[ic] Fraudulent credit card activity

Stefan Hornburg (Racke) racke at linuxia.de
Wed Feb 13 12:56:56 UTC 2013

On 02/13/2013 01:47 PM, DB wrote:
> For the past few days I've had a guy trying to place small orders using
> credit cards. Most charges are denied, but a few go through. I think he
> is testing which cards are valid and which are not.
> Using fail2ban has helped some, but I've noticed he is using the same IC
> session from more than one IP. I plan to do something like Steve
> mentioned here:
> http://www.icdevgroup.org/pipermail/interchange-users/2013-February/053928.html
> Would it make sense to somehow disallow the same session being used from
> multiple IPs?
> Until now I have not required CVV2. Adding the requirement is very
> simple, but it also adds a step to the checkout process, and the
> attacker may have the CVV2 codes.
> I'm curious what others think about this situation.

CVV2 helps you if he got just a list of credit card numbers, but of course
not if he has the physical CC.

I think today it's pretty much standard to ask for CVV2.


LinuXia Systems => http://www.linuxia.de/
Expert Interchange Consulting and System Administration
ICDEVGROUP => http://www.icdevgroup.org/
Interchange Development Team

More information about the interchange-users mailing list