Site under attack! Suggestions?

sell

products

product

website

code

selling

few

down

game

explanation

crazygametime 2012-07-31 23:31:59 UTC #1

OK, I am selling game card codes. So there's no download involved. E-junkie sends out emails after each transaction is completed. My website hosting server is running fine and the checkout process is working. The only sign that makes it look like attack is, I sell a code every 30 minutes, no matter it is 11 am in the morning, or 4 am at night, until there's nothing to sell. And typically after a day or 2, PayPal will email me regarding a few new disputes of unauthorized charges.

So tonight I turned my entire website down and if you visit it now, you will get a big "Maintenance" image. The product pages won't show unless you enter the password. Guess what? I am still selling things!

So my explanation is, someone is using a programmed thing to buy directly via the e-junkie's shopping cart code. Through previous visit, he or she found out my product ID and my client ID at e-junkie, which are used to identify my products, and this person is now using it to take me down. Because for ordinary customers now, they can't even see what my products are!

Any suggestions? Please help!

Update: I now request buyers to enter their addresses and phone numbers (shipping is set to be 0). Hope this will offer a little security. Still, any suggestion is welcome. Thank you!

E-junkie_Guru 2012-08-01 12:47:49 UTC #2

It appears you have posted product listings to your E-junkie Shop, so these buyers are probably purchasing directly from there without going to your site at all:

http://www.e-junkie.com/crazygametime

Posting product listings to an E-junkie Shop is an optional step typically only used by sellers who don't have a Web site of their own; these listings are not necessary if you only want to sell directly from your own site.

To remove your Shop listings, you can go to Seller Admin > List Products in your E-junkie shop and our Marketplace, select your product in the menu, and press the button to Add/Edit Listing in your E-junkie shop and our Marketplace; then, just delete the product Details and click Next. Repeat this for all products which have a Shop listing.

Also, if you have customized your products' Message (HTML) setting to display purchased codes in the buyer's thank-you page, you may want to remove that, so buyers would need to receive their thank-you email in order to obtain their codes. This may help with cases where the buyer uses a stolen/hacked PayPal account, as such fraudulent buyers would be unable to obtain codes purchased in this manner if they do not also have access to the email inbox account associated with the PayPal Email they used for payment. The codes issued for each transaction are listed in your E-junkie Transaction Log, so you might be able to recover your costs by reporting any stolen/fraudulently-purchased codes to Xbox Live before they've been used.

crazygametime 2012-08-01 12:55:43 UTC #3

Thanks for the reply. I will remove the e-junkie listings and double check my thank you page setting.

However I am still getting these "every 30 mins" sales during the night, and of course, disputes from PayPal. As I said, it was not the sales themselves but the pattern makes me worried.

But thanks to the log system, I am able to post the code again for sale right after receiving the dispute. No real lost so far. Keep my fingers crossed.

SOLUTIONS FEATURES PRICING DISCOVER PRODUCTS CONTACT HELP DOCS DASHBOARD

Forum

E-junkie Community Forum

Share and learn in the E-junkie community.