Our office here has an online reservation server so you can book our homes online. We usually get about five or six bookings a day on it, as well as all the bookings we get from people calling us.
Last night we had a $2,000 booking online that the front desk was getting all excited about, until they noticed the card didn’t go through. Since I have access to the credit card logs on the server, I looked at the logs and it gave an ugly error code followed by “Hold Card — Call” which I assume meant that the card was stolen. They tried to call the phone number on the reservation, and it didn’t go through (and reverse look-ups didn’t show anything). So I started to look a little closer at the reservation, and there were several things that were whacky:
- The state code was “LO’ which, last I checked, wasn’t a state abbreviation (Louisiana is “LA”).
- The phone number was a repeating pattern of four numbers, and the area code is for Pennsylvania.
- The zip code was a Missouri zip code.
So I knew this was obviously a stolen card, and since it was an online transaction, there would be some sort of IP record in my server logs for this guy (and Visa was probably going to ask for it when we call). Since a full online booking with our system only hits a certain page after the booking was completed, it was easy to search the log lines out just by searching for that file name. After matching up the time stamps from the booking with the logs, I come to find out that the booking was made from an IP address in Nigeria.
Needless to say, the booking has been cancelled and our accountant will be calling Visa here shortly. More than likely, the owner of the card was caught up in some phishing scam and gave out their credit card number. Just the same, I do want to make sure whoever did this gets busted (though I do doubt that it will happen).
Comments
That’s so sad! But, why do a fake booking? to test the card?
I think they intended on chargin the card, but it didn’t go through. Our system, because of the delay in processing cards, actually gives a confirmation page saying your reservation went through, while charging the card in the background (it’s not an ideal system, I know, but it’s out of my control). Our staff then confirms the reservation by calling the guest after we receive the booking.
Considering that most hotel type environments only charge the card once you’ve stayed (or no-showed) it could be that the card *will* be good upon arrival, the guest would use a different card, pay cash, etc.
On the other hand if they are aware up front that you do charge the card – visits are prepaid – then you could be looking at different types of scams all together. Typically, this starts to look like money laundering – especially if they charge on the card and as for a cash equivilant refund.
We charge at least a minimum of a night or two or three depending on the length of stay in the home, and if it’s less than 30-days out (60 if it’s busy season) then all money is due up front. It’s pretty standard in this industry in this area.