PART I -> Available over here -
FRAUDULENT ACTIVITY AND SPAM BOMBING - PART I
This was the charge that showed up all of a sudden while our founder was on an international trip.
What is this APMEX, INC.,?
What
is unusual about this transaction?
Usually,
most of the credit card issuers verify international transactions
prior to completing the transactions. There were several times in the
past when our founder could not get the first transaction through
while on international trips and had to confirm the authenticity of
that transaction prior to repeating the same transaction.
Unlike
those experiences, this transaction went through first prior to
getting the above message. For that matter, our founder had made
another transaction later on while on the same trip through another
type of credit card, and that particular credit card issuer sent an
email requesting for confirmation prior to approving the transaction.
Taking this step would have prevented this particular transaction.
What
else do we know?
There
is a way to track the IP address of the emails received. We
identified the IP address of the emails from APMEX, and the IP
address was found to be, 66.35.16.159.
What
is the use of knowing the IP address of the email sender?
Using
the IP address, we can find out useful information about the sender of the spam emails. Presented below is some information based on the IP address. In the same way, we were able to
find out more information about some of the other spam emails that followed this fraudulent charge.
What other actions did our founder took?
After
cancellation of the credit card, our founder did not activate the
card until his return to the country. Moreover, after his return, our
founder called the credit card issuer to get more information about
the source of the fraudulent charge. As per the customer
representative specialist who spoke to our founder, it appears that
there is not much information that will be provided other than the
promise that the risk management team within the organization is
looking into the issue. Further, the specialist suggested to utilize
the debit card instead of the credit card, which seemed rather
strange considering the fact that it could be riskier compared to
using the credit card, if this kind of fraudulent activity happens.
What
could be done from here?
In
the past, our founder had addressed such spam emails by directly
contacting the registrar's senior executive team or by emailing to
their suggested email address (supporting with evidence) after
identifying the ip addresses and/or other identifiable information about those spam emails.
Here is one real example,
Here is one real example,
How
to find the IP address from emails?
This
information will be shared in our Analytics Pie section soon.
What
other actions were taken?
To
address both fraudulent charge and the immediate bombardment of spam
emails, our founder first cancelled the credit card and followed it
up by changing the password of the email address where the spam
emails were sent, in addition to informing the credit card issuer
both by email and through phone. These actions prevented further
fraudulent charges and also gradually reduced the frequency of the spam emails over
time.