A recent credit card scam resulted in more than 60,000 authorizations of illicit transactions. The settlement process was halted before payments were made.
In a wake-up call for online merchants, a recent credit card scam resulted in more than 60,000 authorizations of illicit transactions. But while authorization codes verified the validity of the credit card account numbers, the settlement process was halted before payments were made.
“One merchant let us know about it early, and we were able to stop the processor from settling the transactions,” says a spokesman for VeriSign Inc., the online security company that handled the transactions. “We deactivated the accounts.” He notes that the scam affected about 20 merchants, authorizing about 60,000 out of 100,000 bogus transactions.
The source of the scam remains a mystery, though one theory is that hackers broke into a computer database to retrieve account information to test if they could run authorized transactions. The value of the bogus transactions ranged from pennies to a few dollars each, according to VeriSign. The lesson for those involved with online commerce, VeriSign says, is to routinely change passwords for entry to servers and data storage devices at least every few months. VeriSign provides an Internet payment platform that enables companies to authorize, process and manage credit card and other types of payments.
VeriSign and merchant account provider Online Data Corp. were notified of the scam by Los Angelese-based Spitfire Ventures, an online retailer of novelty items, that received a surge of card transactions on Sept. 12.