He forgot to mention that his IP would end up blocked/blacklisted and I’m not sure if, in the U.S, intentionally flooding a bank card processor with thousands of fake requests is a felony.
I was wondering if the payment processor would block the ridiculous number of transaction coming from the scam site.
It's questionable if the scammer took the time to implement protection against repeat requests from the same IP. Unless it's offered by the hosting provider. Chances are they are cheap as fuck.
I was wondering if the payment processor would block the ridiculous number of transaction coming from the scam site.
The requests aren’t sent through the scam website.
The guy wrote a python script that impersonates the requests sent by the scam website. So what they will see in their logs is his current IP
I understand what you mean now. The payment processes would surly block that IP, but he was getting reference numbers for each request.
Would the request not need some kind of access id of passphrase to associate the charges with the account? He copied a slew of variables that we didn't see. They can't bill for transactions by IP.
(post is archived)