On the one hand, we’re thrilled to be a target. On the other hand, we aren’t that well off financially anyway. A recent denial-of-service attack racked up $352 worth of processing fees on our Authorize.net credit card donation portal. (They didn’t touch the PayPal portal. Remember, if you plan to give via credit card, you can still do so via PayPal without joining their service. Just look for the “Continue without logging in” option to bypass the whole PayPal registration thing.) If you’re in the position to pitch in $35, that would pay 1/10th of our loss and we’d be grateful. We’ll report all donations here in Brigada so you’ll know *exactly* what was given.
Can anyone explain what this “Denial of Service Attack” is all about?
Thanks for asking, Dennis. See my explanation in the reply to Justin.
i would have thought authorize.net would be able to reverse all the charges, wipe it all out, and you wouldn’t be hit for it. VISA offers guarantees against cybercrime like this…
Hi Justin. Unfortunately, my filters weren’t configured quite as efficiently as they should have been. For example, one filter allowed the hacker to ‘try’ a transaction, then it tried to *process* the transaction (at a cost of $1). If the transaction failed (because of flawed data), the filters worked, in that they protected the original reaction from completing. So praise to authorize.net for installing great filters. But what *hurt* me was — the $1 for the processing had still been spent, and, according to Authorize.net, it was my fault for arranging the filters like that (even though I had left them at the default setting, I was responsible). Once I learned this, I immediately changed the filters to that the process didn’t even *try* until all the data was solid. But by then, the hacker had already tried over 500 transactions, thereby costing me $500. I finally convinced one of relay services to cover $85 of the loss… but I’m still out the rest. It won’t happen again. I’ve yanked the authorize.net portal all together.