is this a phishing thing?

[golfbravo77]

Hi MFS,

I've been advised by other forum users to contact you directly here. I recently tried to place an order at your website for various vaping supplies. Due to the restrictions in your address fields, my own card wouldn't work so I used my wife's. The payment was approved by the bank, and I subsequently provided whoever I was emailing with the verification code given to us over the phone by the bank. But I've had an email purporting to be from MFS, demanding we provide copies of my wife's signature and her bank details, and a picture of her passport or other photo id, before you will process the order.

Is this actually from MFS, or is this fraudulent? No other forum members have ever experienced this, either dealing with MFS or any other vendor - and neither have I. If this is legitimately from MFS, then apart from it being a ridiculous request (you can't seriously expect customers to send that kind of information via unencrypted email to a website address?), I'm pretty sure it's also a violation of the Visa Merchant's agreement which prohibits merchants from making proof of ID a condition of sale.

Thanks for any feedback.

 

[Teach]

Hi MFS,

I've been advised by other forum users to contact you directly here. I recently tried to place an order at your website for various vaping supplies. Due to the restrictions in your address fields, my own card wouldn't work so I used my wife's. The payment was approved by the bank, and I subsequently provided whoever I was emailing with the verification code given to us over the phone by the bank. But I've had an email purporting to be from MFS, demanding we provide copies of my wife's signature and her bank details, and a picture of her passport or other photo id, before you will process the order.

Is this actually from MFS, or is this fraudulent? No other forum members have ever experienced this, either dealing with MFS or any other vendor - and neither have I. If this is legitimately from MFS, then apart from it being a ridiculous request (you can't seriously expect customers to send that kind of information via unencrypted email to a website address?), I'm pretty sure it's also a violation of the Visa Merchant's agreement which prohibits merchants from making proof of ID a condition of sale.

Thanks for any feedback.

That doesn't sound right at all! I'd wait to talk to them before I did anything like that.

 

[golfbravo77]

That doesn't sound right at all! Hide wait to talk to them before I did anything like that.

Thanks - agreed. I just can't believe any legitimate online business would demand that. I'll definitely wait to hear from them before I do anything.

 

[AlexStiff]

Hello! May I ask what the email address this information was requested from so we can look into this further?

Thank you.

 

[golfbravo77]

Hello! May I ask what the email address this information was requested from so we can look into this further?

Thank you.

Hi Alex,

It was sent from chad@myfreedomsmokes.com - I'd be happy to forward the email to you, if you want.

thanks for following up.

 

[AlexStiff]

Please forward those emails to alex@myfreedomsmokes.com so I can give you personalized assistance due to not wanting your personal information posted.

 

[golfbravo77]

Please forward those emails to alex@myfreedomsmokes.com so I can give you personalized assistance due to not wanting your personal information posted.

Hi Alex, Done. Thanks

 

[AlexStiff]

This is the message that was sent to golfbravo77 about their situation:

"This is not a scam email but I will explain it a bit further in case you are still confused.
Every credit card order we have, we have a system that verifies the Billing Address provided, but we cannot verify over-seas cards. That gets put in the “manual review” section and Chad manually verifies that you are who you say you are with the information he asked you to provide. Once we verify the information once, there will be no need to re-verify unless you use a different card. If we do not receive the information within a week, the order is canceled and the money is refunded. It keeps not only the company safe, it keeps our customers safe.
We understand your situation, but we still require that information for us to process the order."

We never received the information so we canceled the order.

 

[TaylorMade]

This is the message that was sent to golfbravo77 about their situation:

"This is not a scam email but I will explain it a bit further in case you are still confused.
Every credit card order we have, we have a system that verifies the Billing Address provided, but we cannot verify over-seas cards. That gets put in the “manual review” section and Chad manually verifies that you are who you say you are with the information he asked you to provide. Once we verify the information once, there will be no need to re-verify unless you use a different card. If we do not receive the information within a week, the order is canceled and the money is refunded. It keeps not only the company safe, it keeps our customers safe.
We understand your situation, but we still require that information for us to process the order."

We never received the information so we canceled the order.

This is correct. The order was flagged by our Fraud Detection system as not having a verified address. This is common for international orders since the AVS (Address Verification System) only works for US and Canada addresses. Therefore we contact the customer directly to verify the transaction and card details (not the full card number, just the last 4 digits and expiration date), sign it, and provide id as proof that they are the actual card owner and live at the ship to address. This is done in accordance with the visa card acceptance guidelines as seen in the section below:



We certainly understand the inconvenience that this puts on our customers, but we feel it is necessary to keep our customers and non-customers safe from possible fraudulent transactions