Solved: Re: What are third party created customers - Page 2

Pamela7 · ‎02-06-2024

I have just noticed 4 new customers who are “third party created” in my system. I have a very small business, know all my customers- either I make an appointment for them after an email exchange or I get a notification that they have scheduled an appointment for themselves.

These people have no appointments and I can think of no valid reason for their information to be stored in my system.

I am concerned that there is some funny business going on here, even though I can’t imagine what that might be.

Over the past 7 years, I’ve never noticed this. Given today’s service disruption, I’m on high alert. What is going on?

Ellie_ · ‎04-26-2024

Hi everyone,

We appreciate everyone bringing this to our attention and your patience while we investigated this further.

We are reviewing your feedback and will be taking action to delete unverified customer profiles from your Customer Directories. These were created by failed payment attempts, and we do not believe they represent a security issue with your Customer Directory.

We’ve also implemented a fix so that customer profiles are only created via Square after a payment is successfully processed. This should reduce the creation of unknown customer profiles.

Ellie
Community Moderator, Square
Sign in and click Mark as Best Answer if my reply answers your question.

View Best Answer >

tifholmes · ‎03-17-2024

I still don't understand how they're gaining access to add themselves. The only third party apps I have still connected are "Square Seller Community" and "Square Communities." I guess I'll revoke access to those, too, and see what happens. I'm at a loss, and it's a security issue that I'm not willing to ignore.

************
TIF HOLMES
FINE ART PHOTOGRAPHY
WWW.TIFHOLMES.COM

Pamela7 · ‎03-18-2024

Exactly!!! How are they getting in there and why does nobody care???

GoGolf · ‎04-18-2024

I too am having this issue! The emails are all @example.com We also noticed that one of the fake emails made a purchase of $50 from an item that is no longer available!!! Square doesn't have an answer for this.. very concerning.

Pamela7 · ‎04-18-2024

Yikes! It’s just creepy that someone can muck about in our business like this.

RKLMT · ‎03-20-2024

After multiple emails with Support and multiple phone calls as well. I have a little more understanding on what’s going on with this situation. But I still do not understand it completely. Square has escalated my support ticket and what they are saying is that my donation link is where the third-party customers are coming in. However, I do not have any donations. Other than the eight tickets I have sold personally. on one of the phone calls with Support I was told that the API needs to be checked, although I have no idea what that is. I hope Support can help me more. I will continue to update as I find more information. The customers in my situation have the same first name.last name @Email address. The interesting thing is they are signed up for marketing which I do not have marketing with Square. customer service is actually looking into this for me because they find it odd that the customers are being added by the third-party through this link or back door. Whatever you wanna call it. I’m just concerned about possible fraudulent activity through my account. I have removed third-party access for Massage book. The only other third-party access I have is Linktree and Square go. I think customer support is concerned more so that they are being signed up for marketing unintentionally. Luckily, they took my ticket seriously and hopefully I will have more information soon!

Pamela7 · ‎03-22-2024

Wow. What a strange and confounding situation it is. It’s good to know others are recognizing this risk.

tifholmes · ‎03-25-2024

Indeed. I just deleted 68 more fake customers this morning. I've canceled my Marketing subscription with Square and will use a free e-mail list to send out updates instead. I've been researching another web host option as well. Frustrating.

************
TIF HOLMES
FINE ART PHOTOGRAPHY
WWW.TIFHOLMES.COM

LWCoaching · ‎04-15-2024

This has happened to me as well. My first support outreach to Square went nowhere as the rep said I could "keep them there without issues" and I've tried contacting Square again today as I'm concerned about any fraudulent activity connected to my account; this is definitely an information security issue that needs to be addressed ASAP. As for how this "3rd party" integration may have occurred, I do have an embedded "pay now" link on my Google Sites webpage and have posted that link on FB and in emails to customers as well, but isn't that something we're supposed to be able to do without negative effect? Those links are for selling a service, not for "marketing" which is how these customers are categorized. If I don't get a satisfactory response from Square this time, I'll be taking my business elsewhere.

Pamela7 · ‎04-15-2024

It’s just nuts that Square is not concerned about this security breach! We should indeed be able to post pay now links without opening the door to fraud! That’s the whole point, isn’t it? I removed all the links weeks ago, but it’s still happening! Four “new clients” today alone!

I was outraged and disappointed but that sparked my need to take my business elsewhere, and now I’m so happy I did. At least we’re on record for pointing out this security issue. Should anything happen, at least we won’t be in the wrong.

And we won’t be onboard this sinking ship either.

ACEtutor · ‎04-16-2024

Who are you using now? I need someone new also.

Pamela7 · ‎04-16-2024

I found 150 fake users today just by searching for email addresses with example.com. I was curious about how out of control it’s gotten- there are tons of others, but I gave up trying to count.

ACEtutor · ‎04-16-2024

Who are you using? I need to find someone else too because I just don't have confidence in Square any longer.

Pamela7 · ‎04-16-2024

I’m using Stripe for credit card processing and Acuity as my online calendar. I’m two months in and things are going really well.

ACEtutor · ‎04-17-2024

Thank you for the info!

Pamela7 · ‎04-18-2024

No problem. Hope it helps.

Ellie_ · ‎04-26-2024

Hi everyone,

We appreciate everyone bringing this to our attention and your patience while we investigated this further.

We are reviewing your feedback and will be taking action to delete unverified customer profiles from your Customer Directories. These were created by failed payment attempts, and we do not believe they represent a security issue with your Customer Directory.

We’ve also implemented a fix so that customer profiles are only created via Square after a payment is successfully processed. This should reduce the creation of unknown customer profiles.

Ellie
Community Moderator, Square
Sign in and click Mark as Best Answer if my reply answers your question.

GoGolf · ‎04-26-2024

I appreciate you putting some effort into fixing this issue. However, we already had 1 person make a purchase with a credit card on the "fake account." The purchased an item that we no longer offer, and haven't had it offered for over 5 years. Not sure where they were even able to access a payment option.