PayPalMystery

Update from my reader, the small software vendor:

“Mystery solved. The first chargeback came through today for one of the first purchases (June 8th). PayPal opened a claim regarding that purchase with the following: “The buyer stated that they did not authorize this purchase.” Oddly enough, the email associated with the claim is still the same fake email (by fake, I mean it doesn’t exist). So it seems they were just using my order form to test stolen credit cards.
.
“I spent 35 minutes on hold with PayPal, was handed off three times, but finally spoke with a person who seemed to know what was up. I told her there were 19 more purchases that will eventually become chargeback claims. She said having that many claims might flag my account to be reviewed (or frozen). She said that I should proactively refund the amounts because once I do that, a claim cannot be opened regarding the purchase.
.
“She confirmed that I would not be charged twice in the event that the fraudster is also redirecting the refunds. Notably, there is a penalty to me for letting them go to a claim status: if  I refund after it has become a claim, then I don’t get the PayPal fees refunded. In the example of the first chargeback mentioned above, I not only have to refund the $79, but I have to cover the $2 or so in PayPal fees. Insane, yes, but I don’t have time to fight over $2. So I’m refunding all of the purchases today.
.
“The most valuable part of the phone call was at the end. She gave me instructions for blocking all non-US payments. After being a mildly international company for 20 years, I’m back to being US-only which is fine by me if I don’t have to mess with any more European fraudsters. Well, at least I hope I don’t.
.
“Thanks again for all the great suggestions in this thread and thanks to Bob for posting this mystery.”

A loyal reader of this column has come to me with a problem that I, in turn, am submitting to all of you. He sells downloadable software over the Internet but lately some customers have been ordering, paying, downloading, yet not requesting the required unlocking key to use their software. Money is piling-up in the reader’s PayPal account and he is starting to worry this is some kind of scam. But if it is, it’s a scam that’s new to me.

The first such order was placed on June 4th and there have been 20 such customers so far, though some of those customers have placed double orders so the total amount is $1,758. The reader is in the USA but the orders have come from Belgium, Norway, Switzerland, France, Germany, Austria, Sweden, Japan, and Israel. Nobody has requested an unlocking key and nobody has requested a refund.

Now it gets stranger. All the orders used legitimate-looking e-mail addresses, yet all except one address bounced back as invalid. The PayPal transactions, however, all went through. PayPal is scratching its digital head, too, saying they have no idea what’s happening.

As an experiment the reader raised the price of his product from $79 to $790. No sales happened at the higher price but then an order went to an alternate distributor who charges $99. Again, no request for an unlocking key. The alternate distributor supplies my reader with an IP address for each transaction and the bogus (is bogus even the right term for this?) order that came through this channel was from 141.135.104.13, which is apparently in Belgium.

Fearing there’s another shoe to fall my reader has pulled his money out of PayPal except for enough to cover refund requests — should they happen — from these weird transactions.

Have you seen anything like this before? What’s going on?