|
 |
| | | Author: | bjarkev  | | Posted: | Apr 21, 2022 16:41 | | Subject: | Paypal fraud suspision | | Viewed: | 224 times | | Topic: | Problem | |
|
| Hi,
Not sure to post here or in Payment options, but here goes.
Since the 18th April, I have had 3 orders where it states on the order page,
that payment have been done via Paypal on Bricklink, normally that is perfectly
fine, I receive an order confirmation with the order number and items ordered,
and a notification from Paypal that payment have been received. All great and
transaction is completed, and order can be sent out.
How ever, as I said, I have 3 orders in my order book, where it says payment
have been done, however. NO confirmation from Bricklink via mail, I only noticed
the orders by checking the order list. Also, no notification from Paypal, and
going through the transaction log from Paypal there is NO record of a transaction.
Now, unfortunately one order was shipped out, not thinking anything of it, as
the order page shows everything is OK.
But the other two is now on hold, until I get to the bottom of this. I think
there is widespread SQL injection going on into the order system at Bricklink.
IF any admins, Bricklink support reading here, it's order numbers 18944647,18963327,18968412
that I believe are fraudulent, and injected into the database.
Have anyone else noticed a similar event where order appear in their store, but
no notifications, and no payments taking place ?
|
|
|
| | | | | |
| | | | | Author: | jennnifer | | Posted: | Apr 21, 2022 17:14 | | Subject: | Re: Paypal fraud suspision | | Viewed: | 75 times | | Topic: | Problem | |
|
| In Problem, bjarkev writes:
| | Hi,
Not sure to post here or in Payment options, but here goes.
Since the 18th April, I have had 3 orders where it states on the order page,
that payment have been done via Paypal on Bricklink, normally that is perfectly
fine, I receive an order confirmation with the order number and items ordered,
and a notification from Paypal that payment have been received. All great and
transaction is completed, and order can be sent out.
How ever, as I said, I have 3 orders in my order book, where it says payment
have been done, however. NO confirmation from Bricklink via mail, I only noticed
the orders by checking the order list. Also, no notification from Paypal, and
going through the transaction log from Paypal there is NO record of a transaction.
Now, unfortunately one order was shipped out, not thinking anything of it, as
the order page shows everything is OK.
But the other two is now on hold, until I get to the bottom of this. I think
there is widespread SQL injection going on into the order system at Bricklink.
IF any admins, Bricklink support reading here, it's order numbers 18944647,18963327,18968412
that I believe are fraudulent, and injected into the database.
Have anyone else noticed a similar event where order appear in their store, but
no notifications, and no payments taking place ?
|
I would think if there was a system-wide problem like this, there would be quite
an outcry.
Check your spam folder for the notifications. BL apparently just changed something
about the email they send.
Is there anything unusual about the contents of the orders that makes you believe
a computer made it up?
Paypal was down for a bit there... perhaps a payment didn't go through?
If the sales weren't Instant Checkout, the buyers can mark their orders Paid
even without paying.
Have you asked your buyers if they had any issues?
Good luck,
Jen
|
|
|
| | | | | | | | | |
| | | | | | | Author: | bjarkev | | Posted: | Apr 21, 2022 17:42 | | Subject: | Re: Paypal fraud suspision | | Viewed: | 65 times | | Topic: | Problem | |
|
| Triple checked spam folders, and Paypal, and there is NO trace of the transactions,
other than they appear on the orders list. I reached out to the users, and one
provided a "Proof" with in a minute, with a transaction numbers that does not
correspond with the usual serialization of Paypals auth numbers. Also the fact
that There is no Bricklink order confirmation mail, unless both Paypal AND Bricklink
was down at the same time and unable to provide the confirmation mail.
I will not process the orders until paypal confirmation have been received, I
have contacted all 3 users for completion of payment.
In Problem, jennnifer writes:
| | In Problem, bjarkev writes:
| | Hi,
Not sure to post here or in Payment options, but here goes.
Since the 18th April, I have had 3 orders where it states on the order page,
that payment have been done via Paypal on Bricklink, normally that is perfectly
fine, I receive an order confirmation with the order number and items ordered,
and a notification from Paypal that payment have been received. All great and
transaction is completed, and order can be sent out.
How ever, as I said, I have 3 orders in my order book, where it says payment
have been done, however. NO confirmation from Bricklink via mail, I only noticed
the orders by checking the order list. Also, no notification from Paypal, and
going through the transaction log from Paypal there is NO record of a transaction.
Now, unfortunately one order was shipped out, not thinking anything of it, as
the order page shows everything is OK.
But the other two is now on hold, until I get to the bottom of this. I think
there is widespread SQL injection going on into the order system at Bricklink.
IF any admins, Bricklink support reading here, it's order numbers 18944647,18963327,18968412
that I believe are fraudulent, and injected into the database.
Have anyone else noticed a similar event where order appear in their store, but
no notifications, and no payments taking place ?
|
I would think if there was a system-wide problem like this, there would be quite
an outcry.
Check your spam folder for the notifications. BL apparently just changed something
about the email they send.
Is there anything unusual about the contents of the orders that makes you believe
a computer made it up?
Paypal was down for a bit there... perhaps a payment didn't go through?
If the sales weren't Instant Checkout, the buyers can mark their orders Paid
even without paying.
Have you asked your buyers if they had any issues?
Good luck,
Jen
|
|
|
|
| | | | | | | | | | | | | |
| | | | | | | | | Author: | 1001bricks | | Posted: | Apr 21, 2022 17:49 | | Subject: | Re: Paypal fraud suspision | | Viewed: | 60 times | | Topic: | Problem | |
|
| In Problem, bjarkev writes:
| | Triple checked spam folders, and Paypal, and there is NO trace of the transactions,
other than they appear on the orders list. I reached out to the users, and one
provided a "Proof" with in a minute, with a transaction numbers that does not
correspond with the usual serialization of Paypals auth numbers. Also the fact
that There is no Bricklink order confirmation mail, unless both Paypal AND Bricklink
was down at the same time and unable to provide the confirmation mail.
I will not process the orders until paypal confirmation have been received, I
have contacted all 3 users for completion of payment.
|
PayPal the most often - here - does NOT send you anything, don't rely on
this.
Simply check your PayPal account, if not paid then don't ship.
Maybe you can change the Paid status to Not Paid on BrickLink?
|
|
|
| | | | | | | | | | | | | | | | | |
| | | | | | | | | | | Author: | peregrinator | | Posted: | Apr 21, 2022 17:59 | | Subject: | Re: Paypal fraud suspision | | Viewed: | 57 times | | Topic: | Problem | |
|
| In Problem, 1001bricks writes:
| | PayPal the most often - here - does NOT send you anything, don't rely on
this.
|
Yes, this. When I get an order through IC, I get a notification from BL, not
from PayPal. Additionally, when I send out an invoice and it gets paid, I get
a notification from BL, and not from PayPal.
|
|
| | | | | | | | | | | | | | | | | | | | | |
| | | | | | | | | | | | | Author: | Tracyd | | Posted: | Apr 21, 2022 18:03 | | Subject: | Re: Paypal fraud suspision | | Viewed: | 72 times | | Topic: | Problem | |
|
| In Problem, peregrinator writes:
| | In Problem, 1001bricks writes:
| | PayPal the most often - here - does NOT send you anything, don't rely on
this.
|
Yes, this. When I get an order through IC, I get a notification from BL, not
from PayPal. Additionally, when I send out an invoice and it gets paid, I get
a notification from BL, and not from PayPal.
|
He did say there is not a payment showing in PayPal.
|
|
| | | | | | | | | | | | | | | | | | | | | | | | | |
| | | | | | | | | | | | | | | Author: | 1001bricks | | Posted: | Apr 21, 2022 19:06 | | Subject: | (Cancelled) | | Viewed: | 60 times | | Topic: | Problem | |
|
| | (Cancelled) |
|
| | | | | | | | | | | | | |
| | | | | | | | | Author: | jbroman | | Posted: | Apr 21, 2022 21:02 | | Subject: | Re: Paypal fraud suspision | | Viewed: | 73 times | | Topic: | Problem | |
|
| In Problem, bjarkev writes:
| | Triple checked spam folders, and Paypal, and there is NO trace of the transactions,
other than they appear on the orders list. I reached out to the users, and one
provided a "Proof" with in a minute, with a transaction numbers that does not
correspond with the usual serialization of Paypals auth numbers. Also the fact
that There is no Bricklink order confirmation mail, unless both Paypal AND Bricklink
was down at the same time and unable to provide the confirmation mail.
I will not process the orders until paypal confirmation have been received, I
have contacted all 3 users for completion of payment.
|
I would call PayPal with the number given and see if they have a record of it.
The buyer may have sent it to the wrong address if it was offsite.
|
|
|
| | | | | |
| | | | | Author: | hpoort | | Posted: | Apr 22, 2022 00:38 | | Subject: | Re: Paypal fraud suspision | | Viewed: | 55 times | | Topic: | Problem | |
|
| In Problem, bjarkev writes:
| | Hi,
Not sure to post here or in Payment options, but here goes.
Since the 18th April, I have had 3 orders where it states on the order page,
that payment have been done via Paypal on Bricklink, normally that is perfectly
fine, I receive an order confirmation with the order number and items ordered,
and a notification from Paypal that payment have been received. All great and
transaction is completed, and order can be sent out.
How ever, as I said, I have 3 orders in my order book, where it says payment
have been done, however. NO confirmation from Bricklink via mail, I only noticed
the orders by checking the order list. Also, no notification from Paypal, and
going through the transaction log from Paypal there is NO record of a transaction.
Now, unfortunately one order was shipped out, not thinking anything of it, as
the order page shows everything is OK.
But the other two is now on hold, until I get to the bottom of this. I think
there is widespread SQL injection going on into the order system at Bricklink.
IF any admins, Bricklink support reading here, it's order numbers 18944647,18963327,18968412
that I believe are fraudulent, and injected into the database.
Have anyone else noticed a similar event where order appear in their store, but
no notifications, and no payments taking place ?
|
Are you sure it is not a combination of:
(1) on Bricklink it shows that the order is configured to be paid through PayPal
(2) on Bricklink you see the buyer has marked the order as paid
(3) in your e-mail you see a message that you believe is from PayPal - but is
not; there have been many reports about this fake mails
(4) in PayPal you got confirmed that there has been no payment and thus that
there has not been a legitimate message from PayPal
(5) on the Bricklink forums, you get confirmed that this combination of events
is a common way of tricking you into shipping while no payment has come yet nor
will ever come.
Cases like this have been reported multiple times over the last weeks.
Report the fraudulent user(s) through https://www.bricklink.com/problemMember.asp
|
|
|
| | | | | |
| | | | | Author: | Gaston.La.Brick | | Posted: | Apr 22, 2022 01:42 | | Subject: | Re: Paypal fraud suspision | | Viewed: | 58 times | | Topic: | Problem | |
|
| What happened to me in the past, might be the case here as well:
I use a different email address for communication than the one that is linked
to my PayPal account. It has happened a buyer sent the amount via PayPal directly
to the email address that I use to generate the order mail and communicate with.
In other words: the money was sitting in the account of that email address.
So it was sent, but not to the PayPal account I expected it to be sent to.
Thanks,
Henri
|
|
|
|
|
Luxembourg
USA, Illinois
France, Provence-Alpes-Côte d'Azur
Canada, British Columbia
Netherlands, Groningen
Belgium