New on LowEndTalk? Please Register and read our Community Rules.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
Comments
I can live with this, I cleanup unpaid orders every 2-3 days. What annouys me is the ones who got flagged as fraud, user opens a ticket about it. Order is set to pending and ticket is replied.
After 2-3 days, still no payment. WTF??
Why even bother opening a ticket if you have no intention to pay for it?
Why even bother opening a ticket if you have no intention to pay for it?
Technically the order is binding and the invoice is due... ;-)
aren't these online casino advertisements?
But I can’t be arsed doing all that paperwork for $4 - paypal fees.
Imagine getting a $15-$25 chargeback on a $4 payment.
Well, Google’s engineers still haven’t decided on what a “street sign” or “car” is.
Have you install FraudLabs Pro or minFraud? What do you see in the dashboard for those transactions? Are they from same device but using different email and IP address?
I've seen this droid google app that had users verify captchas and stuff for rewards so maybe the engineers have nothing to do with this? I believe the app is called crowdsource.
We have recaptcha not just regular captcha.
The real question is, why? It's been going on for the last 24 hours now. Over 1,000 new registrations and orders now.
I block all china traffic and add some domains to block email to solve it ..
His audience is Chinese traffic basically lol.
Not really. This is not my HK brand that's being targeted.
I think I know what this is. Maybe...
Perhaps this is a way to send spam? The spammer 'signs up' for a service and the confirmation email gets sent out to the registered email address. And in the email out, it contains some of the info entered by the spammer, like URLs and so on.
Speculation of course..
All are solveable, especially with a little bit money to grease the process and some mechanical turk, just a matter of incentive.
Someone posted an automated solution a year or two ago with a decent success rate. Apparently there were some nice workarounds but times may have changed.
Guys .. even I am facing the same issue. Did anybody got the solution?
Yeah, I just disabled all order forms
let me try this.
We had a few hundred orders come in overnight matching this pattern.
This... DBC API more than likely.
A few accounts had due invoices for certain services that have different provisioning requirements, they didn't settle invoices and thus were not deployed. Unless they are perhaos looking for hosts or with "cooldown" time such as Hetzner.
They fail address validation with MaxMind, different ID's and IP's.
Just added some matching filters to the signup form to error on submission, not had any more through since.
5k captchas, 6$?! dafuq.
Some people work cheap.
I disabled registration, but still they can put the orders in my system. Offcourse the orders are not getting process and WHMCS is rejecting all the orders and marking them FRAUD but its very annoying to get email for every indivual fraud order
Disable emails.
Or they are creating phishing websites and order a shitload services, and within 3 days you receive your first abuse reports. That is the way it goes with a local hosting company i work for.
it appears this is happening a lot this week. Happening on a lot of WHMCS installs. Banning the country has proven to be the most effective solution so far.
During signup they seem to input Australia as the country and use qq.com emails which don't exist.
host mx3.qq.com[184.105.206.85] said: 550 Mailbox not found.Yes, Banning the Country proved to be successful.
Thanks for the insight mate.
How does that work. The hosting service doesn't get activated cuz they aren't paying for anything.
Yes, Even I got abuse report for phishing Microsoft, Outlook, JP Morgan and American Bank
This wouldn't be ideal for anyone with CN based customers however.
Signups we saw used Spain.
Then either auto deployment is not waiting for payment (as per setup options), or your bot seems different to the ones we were hit with.
As @randvegeta said non of the generated orders/invoices that did pass validation were settled, thus no service rendered by our system(s) so no abuse notices caused.
Disclaimer: Native Mandarin speaker
Those emails are spams trying to sell sex services. Usually they will post in online forums or direct emails so I am also surprised and wondering why they would spam whmcs.
Maybe you are using some email to whmcs module (if such thing exists)? Put a spam filter at the front.
Edit: fat fingered