BV Commerce Forum
»
BV Commerce Support
»
General Support
»
Received an order with the product which isn't on our website...
Rank: Member
Joined: 2/18/2006(UTC)
Posts: 172
|
[3]Something really weird happened to me today. We have received a fraud order today with the product which doesn’t belong to our store. Order is in the Order Manager but of course wasn’t authorized. Anyone can explain me how could that happen? [/3]
|
|
|
|
|
|
Rank: Member
Joined: 1/3/2004(UTC)
Posts: 1,497
|
Was the product from another BVC store? If so, Wild Guess: Neither you nor the other store changed the default cookie so the person had 2 stores open and the cookies got mixed up? I don't know if this is true, but may be worth looking into. |
|
|
|
|
|
|
Rank: Member
Joined: 2/18/2006(UTC)
Posts: 172
|
I don't think so... It wasn't real order, someone knew what he was doing. Check his billing/shipping address; <SPAN id=ctl00_MainContent_BillingAddressField>A. Customer 1212 Road St. Bradenton, FL 34202 123-456-6953 <SPAN id=ctl00_MainContent_EmailAddressField> [email protected] As you can see, this is the fraud order. I can't just understand how this order went through the system...
|
|
|
|
|
|
Rank: Member
Joined: 4/30/2007(UTC)
Posts: 383
|
Have you alerted BV Support? Sounds like a potential security issue.
|
|
|
|
|
|
Rank: Member
Joined: 2/18/2006(UTC)
Posts: 172
|
not yet... should I create a ticket?
|
|
|
|
|
|
Rank: Member
Joined: 1/3/2004(UTC)
Posts: 1,497
|
Is your store modified in anyway or is it OOTB?
I would create a ticket. |
|
|
|
|
|
|
Rank: Member
Joined: 4/30/2007(UTC)
Posts: 383
|
I'd say definately. If someone was able to gain access to your store to the point that they were able to buy items not in your store they've figured out something and it's not good.
|
|
|
|
|
|
Rank: Member
Joined: 3/1/2006(UTC)
Posts: 1,142
|
Can we get some more screen shots of what the order looked like? Maybe a shot of what the Order Details page in the admin looked like. Did the product have a name, sku, etc..? We definitely want to look into this issue further. |
Justin Etheredge
Senior Software Engineer
BVSoftware |
|
|
|
|
|
Rank: Member
Joined: 2/18/2006(UTC)
Posts: 172
|
<SPAN style="FONT-SIZE: 10pt; COLOR: black; FONT-FAMILY: Verdana">I’ve just created a ticket for that issue. This is really unbelievable; I still don't understand hoe could that happen...<?xml:namespace prefix = o ns = "urn:schemas-microsoft-com:office:office" /><o:p></o:p>
<o:p>[3] [/3]</o:p>
|
|
|
|
|
|
Rank: Member
Joined: 2/18/2006(UTC)
Posts: 172
|
[3]This is what I just found out: bunch of my Inactive product were cached somehow by Yahoo. You can click on the product link and able to purchase it. This happened after we switched to the BV5, I don’t know how to explain it…[/3]
|
|
|
|
|
|
Rank: Member
Joined: 3/1/2006(UTC)
Posts: 1,142
|
I'm not sure what you mean by "cached somehow by Yahoo". Did you have a Yahoo store and switch over? Are these products still in your store but just inactive? |
Justin Etheredge
Senior Software Engineer
BVSoftware |
|
|
|
|
|
Rank: Member
Joined: 2/18/2006(UTC)
Posts: 172
|
<SPAN style="FONT-SIZE: 10pt; COLOR: black; FONT-FAMILY: Verdana">I have never had a Yahoo store. We switched from BVC2004 to BV5. We still have that product in our store but all of them InActive. You can Search in the store but it is accessible from the Yahoo…<?xml:namespace prefix = o ns = "urn:schemas-microsoft-com:office:office" /><o:p></o:p>
<o:p>[3] [/3]</o:p>
|
|
|
|
|
|
Rank: Member
Joined: 3/1/2006(UTC)
Posts: 1,142
|
Oh, so someone searched on yahoo and found a link to a product which was inactive, but was still able to purchase the product. Can you give me an example of one of these links? Hopefully we can get to the bottom of this and fix it before SP3 comes out. |
Justin Etheredge
Senior Software Engineer
BVSoftware |
|
|
|
|
|
Rank: Member
Joined: 3/3/2006(UTC)
Posts: 1,737
|
I received an order a while ago for a product that isn't active, that was in a category that isn't active. I asked the customer how in the world he got through to it. He said he searched Google and clicked on the link. He apparently never left the product page and just went to the checkout page.
I'm guessing I had the category and product 'live' just long enough to get snatched by Google. Timing is everything.
Possible?
Mike, fake buyer in your case, anyway. A kid, likely. A adult intent on causing damage wouldn't have bothered to enter any address at all. |
Optimists invent airplanes,
Pessimists buy parachutes. |
|
|
|
|
|
Rank: Member
Joined: 3/1/2006(UTC)
Posts: 1,142
|
The application should still stop someone from checking out with an inactive product, I believe that we have some hot fixes that address the issue. |
Justin Etheredge
Senior Software Engineer
BVSoftware |
|
|
|
|
|
Rank: Member
Joined: 2/18/2006(UTC)
Posts: 172
|
Justin, I will email you example right now...
|
|
|
|
|
|
Rank: Member
Joined: 6/6/2005(UTC)
Posts: 483
|
I don't know if this will help or not but my guess would be, when someone did a search and clicked on the link, they really clicked on one of the cached pages instead of the site hyper link. My guess would be, they clicked on one of the cached product pages.
Next - lets say instead of removing the product from your store, you just inactivate it, so it doesn't show up. If it is a non inventory product or if you still have it in your store with positive inventory (just inactive) you should be able to purchase the product only if you can find it on the site. If the old product address is stored in one of the old pages on the search engine (and it is still a valid address) you should be able to bring it up and buy it. If the inventory is at zero he should not be able to purchase it.
I'm guessing this could be the case because I get an daily email from our site telling me which products are out of stock. All of them were sold out and have been checked as inactive (not removed). I haven't gotten around to figuring out how to fix it yet.
I did find a search engine (cant remember which one) that had cached pages for my site from several years ago. It was a nostalgia trip for me to see how much our site had improved from before BV to the present.
Hope this helps.
Bob Noble
|
|
|
|
|
|
Rank: Member
Joined: 1/3/2004(UTC)
Posts: 1,497
|
That site is at <SPAN class=a>www.archive.org |
|
|
|
|
|
|
Rank: Member
Joined: 2/18/2006(UTC)
Posts: 172
|
<SPAN style="FONT-SIZE: 10pt; COLOR: black; FONT-FAMILY: Verdana">Just received another order... I don't sell this product anymore, about 10-12 month… It is Inactive, Inventory=0. I have searched that item on Google and I found out that several Inactive items still cached and available on Google. I clicked on the Google link and I am able to add that item to the shopping cart and finish the purchase… How do I fix it?<?xml:namespace prefix = o ns = "urn:schemas-microsoft-com:office:office" /><o:p></o:p>
<o:p>[3] [/3]</o:p>
|
|
|
|
|
|
Forum Jump
You cannot post new topics in this forum.
You cannot reply to topics in this forum.
You cannot delete your posts in this forum.
You cannot edit your posts in this forum.
You cannot create polls in this forum.
You cannot vote in polls in this forum.