Code Room
On-callMediumoc-g147
Subject Abuse trafficLevel Mid–Senior~35 minCommon in Reliability & on-call interviewsIndustries Technology, Software development

Question

Your payments dashboard shows authorization attempts up 30x in the last hour on a small-dollar donation form (variable amount, $1-$5), with a >85% decline rate and rapid-fire attempts cycling through many distinct card numbers, names, and addresses from a few IP ranges. Your processor just emailed warning about an elevated decline ratio that risks fines. Each attempt costs you a small auth fee regardless of outcome. The legitimate donation volume is normally a trickle. How do you triage and stop this card-testing (carding) attack?

What a strong answer looks like

Stop the bleeding first (mitigate), then form hypotheses from real signals. Separate root cause from symptom, communicate status as you go, and close with what prevents a repeat.

Diagram & narrate the incident
Loading whiteboard…
Run or narrate your approach, then ask the coach.