I use Open Cart Version 3.0.3.2.
November 2024, I received over 300 Fraudulent orders with fake name, fake addresses, and stolen card numbers.
They went through Paypal Pro for payment. There were actually 8 different orders that were processed for payment over and over again. The dollar amount ranged from $12.00 to $35.00 per order.
At first, I only captured 1 of each order and voided the rest because I thought that the fraud involved getting reimbursed because of duplicate orders. Voiding this many orders on Paypal took about 5 hours.
Somehow the orders showed up in the Opencart database, but not as new orders.
I suspected that the hackers were able to access the database directly, so I changed the database password and changed it in the config.sys file and the admn/config.sys file. I also changed the Unix file permissions for these to files to 711 instead of 755.
This allows these files to be executed, but not read. These 2 files contain all of the information to hack into your database (path, user name, password to database).
For the last 20 orders through Paypal, I had a new idea.
Capture the fraud payment, charge them $.50 each instead of voiding it and sending a message that said "Fraud Alert, your account was charged $25.00 on my website and rather than void it, I am charging you $.50 and letting you know that somebody is trying to use your card".
I have had no fraud orders since doing this. Paypal said that they received hundreds attempts to take money from my Paypal account, but I had already withdrawn my money.
Feel free to drop us an email for a quick estimate: info@antropy.co.uk
UK OpenCart Hosting | OpenCart Audits | OpenCart Support - please email info@antropy.co.uk
Drop me email
Got an urgent question that’s keeping you up at night? There might just be a magical inbox ready to help: khnaz35@gmail.com
Enjoy nature 
Hello There,
Greetings!
After reviewing your requirements, I'm excited about the opportunity to help with your project.
Please share your contact details so that we can discuss this further.
Email: ianradnor088(at)gmail(dot)com
Skype: live:ianradnor088
Looking forward to your response.
Regards,
Ian
Greetings!
After reviewing your requirements, I'm excited about the opportunity to help with your project.
Please share your contact details so that we can discuss this further.
Email: ianradnor088(at)gmail(dot)com
Skype: live:ianradnor088
Looking forward to your response.
Regards,
Ian
Opencart Specialist | Email: ianradnor088@gmail.com | Skype: ianradnor088 | Ph. +13232875754 |
Hello there
Greetings
After reviewing your situation, I’m confident I can help secure your website and prevent fraud with stronger database protections and fraud detection strategies.
Please feel free to contact me for further discussion:
E- alanjones(dot)tis(at)gmail(dot)com
Skype: live:.cid.6a62b7b34d1aa390
I look forward to connecting with you.
Regadrs
Alan Jones
Greetings
After reviewing your situation, I’m confident I can help secure your website and prevent fraud with stronger database protections and fraud detection strategies.
Please feel free to contact me for further discussion:
E- alanjones(dot)tis(at)gmail(dot)com
Skype: live:.cid.6a62b7b34d1aa390
I look forward to connecting with you.
Regadrs
Alan Jones
Opencart Specialist | E- alanjones(dot)tis(at)gmail(dot)com |Skype - live:.cid.6a62b7b34d1aa390
Who is online
Users browsing this forum: paulfeakins and 7 guests
