Receive Query 

Customer will contact us informing us of the following details 

• There are Mr D orders going off there account 
• They are unable to access their Mr D Account Or* 
• They think their Mr D Account has been hacked or suspect suspicious activity
• Call & Written channel :
  • Inform the customer of the following:
    • The complaint will be escalated for further investigation 
    • Inform the customer you will temporarily suspend their profile pending investigation and as a preventative measure to stop future transactions from occurring.

Locate the Customers Account 

• Request the customers Name, Surname, Email address and Cellphone number linked to their Mr D profile 
• Search for the profile on Admin using the details provided 

Outcome:

• Profile Found on Admin: 
  • Proceed to step 3 
• Profile not Found on Admin
  • This is an indication that the fraudster has changed the Username,email & password of the customer 
  • Request the customer to go into their email and search “Mr D Orders” 
  • Request the customer to provide a DFD number from the invoices in their email 
    • Customer would have received the an invoice for all their previous Mr D Orders 
  • Proceed to step 3 
• Customer unable to provide details
  • Escalate to MOD for assistance

POPI Customer raising complaint

Profile located & Username,email address and Cellphone number have not been changed 

• POPI using standard verification questions 

Profile Located & Username or email or Cellphone has changed 

• Identify old orders on the customer profile 
  • Open order number customer provided 
  • Confirm the Restaurant name and Total order amount with customer 

• If enquirer does not pass POPI  verification then explain that we won't be able to assist further

Escalate Complaint to Leadership 

• Escalate the following details to the MOD via Gchat
  • Issue: Account Take Over 
  • Customer ID: XXXX
  • Action required: Please investigate and provide feedback to the customer

Suspend the Profile & Escalate Complaint to Data Support Compliance (DS Team)

• Create New Ticket 
• Form: Customer Query 
• Query type:: Mr D Food* - Blacklisting>Blacklisted>Suspected Account Takeover
• Assign ticket to group : CS Data Compliance 
• Submit as Open

Once the ticket has been transferred to the DS team they will take the following steps:

• Flag the issue with the Web Security Team to conduct an investigation confirming the nature of the incident i.e. credential stuffing and providing the requisite logs substantiating the credential stuffing along with confirming whether the incident was:
  • Access only - if so, then for a forced password reset to occur on the affected MrD profile profile by sending the engineering team a ticket requesting a forced password reset request; or
  • Access and personal information compromise/changes - if so and at the end of the investigation to assist the affected MrD profile to reset the relevant changes to personal information.
• The DS Team will communicate with the affected customer about the suspension/locking of the relevant account.

Escalate Complaint to Web Security

• Escalate the potential account takeover profile to product on the Slack Channel “ Investigation_account _takeover”
• Information to include 
  • Link to customer profile on Admin
  • Customer Name
  • Customer Contact
  • Customer Email
  • Order Id’s of the fraudulent transactions
  • Status of Blacklisting (Blacklisted or Not)
  • Indicate the issue is a suspected takeover that needs to be investigated
  • Order Id of Last Legitimate Transactions
  • Add investigation logs
  • Add the Mr D app version the customer is using

Investigate and provide feedback to Data Compliance 

• The Website Security Team must provide the DS Team with all their findings by means of a sheet indicating the investigation logs and all personal information changes to enable the DS Team to reset the information at the conclusion of the investigation.

Reset Profile details Provide Customer Feedback

Call the customer and instruct them to do the following while on the call:

• Request Customer to 
  • Remove all saved cards
  • Send customer password reset link 
  • Update their profile name & Surname
    • New unique Username and Password
  • Delete all saved addressed on admin (TL Action)

Determine if Credit Wallet refund is due to the customer 

• Determine if there was a credit wallet balance used by the fraudster 
• Refund Due IF:
  • Customer had a credit wallet balance that was used by the fraudster 
  • Move to step 10
  • Refund NOT Due IF:
    • Customer did not have a credit wallet balance prior to the fraudulent transactions
    • Inform the customer that recovery of funds used needs to be logged with bank

Request MR D CS Refund 

• Leave an internal note on the original escalation ticket from CS request a refund of the customers credit wallet to the value of X
• Assign the ticket to the Food Management Group
• Submit Ticket as Open

Received Request & Refund the customer  

• Refund the customer the value of the wallet balance in the request
• Create exceptions on old order/s 
• NB* Leave notes in comments section of the order and on the exception created in ADMIN referencing
  • Zendesk ticket number of the request from data compliance 
  • Short description of of the reason for the wallet refund 
• Leave Internal notes on escalation ticket from data compliance 
• Assign ticket back to CS Data Compliance 
• Submit as Open