Jump to content

Potential Credit card fraud


You are about to reply to a thread that has been inactive for 3718 days.

Please take a moment to consider if this thread is worth bumping.

Recommended Posts

Nothing like that, Ian.  Anything in Off Topic does not count on your post count.

You can try it and see.  Look at your post count, then reply to something in the off topic sections and look at the post count again.  No change.

I think it is kind of funny to be chatting with someone who has zero posts :)

Link to comment
Share on other sites

  • Replies 62
  • Created
  • Last Reply

Top Posters In This Topic

Ahhh - so my suspicion of confidence trickery is perhaps misplaced then. I hope that's so.

I've now noticed, rather oddly, that his forum profile bears a creation date later than the date of his first postings and his last time of logging onto the forums. It seems forum stats are somewhat unreliable and confusing!

Link to comment
Share on other sites


Blondin Linden wrote:

Hi again. Here is what you should do. Create a support ticket and assign to Jillian Linden. I've already given her a heads up that you'll be doing so. She can take it from there. She's one of the best!

@James: I hope you did as suggested and please report back; this is really fascinating. I agree that it looks extremely phoney and there is no way I would go along with it even if I knew it was real, blocked numbers or no blocked numbers.

Link to comment
Share on other sites

If it was a email, there's several things that would eliminate doubt of it being genuine or a 419 mail. If your email reader has the option to view the full headers instead of the to, from and subject, then set it to view all of the headers. Some readers add comments something like the domain (of the from address) has not authorized mail being sent from another domain server. Then read the header from bottom up. You're looking for the mail server domain that the mail first started at., which should be the same as the from address domain.

Then look at the to address, if it wasn't sent through a bulk mailer, it should have your address, otherwise it may say something like undesignated receipent. Finally if your headers have a field called something like Originating IP, run the IP through a free reverse IP domain check. Bulk mailers have an internal email server, but they have to be sent through an internet provider.

Some of the scammers are getting better educated, and use a bulk mailer that does the equivalent of caller ID spoofing. It appears valid, except for:   the from domain not authorizing where mail sent, the IP location and company registered to the domain are suspicious, and if you are listed as an undesignated receipient in the to address. If you see the first 2 of these, chances are you got a scam mail.

Lastly, hover your mouse over the area that you're supposed to click on and look at the status bar that shows the actual url address, this is a giveaway on most of the bank or paypal scam mails that said you need to verify your account or login, you can see the actual url coded in is bogus.

If you got a scam mail and after contacting both linden's billing and fraud divisions, if you have some free time and want to have some fun, google for something like 419 eaters, 419 baiters, or scam baiters and read them for some ideas. Personally I would't bother because it could be addictive. One thing to think about is contacting the IP provider that you found if you ran the reverse IP domain check, they know whose account was used to mail from the originating IP part of the header.

Link to comment
Share on other sites

you get an actualy page for that link? because I don't.... the https coulpled with the SL domain automatically shuffles you off to openid, but then it just sits there because there's no such page for it to go to... at least that's what I get.

and mind there's no telling if that was the actual link in the e-mail, or just the cover text which the forums autotranslated into a live link

Link to comment
Share on other sites

We really need a Linden to weigh in here again.  Blondin referred the OP to Jillian.  A side from that, anything any one says will be speculation.  Only a Linden can give an answer we can trust here.  At least as far as you can trust a Linden  ;)  (OK, i know that was mean but i couldn't resist). 

I will agree 100% though that the idea of sending a photocopy of my credit card is ludicrous.  One could photoshop a picture of a card with fake numbers to send.  On second thought, probably not a good idea.

Link to comment
Share on other sites

I'd be fascinated to see what a Billing Linden has to say about this, personally.  Even if I'm in the US and don't have to jump through these hoops, it just seems a bit.. invasive to require so much personal information from someone.  Maybe if they were hiring me, yes.  But just to pay them?  No. 

If this is true, I can understand LL wants to give overseas residents a better option for make payments.  I would just have to wonder at their choice of this.  It sounds way too much like a phishing scam, with the kind of documentation "required."  And while I can't think of any at this time besides Paypal, there are bound to be less "sniffy" places that LL could use.

Link to comment
Share on other sites

that's more than a bit of a stretch... it's much more relevant to say, "Things in off topic are likely to become out of control or embarrassing to LL, so they don't want it exposed to the outside web even by inference" (you know, like huge post counts that don't seem to have huge amounts of posts)

Link to comment
Share on other sites

You know, beyond the question of whether or not this particular email is a phishing attempt, am I the only one just a little concerned that Linden Labs are using an offshore gambling firm to handle payments ?

I would never give those people access to my bank accounts or credit cards and I would be hugely worried if it transpires that they have taken over existing payment details already on file.

 

edited to add:

Gibraltar are kinda/sorta in the EU does anyone know if privacy legislation extends to them ? Do they have to take account of the Data Protection Act ?

Link to comment
Share on other sites


JamesTasman wrote:

I just recieved the message below, obviously fraud but i felt some one should know about it.  Many SL users are not familiar with the system and may get caught.

 
Operations Department - Second Life
to
me
show details
2:48 PM (2 hours ago)
 

Dear Resident,

 

I am Paramjit B. from the Operations Department at Cassava Enterprises (Gibraltar) Ltd. I am contacting you with regards to your Linden Lab account with username "JamesT asm".

 

 

 

Is "JamesT asm" really your username or is that your display name, or had they spelt it wrong?  Something doesn't seem right.

Link to comment
Share on other sites

I wanted to clarify what has happened and what we have done about it.  We are continuing to work through technical and policy issues that are identified through the beta test of our new billing system.  This message was generated by one of our new international payments providers as part of a procedure for requiring additional information only in the case when initial tests for a valid payment method were unsuccessful.  While this occurs for a very small number of transactions,  it will cause the need for further information to be requested.  However, the message response that was generated, as well as the request for sensitive personal information, was not acceptable.  We have worked through the policy issues with our vendor and do not expect these requests to be handled in this way in the future.  There may continue to be secondary level fraud checks, but we will never request personal information to be sent to any third party, in order for residents to make payments in Second Life or with Linden Lab.

 

Link to comment
Share on other sites


FJ Linden wrote:

We are continuing to work through technical and policy issues that are identified through the beta test of our new billing system. 

Could you please clarify just how many of your loyal customers are having their bank and credit-card accounts put at risk by being forcibly subjected to this unasked-for and damaging 'Beta-test' ?

Link to comment
Share on other sites


Void Singer wrote:

the beta was opt-in for a limited number of non-us users in certain areas... noone that wasn't in the beta should be affected, and you'd know if your were in it

Oops, my misunderstanding - but you can perhaps understand why I was confused...

...Or should I take it that the system which all these posters are complaining about in this thread is tried, trusted and has passed all its test stages (including Beta) with flying colours before going live as the perfect technology it now is ?

Edit: why does this forum software insist on putting my response in italic ? I didn't ask it to...

Link to comment
Share on other sites

You are about to reply to a thread that has been inactive for 3718 days.

Please take a moment to consider if this thread is worth bumping.

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share

×
×
  • Create New...