I work in a small hotel. We had a guest stay back in July and pay by credit card. Now the bank has contacted us with a chargeback, the cardholder saying they never stayed with us. Unfortunately the receptionist at the time processed the card without getting a proper signature or id.
I contacted the police, but I don’t think they’re really interested.
The guest filled in a registration card with name, address and phone number. Address and phone number are fakes, the name I assume is the real cardholder’s. I’ve googled various combinations of this information but nothing interesting shows up.
They did send us an email to confirm the booking, this was from an “@live.com” email address. I thought that I might be able to trace the IP address from the received email, but it has been deleted. What we do have though is the reply to this that we sent back to the guest. So, my questions are:
Is there a way to find where this email was sent from now that the original has been deleted?
If we can find the IP address how straightforward is it find a street address?
What is “@live.com”, is this some sort of webmail address? Emails sent to this now get bounced back with “mailbox unavailable”.
We don’t have cctv going back to July, but staff remember the party. It was two women and two children, which I think is why no suspicions were raised at the time. I’d really like to bring these people to justice, any help appreciated.
I believe, if you have the IP address, the best you’re going to get without a warrant is the general area they are in, beyond that, you won’t be able to do anything on your own.
Well I can tell you that the @live.com domain is the one used for MS’s latest email service. Its basically the new @hotmail, so you’ll probably have a hard time tracking it down. Especially since the account appears to have been closed.
As for finding an actual address, based on the IP address, but you’ll most likely get a general area, it is possible but you’ll have trouble proving who actually sent the email. Not to mention it may well be from a public network (from a cybercafe or library, for example), which is quite likely since whoever booked the hotel at least knew enough to commit credit card fraud. Of course you may find the address is that of the credit card holder’s…
As a best case scenario, the chargeback is fraudulent. In this case you could always try to fight the chargeback (or not, I’m not to clear on how such things work) if you could prove the email that booked the stay is somehow connected to the legitimate owner of the credit card.
This is going to make recovering your funds damn near impossible, sorry to say. Even if you can locate the cardholder, without verification that they were the actual party that handed you the card (you saying so won’t cut it), you’re pretty much screwed.
I know it’s 20/20 hindsight, but part of my job entails investigating credit card chargebacks. Merchants have told me they don’t check ID’s or even compare signatures with those on the card because “it’s a pain” or they’re “too busy.”
Without even a signature, the only thing I can tell them is this: You’ve just learned a lesson about how not to do business from now on.
Unless the fraud was significant, many hundreds or thousands of dollars, I doubt the local police are going to do much about it, unless you can point them to the person that caused it. My guess is that you’ve already spent more time and energy on this than the value of the fraud itself.
You might want to focus your energy on training your desk clerks how to recognize fraud before it happens. Many local police departments have classes or special units that will come to your business to talk to your employees about common fraud techniques.
I don’t recall ever staying at a hotel where the clerk didn’t ask to see my drivers’ license and the registration form always included the plate # of my car (though I suppose a fraudster could just fake that), usually taking down the drivers license #.
I don’t see where you have any real idea who perpetrated the fraud. Seems like the card was stolen and the real owner has rightfully challenged the charges. You don’t have a picture of any kind from security cameras. Your receptionist should have asked for picture ID and taken a photocopy, but she didn’t ask for ID or even a signature. Signature on ID should match credit card and registration form. If credit card is unsigned or says ‘see ID’ refuse it. Tracing an IP address is just wasting your time.
Sounds like staff training is in order, you’ve already paid for part of it.
Is it worth trying to get a warrant to ask Microsoft to reveal who is the holder of that @live account? That’s about the only thing you can do. This involves going to a judge to get a warrant, and you’ll need to hire a lawyer. That might not make this type of thing worth tracing. Besides, I don’t even know if Microsoft could offer you anything more. They might not require an verifiable information to create this email account.
Did the person use your hotel phone? Maybe you have records about what numbers he called.
The police won’t do anything unless you’re willing to press charges and know whom to press charges against. I take it that the hotel bill is less than $1000, so to the police, it’s small stuff. They have more serious crimes to investigate.
Maybe check with other merchants in the area. It’s possible that this dirtbag used the same card to buy groceries, gas, booze, etc. on her little all expenses paid vacation. The sum of all your information might help.
You could find him but it wouldn’t be worth the money spent.
To get an email address you’d have to first get a warrent and have Microsoft issue you the IP address of the place where the email went through. This assumes they went straight through and didn’t use a proxy.
Then you’d get an IP address and have to resolve it (easy) find the ISP and get another warrent to disclose the person who has that account.
Then you’d have to prove THAT person made the reservation. Suppose it’s an internet cafe? or a public library? Even with that information the person could say, “Oh it wasn’t mean, I guess I never signed off my computer.”
At the Chicago Public Library people do it all the time, instead of ending their session, they just get up from the computer and close the browser, but until they end their session or the time limit is up that session is registered to a library card number.
And then it’s just a number, you could easily memorize someone’s number from seeing their library card.
If you had gotten proper signature, and authorization it would’ve been the credit card company that took the loss not the merchant.
Write it off your taxes and write the clerk up so he/she learns proper procedure.