Home > General > Affiliate Marketing Forum

---

Anyone have fraudulent credit card charges after paying for whatrunswhere.com? (35)

---

I signed up for WRW in July and within a couple of days of paying my card was used for multiple fraudulent transactions.
Contacted whatrunswhere.com support but they couldn't see any potential issues on their end.
I cancelled the card, got a new one, then re-subbed on 9th Aug. On the 11th of August my card was again used for fraudulent transactions.

PC has NOD32 and Malwarebytes Pro running and regularly performing full scans, haven't used the card in a physical location, the replacement card in question has been used for very few transactions since it was issued so although this could be nothing more than coincidence, naturally I'm concerned. Was wondering if anyone has had any similar issues?

---

Hi, my girlfriend had the same problem but we were not sure it was for WRW. Someone attempt to buy something from a russian webamsters web by the value of 500 € and credits in Skype too.Luckily the bank asks SMS verification for purchases.

---

This actually happened to me a couple months ago and I contacted them too. Was pretty sure it was WRW since the day I put in my new credit card info it got charged and WRW was the only place that had my info. I didn't sign up for a plan either just entered card info.

---

OK thanks for the feedback guys, also found someone else in a skype group who also had fraud issues after subscribing with them.
Hopefully someone from WRW can chime in and look at this in more detail.

---

i renewed my wrw subscription in june and last week my amex card had fraud issues but can't be certain it is wrw. Someone tried to buy $400 of aeropostale stuff with it.

---

I had fraudulent charges as well a couple days after signing up for a trial to wrw. I did not realize that was the issue though. Cancelled my card and got a new one. Hopefully they can take care of that.

---

I had two new cards been hacked back to April this year. At that time I changed card detail in wrw due to card renewal from the bank. Then bad things happened soon after. Not sure it's coincidence or not.

---

Had some weird charges on my card around the time I was signed up to wrw, but don't remember the exact dates. May or may not have been related.

---

It may be the payment processor that was hacked and not wrw. Nowhere near as much investment in security as there should be.

---

Me too! I wasn't sure it was for the wrw suscription but after read it I'm sure. They charged me more than $6000 in flights and hotels...

---

This is quite concerning... WRW should step in here for some clarification.

---

Yeah then they really need to check what's going there. Hopefully they saw this thread already.

---

Hey there, Max here from WhatRunsWhere.

WhatRunsWhere uses a third party service called Chargebee to handle and process all of our credit cards. The actual information is never stored on our servers and we never handle it in an unencrypted manner. The data is passed directly to Chargebee, after which we have no direct contact with it. We bill against a vault record in their PCI compliant database. It is not possible for the card information to be compromised from our website. WhatRunsWhere does not track, maintain or store any credit cards or billing information used to sign up for our service.

Our developers perform regularly scheduled security reviews of our entire billing system. We will continue to monitor the health of our billing gateway and assure all of our users that their security is our top priority.

If there are any questions or concerns please feel free to contact me directly at max@whatrunswhere.com

I would be happy to answer any specific questions about our billing set up if anyone has some.

---

Can you open an inquiry with Chargebee?

---

Maybe time to switch your third party service...

---

We can and already have here. Chargebee pulls directly from our Merchant Gateway. They are a PCI compliant partner, so if their card data was compromised, I think there would be a HUGE issue.

Again, we have vetted every service we work with, each is a PCI compliant partner. We take this VERY seriously and will of course explore all options.

---

What other payment options do they provide? Paypal?

PCI compliance is better than nothing, but it is still a low hurdle. All the major card hacks recently involved mostly PCI compliant players.

---

We do not offer paypal at this time, we have some clients that pay us via bank wire or cheque for larger accounts.

Best,

Max

---

Do you mean to say you have notified Chargebee that some of your customers are experiencing fraudulent transactions that they are potentially able to tie back to the Chargebee payment processing platform?

As opposed to identifying who manages your payment processing on a relatively private forum.

---

Well, wire transfer it is.

---

That is not what I said. I said we are looking into it, and have reached out to Chargebee with the issue to see if they can help. We are not able to tie these concerns back to anything at the moment, so I can't really comment on that. I hope that clears up the confusion. If I have concerete information to report back around this thread, I will do so immediately.

---

This is worrying I just signed up for the trial too.

---

Thank you for the clarification.

---

Whatrunswhere, we understand you use 3rd party payment processor. But then again I would expect you to say you are sorry at least.

My partner just called me he got charged 350USD from some Russian hotel. It was a new credit card he used on wrw.

It's really worrying.

---

Any time someone has a issue with a compromised credit card it is a serious issue and one that anyone should take seriously. We take these allegations VERY seriously but at this time have no hard evidence to prove a breach. If you or anyone else in this thread would like to send me exact details privately of the date of signup, fraud charges and all of that, we would be very intrested in hearing from you. I feel it is relevant to point out that we have a large userbase and a fair number of new signups every day, what doesn't make sense is why not EVERY card would be breached if there was a potential breach. I sign up with my personal cards all the time to test out things we do, and have never had an issue. We also have a number of larger clients who use their credit cards and none have experienced any issues.

We are continuing to dig in here and make every reasonable effort to find out what's going on. We are definately sorry that anyone here has experienced any issue or has any negative feelings towards our service.

We have heard back from Chargebee, here are their security standards https://www.chargebee.com/security.html. We are also digging into a few different paths with them, but so far we have not found anything out of the ordinary. As I have said, I will dilligently continue to update this thread as I find out new information. This situation is our top priority and we want you guys to have the confidence and trust in WhatRunsWhere. We will do everything in our power to make sure that happens.

---

My student was also charged around $600 shortly after he subscribed to the service few months ago.
That's why I rather prefer to attach CC to PayPal or do a wire.

---

Here's a potential thought for all affected...

Do you have some sort of adware installed on your computer that you're using for 'spying' purposes?

You should always separate your spying computers from your banking computers.

---

Guys, please send them some useful data. I'm sure some of you have but...

All I see right now is anecdote after anecdote, and these vague details don't exactly help much in diagnostics of potential credit card fraud.

Next it will be "I heard from Janet that our new neighbours used to work for a place where the janitor signed up for WRW, and a week later he had a $198.71 charge from a Ukrainian flower company".

Jennatalia also raises a good point. You are all linked within a small niche demographic and the relatively small number of reported frauds amongst a much larger consumer base may suggest a separate, relatively popular resource is a culprit.

---

These are very interesting theories and one that I will bring up with our team as well. It seems VERY odd to me that for example, SirusXM, who is a nice client for us and pays us via CC has had no issues at all. If there was a breach, wouldn't that breach target them as well? As I have said, we're all working as hard as possible to look into every avenue here. This isn't falling on deaf ears and it's not something we take lightly. At that same time, these allegations are seriously impacting our brand, so we would appreciate if we were given the time to keep digging to find out if there is anything here.

I have contacted a few of you for direct detials. The most helpful thing is if you fear an issue, send me a pm. Please include, your email you signed up with, the dates of the alleged charges, the bank you bank with and the type of card you use. If there is a pattern here, this will help identify it.

---

It's not unreasonable to imagine a scenario where attackers breached your system and modified your form processing code, or maybe even your ChargeBee API wrapper, to log the credit card numbers or send them to another server. The card numbers aren't encrypted browser-side, so they are unencrypted in your memory and accessible to malicious code. It would also explain why some customers aren't affected by this - they signed up before the breach.

Of course I can't say that this is the case for sure, but it seems possible.

---

We’re obviously quite concerned at the issues raised here and we have taken the opportunity to do a full review of our systems and application code to ensure that nothing like you’ve mentioned has in fact occurred. I would strongly disagree with your theory of an attacker installing an intercept on our servers for a few reasons: (1) we actually upgraded to a totally different server during the time frames in which these issues were raised (2) we’ve done multiple, very thorough security audits of our system that examined each aspect of our web stack, from the application code down to the operating system. (3) We also responded to published vulnerabilities like Heartbleed by regenerating our SSL keys.

We’ve devoted a great deal of time and resources to making sure that our system is safe for our customers and we’ve even increased our vigilance in the wake of the issues raised here. However, you have to remember that we've processed transactions for TENS OF THOUSANDS of customers over the past years and the result is a relative handful of potential issues that have been raised here. We’re not going to overlook anything and we’ll continue to investigate anything that’s brought to our attention, but right now we feel very confident that our systems can be trusted. The safety of our users is our top priority and please know how seriously we take this.

---

Yikes ...

---

I was a WRW customer but already canceled my account a couple months ago.

Just checked, no odd credit card charges here.

As I'm working on developing a SaaS product right now - this whole thing is quite a horror scenario. Keep us updated with what you found out.

---

please do inform us when everything has been sorted out. I wanted to sign up to whatrunswhere over the weekened though I feel more comfortable knowing our information is secure with your 3rd party processor. many thanks!

---

Paul we are at this point confident that your information is secure. We are still digging in here, but have found mixed results:

One user who we contacted here did a virus scan and found malware on his computer, this follows certain theories posted here. I am not sure if this is a real theory, but just pointing out what we have found so far.
There is no consitant pattern here that would lead us to consider a breach has occured.

If you sign up and have any issue, I am here to help, but as far as we can see, everything is fine here at this point. As I have said, this is something we continue to keep a close eye on and will provide updates if there are any.

---

Home > General > Affiliate Marketing Forum