I am not certain if this is an S2Member thing, but we had several “fraud” payments attempted this past Saturday on Stripe. I say “fraud” in quotation marks because luckily, all of the cards were declined due to incorrect CVC.
I’m not certain if it’s S2Member because the fraudster(s) did not create any registrations, which are required as part of payment on our website. However, the package they were using is only under my S2Member labels, so it couldn’t have come from anywhere else.
Is this something I should be worried about? Should I force/encourage all my members to change their passwords? It doesn’t appear any users logged in to the site on that day. I’ve used S2Member for a decade now without this issue, but want to ensure my site and my members are all safe.
