Maybe this is the wrong forum - actually I’m pretty sure this is off-topic for this forum - but I don’t know where else to ask. TOF doesn’t seem like the most hospitable place for this type of topic.
In the past week I have had two purchases that follow a similar pattern. I’m usually really good at understanding the goal behind a scam, but this has me scratching my head. In both cases, the purchase is made with an email address that does not exist. Then in 24 to 48 hours I get an email, all lower case, from that same address wondering why they never got their email. Of course, since the address does not exist I cannot reply. So I’ve gone digging into the purchase information. In both cases the address is real, and in the first, the cardholder name matches that of the owner of the address. In the second, they don’t match at all.
Best I can tell, the cards and addresses are purchased by scammers and these transactions are designed to test the validity of the card. But… why follow up with an email that I can’t reply to? In the case of the first transaction, the email address looks crafted to match the cardholder name. But in the second case, the email address includes my product name and even the game my product works with, demonstrating a clear understanding of the product which doesn’t make sense for scammer.
I’d like to believe these transactions are just inattentive customers, but the second address is clearly setup exclusively for my product. It’s not like
firstname.lastname@example.org that somebody would use to differentiate, but a very distinct address. It doesn’t make sense. But nor does the fraud possibility really.
I’ve refunded both the transactions as fraudulent. But I can’t really wrap my head around what the goal is. If you’re testing the card, why follow up with a support ticket? Nothing about this makes sense to me, and I’m wondering if anybody has any ideas.