A few things changed my thinking while investigating this story.
At first, I genuinely believed a software company had quietly helped itself to my replacement credit card without warning.
As someone who spends much of my time exposing scams, Ponzi schemes and deceptive business practices, that immediately raised alarm bells. But good investigations are driven by evidence, not emotion. As I dug deeper, the facts told a more nuanced story.
This article isn’t about exposing a scam.
It’s about exposing how modern recurring payments actually work, why so many consumers are caught off guard, and why I believe legitimate companies can still do a much better job of being transparent with their customers.
How a $99 Charge Started an Investigation
When I noticed a US$99 charge from WP Mail SMTP, my immediate reaction was frustration. I hadn’t used the plugin for around ten months and certainly hadn’t intended to renew it.
What concerned me even more was that the payment had been taken from a replacement credit card. My original card had been replaced by the bank, complete with new card numbers. My first thought was simple: how did they get my new card details?
Having investigated countless online investment scams over the years, I’ve seen plenty of businesses rely on fine print and obscure billing practices to extract money from unsuspecting customers. Naturally, I wondered whether something similar had happened here.
I contacted WP Mail SMTP immediately and requested a refund.
Why I Bought WP Mail SMTP In The First Place
Before anyone thinks this article is a criticism of the software itself, it’s important to explain why I became a customer in the first place.
Like many WordPress website owners, I ran into one of the most common frustrations on the platform: emails generated by my website weren’t being delivered reliably. Contact form submissions, notifications and other important messages either failed to send altogether or risked being treated as spam because they weren’t properly authenticated.
At the time, I wanted my website to send emails securely using my Google Workspace (Gmail) account. Although Google provides the necessary tools to achieve this, configuring SMTP authentication correctly—especially when your website is hosted on a different server—can quickly become a technical exercise involving application passwords, DNS records, authentication protocols and server settings. After several unsuccessful attempts, I decided to look for an easier solution.
That’s exactly where WP Mail SMTP came in.
The plugin acts as a bridge between WordPress and trusted email providers such as Google, Microsoft 365, Amazon SES, SendGrid, Mailgun, Brevo, Postmark, SMTP.com and many others. Rather than relying on WordPress’s default PHP mail function—which is notorious for poor email deliverability—it authenticates outgoing emails using a proper SMTP connection. This significantly improves the chances of emails reaching their intended recipients instead of disappearing into spam folders or failing silently.
For someone who isn’t particularly technical, the plugin removes much of the complexity. It provides guided configuration, diagnostic tools, email logging, failure alerts and integration with many of the world’s leading email delivery services. In my case, it solved the problem I had at the time, and it did exactly what it was designed to do.
Eventually, a technically-minded friend helped me correctly configure Google’s SMTP service without relying on the plugin. Once everything was working natively, I no longer needed WP Mail SMTP, which explains why I hadn’t used it for many months before the renewal occurred.
That distinction is important.
My investigation is not about whether WP Mail SMTP works. From my own experience, it did exactly what I needed it to do. My questions arose solely because of the annual renewal process and my misunderstanding of how modern recurring payment systems operate—not because the software failed to deliver on its core purpose.
The Company Responded Professionally
To their credit, the support team didn’t dismiss my concerns.
Despite their published policy stating that renewals are generally non-refundable, they escalated my request to management, agreed to issue a full refund and cancelled my subscription to prevent any future renewals.
That alone deserves recognition.
Too often I see companies hide behind their terms and conditions. Instead, WP Mail SMTP acknowledged my concerns, treated me respectfully and answered every technical question I put to them.
As investigators, we should acknowledge good behaviour just as readily as we expose bad behaviour.
Understanding What Actually Happened
Rather than accepting a simple refund, I wanted to understand how the payment had succeeded using a replacement card.
The answers were surprisingly informative.
WP Mail SMTP explained that they don’t store customers’ raw credit card numbers themselves. Instead, they use Stripe as their payment processor, with my subscription apparently linked through Stripe Link.
Like many modern payment platforms, Stripe stores a secure payment token rather than the actual card number.
Even more interesting was their explanation of Visa Account Updater and Mastercard Automatic Billing Updater.
These services allow participating payment processors to receive updated card information from the issuing bank when a customer’s card expires or is replaced. The merchant never sees the new card number. Instead, the payment token continues to work behind the scenes.
I’ll admit, this was something I wasn’t fully aware of before beginning this investigation.
My Investigation Took an Unexpected Turn
One of my biggest criticisms was that I believed I had received no warning whatsoever before the renewal.
I was wrong.
After reviewing my inbox more carefully, I found that WP Mail SMTP had, in fact, sent me a renewal reminder approximately 30 days before the annual charge.
I simply missed it.
As frustrating as that is to admit, it completely changed one of the central assumptions I had made.
Good investigative journalism isn’t about defending your original opinion. It’s about following the evidence wherever it leads—even when that means correcting yourself publicly.
Had I ignored that email and continued accusing the company of providing no notice, my criticism would no longer have been supported by the evidence.
What Still Doesn’t Sit Comfortably With Me
Although the investigation answered many of my questions, I still came away with a couple of concerns.
The first is a practical one.
WP Mail SMTP had no way of knowing I hadn’t used their software for almost a year. Software companies cannot realistically monitor whether every customer is actively using a product on their own website, nor would I necessarily expect them to do so.
The responsibility ultimately rests with me to manage my subscriptions.
That said, I suspect I’m far from alone. Annual subscriptions are easily forgotten, particularly when twelve months pass between payments.
The second concern is about customer choice.
I would much rather software companies offered two renewal options at checkout:
- automatic renewal using a stored payment method; or
- manual renewal, where customers receive a reminder and choose whether to pay another year.
Many customers appreciate the convenience of automatic billing. Others would gladly accept the small inconvenience of manually renewing each year in exchange for retaining full control over when money leaves their account.
Giving customers that choice would build trust rather than relying on recurring billing by default.
Transparency Could Be Better
One area where WP Mail SMTP themselves acknowledged room for improvement was disclosure.
During our correspondence, they accepted that their Terms of Service and Privacy Policy do not currently explain, in plain language, Stripe’s role in storing payment tokens or the use of card account updater services.
Most consumers have no idea that replacing a physical credit card doesn’t necessarily stop recurring subscriptions.
That’s not because anyone is doing anything improper.
It’s because the payment industry has become highly automated, while the explanations provided to consumers have failed to keep pace.
I believe companies should explain this much more clearly during checkout.
A simple paragraph saying:
“Your payment method may continue to work after your card is replaced through secure card account updating services operated by the card networks.”
would eliminate much of the confusion that consumers experience.
This Isn’t a Scam Story
People often assume that because I investigate scams, every company I write about must be dishonest.
That’s simply not true.
My job isn’t to attack businesses.
My job is to examine evidence, ask difficult questions and help consumers understand how systems actually work.
In this case, the evidence led me to a different conclusion than the one I initially expected.
WP Mail SMTP refunded my payment, cancelled my subscription, answered detailed technical questions about their billing practices and accepted constructive criticism regarding their disclosures.
Those are not the actions I typically see from companies attempting to mislead their customers.
Lessons for Consumers
This experience reminded me that investigations don’t always end where they begin.
Sometimes they uncover wrongdoing.
Sometimes they expose poor practices.
And sometimes they simply reveal that consumers—including investigators—don’t fully understand how modern payment systems operate.
If there’s one takeaway from my experience, it’s this:
- Review your recurring subscriptions regularly.
- Search your inbox for renewal reminders before assuming none were sent.
- Understand that replacing your credit card may not cancel recurring subscriptions.
- Ask questions when something doesn’t seem right.
- Be prepared to change your opinion when new evidence emerges.
As investigators, our credibility isn’t measured by how often we’re right.
It’s measured by our willingness to follow the evidence—even when it proves us wrong.
I’d use Where The Evidence Led.
Would I still prefer an annual reminder asking me to renew manually rather than charging automatically? Absolutely.
Would I like software companies to offer customers the choice between automatic renewal and manual renewal at the time of purchase? Without question.
But after following the evidence wherever it led, I cannot fairly say that WP Mail SMTP acted unethically in my case. They did send the reminder. They did answer my questions. They did issue a refund, even though their policy didn’t require one.
For me, this investigation became less about exposing a company and more about understanding a payment ecosystem that most consumers never realise exists until an unexpected charge appears on their statement.
Sometimes the most valuable investigations are the ones that challenge our own assumptions as much as anyone else’s.
Disclaimer: How This Investigation Was Conducted
This investigation relies entirely on OSINT — Open Source Intelligence — meaning every claim made here is based on publicly available records, archived web pages, corporate filings, domain data, social media activity, and open blockchain transactions. No private data, hacking, or unlawful access methods were used. OSINT is a powerful and ethical tool for exposing scams without violating privacy laws or overstepping legal boundaries.
About the Author
I’m DANNY DE HEK, a New Zealand–based YouTuber, investigative journalist, and OSINT researcher. I name and shame individuals promoting or marketing fraudulent schemes through my YOUTUBE CHANNEL. Every video I produce exposes the people behind scams, Ponzi schemes, and MLM frauds — holding them accountable in public.
My PODCAST is an extension of that work. It’s distributed across 18 major platforms — including Apple Podcasts, Spotify, Amazon Music, YouTube, and iHeartRadio — so when scammers try to hide, my content follows them everywhere. If you prefer listening to my investigations instead of watching, you’ll find them on every major podcast service.
You can BOOK ME for private consultations or SPEAKING ENGAGEMENTS, where I share first-hand experience from years of exposing large-scale fraud and helping victims recover.
“Stop losing your future to financial parasites. Subscribe. Expose. Protect.”
My work exposing crypto fraud has been featured in:
- Coffeezilla 2026): Featured in the investigation exposing the alleged $328M Goliath Ventures Ponzi scheme
- Bloomberg Documentary (2025): A 20-minute exposé on Ponzi schemes and crypto card fraud
- News.com.au (2025): Profiled as one of the leading scam-busters in Australasia
- OpIndia (2025): Cited for uncovering Pakistani software houses linked to drug trafficking, visa scams, and global financial fraud
- The Press / Stuff.co.nz (2023): Successfully defeated $3.85M gag lawsuit; court ruled it was a vexatious attempt to silence whistleblowing
- The Guardian Australia (2023): National warning on crypto MLMs affecting Aussie families
- ABC News Australia (2023): Investigation into Blockchain Global and its collapse
- The New York Times (2022): A full two-page feature on dismantling HyperVerse and its global network
- Radio New Zealand (2022): “The Kiwi YouTuber Taking Down Crypto Scammers From His Christchurch Home”
- Otago Daily Times (2022): A profile on my investigative work and the impact of crypto fraud in New Zealand
Leave A Comment