Jump to content
Cruise Critic Community

Mr Sanchos and Credit Card Fraud

iewe

By iewe,
in Cozumel

 Share

Recommended Posts

chill6x6

chill6x6

Posted
Posted (edited)
On 8/31/2019 at 10:03 PM, Organized Chaos said:

One of two things is happening here. Either outside hackers have breached their website and Sanchos simply doesn't care to fix the problem, even though they've been made aware that their customers are being stolen from, or they are the breach and are stealing credit cards numbers themselves from their own customers. The former would mean they're grossly negligent & incompetent and the latter would mean they're thieves. Either one shows how crooked they are and that they can't be trusted. I'll certainly never do business with them.

Mr Sanchos nonchalance of this issue that has been well documented here has cost them two all inclusives for November.  I was between Mr Sanchos and Nachi Cocum.  This made the decision easy for me.  Nachi Cocum here we come!  

Edited by chill6x6
Spelling
Link to comment
Share on other sites
Organized Chaos

Organized Chaos

Posted
Posted
52 minutes ago, chill6x6 said:

Mr Sanchos nonchalance of this issue that has been well documented here has cost them two all inclusives for November.  I was between Mr Sanchos and Nachi Cocum.  This made the decision easy for me.  Nachi Cocum here we come!  

 
I must say, I'm very surprised that people who have had their credit card info. stolen from this would keep their reservation and continue to do business with them right now. This has been going on for just over a month, at least. Who knows how long before it was brought up on this forum. They don't appear to have any plans to fix the problem, which leads me to believe the theft is coming from in-house.

 

Something else that makes me lean more towards suspecting it's in-house is that people are seeing fraudulent charges not long after their cards are compromised. Typically, when a hacker steals credit card info. from a breached website, they'll sell them on the dark web in bulk. That means it can often be a while between the time the info. is stolen and the owner actually sees fraudulent charges. It takes a while for them to be bought and for the buyer to make their way through multiple cards. When one's canceled, they simple move on to the next. I know someone who's card info. was stolen during the huge Target breach in 2013 and didn't see fraudulent charges until about a year later. Granted, Mr. Sanchos is on a much, much smaller scale. Not as many credit card transactions going through there daily. But it'd still take some time for an outside hacker to steal the info., sell it, and the buyer to then use that card number. But since people are seeing their cards compromised fairly quickly, I can't help but wonder if it's being done by Mr. Sanchos employees themselves, who then immediately use the cards.

 

Either way, why would anyone want to continue to do business with them, give them more of their hard-earned money, until they fix this?

  • Like 1
Link to comment
Share on other sites
TTEllis

TTEllis

Posted
Posted
7 hours ago, Organized Chaos said:

 
I must say, I'm very surprised that people who have had their credit card info. stolen from this would keep their reservation and continue to do business with them right now. This has been going on for just over a month, at least. Who knows how long before it was brought up on this forum. They don't appear to have any plans to fix the problem, which leads me to believe the theft is coming from in-house.

 

Something else that makes me lean more towards suspecting it's in-house is that people are seeing fraudulent charges not long after their cards are compromised. Typically, when a hacker steals credit card info. from a breached website, they'll sell them on the dark web in bulk. That means it can often be a while between the time the info. is stolen and the owner actually sees fraudulent charges. It takes a while for them to be bought and for the buyer to make their way through multiple cards. When one's canceled, they simple move on to the next. I know someone who's card info. was stolen during the huge Target breach in 2013 and didn't see fraudulent charges until about a year later. Granted, Mr. Sanchos is on a much, much smaller scale. Not as many credit card transactions going through there daily. But it'd still take some time for an outside hacker to steal the info., sell it, and the buyer to then use that card number. But since people are seeing their cards compromised fairly quickly, I can't help but wonder if it's being done by Mr. Sanchos employees themselves, who then immediately use the cards.

 

Either way, why would anyone want to continue to do business with them, give them more of their hard-earned money, until they fix this?

Don't waste your breathe like I did. I find it absolutely astonishing anybody would ever do business with this place, much less give them their credit card number get there credit card nailed for however much, and then go back for more!!! INCREDIBLE!!!

Oh my, that's a new one. I'm at a loss for words, I'm just kidding it's me I'm never at loss for words. 😁

Well at least we never have to worry about seeing them at Nachi, none of them. 😉

 

 

Link to comment
Share on other sites
crewsweeper "Live from...." Rare

crewsweeper

Posted
Posted

Contacted Mr Sanchos.  Say they are looking into it. Say never take cc info. All reservations  booked through PayPal. Web master is in US. But tried a mock booking and got a message site was unable. MS rep did say they were  doing maintenance on the site. 

  • Like 2
Link to comment
Share on other sites
Organized Chaos

Organized Chaos

Posted
Posted
On 9/4/2019 at 6:30 PM, crewsweeper said:

Contacted Mr Sanchos.  Say they are looking into it. Say never take cc info. All reservations  booked through PayPal. Web master is in US. But tried a mock booking and got a message site was unable. MS rep did say they were  doing maintenance on the site. 

 

I'd like to hear from people who have used their website to make reservations well before this was happening. Did anyone get directed to use a credit card back then? It doesn't matter where their webmaster is located, the breach can come from anywhere. I just tried to do a mock reservation too. I got through to the point where I could add it to my cart, but the site was unavailable after that. From that point on, I couldn't even get on the site at all. If I had to guess, I'd say they took enough heat over this that they're finally doing something about it.

Link to comment
Share on other sites
crescami

crescami

Posted
Posted
On 9/6/2019 at 2:23 PM, Organized Chaos said:

 

I'd like to hear from people who have used their website to make reservations well before this was happening. Did anyone get directed to use a credit card back then? It doesn't matter where their webmaster is located, the breach can come from anywhere. I just tried to do a mock reservation too. I got through to the point where I could add it to my cart, but the site was unavailable after that. From that point on, I couldn't even get on the site at all. If I had to guess, I'd say they took enough heat over this that they're finally doing something about it.

When I used their website several weeks ago, it sent me straight to PayPal where I paid using my debit through PayPal. I did not put in my credit card info directly in the site. I have not had any fraudulent charges. ( and I hope I don't have any issues later on either)

Link to comment
Share on other sites
  • 2 weeks later...
  • 2 weeks later...
Psycopuppy

Psycopuppy

Posted
Posted

i actually booked through Raccoon Tours via paypal, but when i was looking this summer at the end of June. I noticed the deposit page xmiting your info was not a secure site.  I felt very uneasy about that and booked via 3rd party as i did a few years ago.  So while it might not have been them directly, the people on the eCommerce side didn't get things secured properly.

Link to comment
Share on other sites
Organized Chaos

Organized Chaos

Posted
Posted
23 hours ago, legaljen1969 said:

So glad I stumbled upon this post. I was thinking about Mr. Sancho's this time.  Will definitely avoid now and forever.

 

I feel the same way. I don't care if they fixed the breach or now only allow a secured deposit through PayPal. In my opinion, they handled it very poorly, which is to say, they didn't handle it at all for a month or more. They didn't seem to care that it was happening to their customers. And I still think there's a good chance it was someone in-house using their customers' credit cards illegally. For those reasons, I'd never give them my business.

  • Like 1
Link to comment
Share on other sites
Icon901

Icon901

Posted
Posted (edited)

Just tested the site: Paypal is the only option. 

I took a good look at the source code for the page and it's clean as of now. 

I'm very confident their page was being hacked. This is very common. DNS lookup indicates they're on a VPS (Virtual Private Server) with 1295 other websites through their hosting provider Siteground. This increases the risk of being back-doored like this. I'm almost certain it was NOT anyone in-house. 

It's VERY easy to add code to the cart function to take you to a mocked up Mr Sanchos page with CC info, that then forwards to the original paypal page for info again. This way the reservation is on the books (avoids suspicion if customer calls to verify) but they've slipped that page inbetween to capture your info. 

Now if you want to claim Mr Sanchos is negligent in not stopping this, they do not own their own servers. They SHOULD contact their host provider and demand it be stopped or take their site to another hosting provider. They should also add "WE WILL NEVER ASK FOR YOUR CC NUMBER, PAYPAL ONLY" to the checkout page.

 

That said, it's not fair to expect resort providers in places like this to be the most tech savvy business owners. Hell, I'm guessing they outsource the entire website design/creation/hosting like most small businesses. 

Exercise due diligence... If they are asking for CC info, they have been hacked. Only use the site if Paypal is used. Then again, adding a fake Paypal intermediary page would be just as easy... assuming most folks aren't savvy enough check the URL at the top of the page to confirm a secure connection with Paypal's servers. 
 

Edited by Icon901
Link to comment
Share on other sites
TTEllis

TTEllis

Posted
Posted
On 10/16/2019 at 12:54 PM, Icon901 said:

Just tested the site: Paypal is the only option. 

I took a good look at the source code for the page and it's clean as of now. 

I'm very confident their page was being hacked. This is very common. DNS lookup indicates they're on a VPS (Virtual Private Server) with 1295 other websites through their hosting provider Siteground. This increases the risk of being back-doored like this. I'm almost certain it was NOT anyone in-house. 

It's VERY easy to add code to the cart function to take you to a mocked up Mr Sanchos page with CC info, that then forwards to the original paypal page for info again. This way the reservation is on the books (avoids suspicion if customer calls to verify) but they've slipped that page inbetween to capture your info. 

Now if you want to claim Mr Sanchos is negligent in not stopping this, they do not own their own servers. They SHOULD contact their host provider and demand it be stopped or take their site to another hosting provider. They should also add "WE WILL NEVER ASK FOR YOUR CC NUMBER, PAYPAL ONLY" to the checkout page.

 

That said, it's not fair to expect resort providers in places like this to be the most tech savvy business owners. Hell, I'm guessing they outsource the entire website design/creation/hosting like most small businesses. 

Exercise due diligence... If they are asking for CC info, they have been hacked. Only use the site if Paypal is used. Then again, adding a fake Paypal intermediary page would be just as easy... assuming most folks aren't savvy enough check the URL at the top of the page to confirm a secure connection with Paypal's servers. 
 

😳Wawazzat!! WTH!!! Oh boy this is going to be a great weekend I can already tell it!!

 This thread just keeps getting better!!

You gotta be kidding me. 

Sounds like Mr. Sanchos brother.🤥

 

Link to comment
Share on other sites
Icon901

Icon901

Posted
Posted
1 hour ago, CGBanks said:

What about purchasing a VISA gift card and using it for the deposit ?  Would that work ?  I'm glad I saw this post as we plan to go to Mr. Sanchos in December.  

There is no legitimate need for a credit card of any kind for the deposit. They use Paypal. If you are required to enter CC info outside of the Paypal then it is a scam. 

Link to comment
Share on other sites
Icon901

Icon901

Posted
Posted
1 hour ago, TTEllis said:

😳Wawazzat!! WTH!!! Oh boy this is going to be a great weekend I can already tell it!!

 This thread just keeps getting better!!

You gotta be kidding me. 

Sounds like Mr. Sanchos brother.🤥

 

No... never been to Sanchos nor have I worked with them. However, I'm someone with extensive experience in the Digital Marketing / Web Development space who actually understands what happened here. 

You're welcome to act like an incredulous child like above... OR you could actually point out any technical inaccuracies in what I've posted. I'm happy to explain/source any of the information you don't understand. 🙂 

Cheers. 

  • Like 2
  • Thanks 1
Link to comment
Share on other sites
Organized Chaos

Organized Chaos

Posted
Posted
On 10/17/2019 at 2:51 PM, Icon901 said:

No... never been to Sanchos nor have I worked with them. However, I'm someone with extensive experience in the Digital Marketing / Web Development space who actually understands what happened here.

 

No, you've merely stated one of the possibilities of what happened. Unless you're directly involved with their site in some way, you don't actually know.

 

Some customers did call Mr. Sanchos and report that their credit cards were compromised and were seeing fraudulent charges almost immediately. Mr. Sanchos' answer was to tell those people to simply dispute the charges. That's highly suspicious to me. What they should've done was apologize and insist that they'll contact their site provider immediately to address the issue. By telling their customers just to dispute the charges showed a complete lack of care for what was happening and little interest in fixing the breach. That makes me feel like the breach was coming from within. It's possible that someone there was using the credit cards, they then got the merchandise that was purchased with them, but to lessen the risk of getting caught, they merely told their customers to dispute the charges. The damage was done and the thief was buying new stuff.

 

The fact that customers were seeing fraudulent charges almost immediately also made me believe it was coming from someone in-house. Oftentimes, when credit card info. is stolen on the web, they're gathered and sold in bulk. Buyers then start making their way through the stolen CC numbers, moving on to the next when one gets cancelled. Some credit card owners won't see fraudulent charges for weeks, months, even a year or more because the thieves are making their way through a "stack" of stolen credit card numbers. Granted, we're talking about a small beach resort in Mexico, so if an outside hacker had breached the site for the credit card info, it's certainly plausible that they were using the numbers right away instead of selling them.

 

Bottom line, this could have been an outside breach or from someone in-house.

Link to comment
Share on other sites
  • 2 years later...
Clyde890

Clyde890

Posted
Posted
On 9/4/2019 at 12:20 PM, TTEllis said:

Hopefully see you at Nachi.😎

They don't accept credit cards at Mr. Nachos. They accept greenbacks ONLY.

Why?  Because the dollar has much better value than pesos...and they would only get paid in pesos at the current exchange rate if you used your CC at Sanchos.

Link to comment
Share on other sites

Please sign in to comment

You will be able to leave a comment after signing in



Sign In Now
 Share
Go to topic listing
  • Forum Jump
    • Categories
      • Welcome to Cruise Critic
      • New Cruisers
      • Cruise Lines “A – O”
      • Cruise Lines “P – Z”
      • River Cruising
      • ROLL CALLS
      • Cruise Critic News & Features
      • Digital Photography & Cruise Technology
      • Special Interest Cruising
      • Cruise Discussion Topics
      • UK Cruising
      • Australia & New Zealand Cruisers
      • Canadian Cruisers
      • North American Homeports
      • Ports of Call
      • Cruise Conversations
×
×
  • Create New...