SPAM BOMBING & FRAUDULENT ACTIVITY - PART II



PART I -> Available over here -
FRAUDULENT ACTIVITY AND SPAM BOMBING - PART I

This was the charge that showed up all of a sudden while our founder was on an international trip. 


What is this APMEX, INC.,?



What is unusual about this transaction?
Usually, most of the credit card issuers verify international transactions prior to completing the transactions. There were several times in the past when our founder could not get the first transaction through while on international trips and had to confirm the authenticity of that transaction prior to repeating the same transaction. 
Unlike those experiences, this transaction went through first prior to getting the above message. For that matter, our founder had made another transaction later on while on the same trip through another type of credit card, and that particular credit card issuer sent an email requesting for confirmation prior to approving the transaction. Taking this step would have prevented this particular transaction.

When did the spam bombing emails happened?














What else do we know?
There is a way to track the IP address of the emails received. We identified the IP address of the emails from APMEX, and the IP address was found to be, 66.35.16.159.

What is the use of knowing the IP address of the email sender?
Using the IP address, we can find out useful information about the sender of the spam emails. Presented below is some information based on the IP address. In the same way, we were able to find out more information about some of the other spam emails that followed this fraudulent charge.

What other actions did our founder took?
After cancellation of the credit card, our founder did not activate the card until his return to the country. Moreover, after his return, our founder called the credit card issuer to get more information about the source of the fraudulent charge. As per the customer representative specialist who spoke to our founder, it appears that there is not much information that will be provided other than the promise that the risk management team within the organization is looking into the issue. Further, the specialist suggested to utilize the debit card instead of the credit card, which seemed rather strange considering the fact that it could be riskier compared to using the credit card, if this kind of fraudulent activity happens. 

What could be done from here?
In the past, our founder had addressed such spam emails by directly contacting the registrar's senior executive team or by emailing to their suggested email address (supporting with evidence) after identifying the ip addresses and/or other identifiable information about those spam emails. 

Here is one real example,
How to find the IP address from emails?
This information will be shared in our Analytics Pie section soon.
What other actions were taken?
To address both fraudulent charge and the immediate bombardment of spam emails, our founder first cancelled the credit card and followed it up by changing the password of the email address where the spam emails were sent, in addition to informing the credit card issuer both by email and through phone. These actions prevented further fraudulent charges and also gradually reduced the frequency of the spam emails over time.