Yeah… no it wouldn’t. I’ve watched users have their bank accounts emptied (by ac... | Hacker News

Hacker Newsnew | past | comments | ask | show | jobs | submit

		scott_w 27 days ago \| parent \| context \| favorite \| on: Subscription bombing and how to mitigate it Yeah… no it wouldn’t. I’ve watched users have their bank accounts emptied (by accident) because they kept refreshing. A measly £150 isn’t going to register until it’s too late anyway.

sarchertech 27 days ago [–]

There's a reason attackers exploit any site that lets them do small charges, it's because enough users will notice a larger charge.

Whether every user notices it or not, attackers are looking for the ability to do small charges, and if you remove that they'll move on.

Consider applying for YC's Summer 2026 batch! Applications are open till May 4
Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact