actually set the server up, not afterwards.

Just some friendly advice.

I think it's very clear stated that with the signup the customers agrees to our TOS linking to it. Anyway there's are actually just a few hosts (very few) out there allowing egg-drop and irc bots and shell accounts.

**aran7151** · 01-04-2009, 09:08 PM

That leave still the question how to find out about the real customers. Any serious headhunters willing to find out? Maybe taking screenshots of any single detail to be used as evidence? If you want to help to find out contact me by ICQ (in my details) and i can give you more details to start with. :smash:
Thx

PS: I forgot something:
Would you post details on this board? I mean there can be many legal issues involved making things public.

**aran7151** · 01-04-2009, 09:08 PM

Originally posted by microsol
Would you post details on this board? I mean there can be many legal issues involved making things public.

No. The customer's information still shouldn't be posted publicly (IMHO), both because of privacy and legal concerns. However, if they've done something illegal (credit card fraud), you should certainly pass the information on to the proper authorities.

**aran7151** · 01-04-2009, 09:08 PM

I did some more investigations. This includes whois lookups of all the domains involved and reverse lookups of the phone numbers and screen shots. There are no entries for them (Mister Playboy and Mister Whatthe****). But i found some ppl in the area (not exactly the address they filled in when buying) which carry the same name or initials. Mister Playboy's details in the whois lookup are exactly the details he used when he signed up with us. Wrong phone and no results with reverse lookups. Curiously many domain details involved where changed today!
I am shure the sucker hangs around on these board and is watching this thread. Look man, i'll tell you something: I AM AFTER YOU AND I'LL DISCOVER YOU!
:smash: And: If there's something wrong you can be shure about that: :uzi: If there's nothing wrong you still violated our TOS and we gave you a hand (not charging you anything for the trouble and damage caused or terminating your account). Looks like you don't want our hand, so :smash: Come on tell us all on the board what are your point's of view and depending on it i will post evidence in here.

I'll keep you all updated.

**aran7151** · 01-04-2009, 09:08 PM

This is going to be better:
I just got an spam email to our support email address warning that there is an virus around. But that's not all:
The email is coming from him. I am shure about it because the x-orginating ip is in the same block as the one he signed up with. Then there are about 200 recipients of this spam mail, all in the same country he registered some domains. I am really going to be upset! :angry: :angry: :angry: :angry:

**aran7151** · 01-04-2009, 09:08 PM

Hi again

Today is tuesday, and guess how the story goes on.
It's actually no story anymore because the fax didn't come in :laugh: like we all thought. I still don't have any reply from worldpay although i know they've got and read my email, telling them about these suspicious transfers.

I really would like to know what the &%$!?$! is going on because i would like to prevent ourselfs from a chargeback and would like to make a partial refund of the money. It's for shure that there's a chargeback coming because he's got no balls to contact us and to ask us friendly (it wouldn't make any difference for him anyway

). How are chances for me to keep at least a part of the money if it comes to a chargeback (if this was a real transaction without any fraud)? I mean we have all the evidence that he screwed the whole server up and a part of other servers by taking unauthorized IP's. We sent the emails with receipts return to us, so we know that he's got the email we sent him. We've got screenshots of all necesary details. What do you think?

PS: Any host offering dedicated servers interested in the details to prevent being the next victim, just send me a private message and i am happy to send you the names and other details of these guys.