Jump to content

Fraudulent activity on client's site

Recommended Posts

Site URL: http://www.CGHFoundation.org

Hi everyone! I'm stuck in a weird situation and wondering if anyone has run into this or seen/heard of  this before:

I designed a squarespace site for a client's foundation, after completion I transferred ownership to them and every once in a while I get a call from them asking me to update or add something but for the most part I don't actively monitor this site. 

I get a call on Jan 4th that there are some squarespace charges showing up on their credit card statement and when I got to the site to figure out what is going on I see that someone has purchased several domains. Upon discovering this I immediately reached out to customer service to report the issue, get it fix and reverse the charges made to my client. 

They "locked" the account making the purchases but because I'm no longer the "owner" they couldn't tell me which account was the issue (which didn't seem  to be a problem), they forced a password reset, we cancelled the domains and problem solved....

Except it wasn't. Two days later it happens again, and this time I get a call from the client telling me that they foundation was contacted by someone claiming they received a $8000+ charge on their credit card. When I log into the site the domain issue is happening again. I again contact customer service and we investigate. They tell me that the forced password reset was initiated and COMPLETED... meaning someone has access to my client's email. They have changed the passwords and now my client and owner of the site can no longer access the site. This is also when I look at the "invoices" tab to find that this is bigger than I originally thought. It's been going on every single day since December 10th. 

The person(s) doing this purchase 1-3 domain names each day, cancelling them the next day. Overall, the charges hit my clients card then are refunded a few days later. There doesn't seem to be a gain here? They can't see his card info (at least I don't think) and he's not really out any money.. yet?

We've tried the "forgot password" to access my clients account BUT he doesn't get an email from squarespace which leads me to believe that they may have also changed the email associated with his account and we're stuck.

I again contact customer service who doesn't seem to be taking this for the issue that it is told me that we need to fill out the form they sent to me to try to recover the account. 

I'm still waiting and trying to convince someone via email now that we are having a serious issue and that this needs to be stopped... but all I keep hearing is "the domains were purchased and refunded" and they don't seem to see the issue that someone else has access and essentially control of my clients site. If they were to say, decide to delete MY permissions we will lose control completely. 

 

MY BIG QUESTION...
why? What is the game here? Why would someone do this and what are they gaining by doing so? They are repeatedly purchasing domains then the next day cancelling them on their own, meaning they are refunding the money. This seems weird and I don't understand what someone is gaining my doing this? 

ANY ideas/thoughts?

Screen Shot 2021-01-07 at 9.48.36 AM.png

Screen Shot 2021-01-07 at 9.48.45 AM.png

Screen Shot 2021-01-07 at 9.48.55 AM.png

Screen Shot 2021-01-07 at 9.49.01 AM.png

Link to comment
  • Replies 1
  • Views 1.8k
  • Created
  • Last Reply

Archived

This topic is now archived and is closed to further replies.


×
×
  • Create New...

Squarespace Webinars

Free online sessions where you’ll learn the basics and refine your Squarespace skills.

Hire a Designer

Stand out online with the help of an experienced designer or developer.