It's still possible someone else used his system and signed up with his cc and email. Too ,amy people trust using those cc, pw and email managers. So if someone was over and got on there, clicked the signup link and the manager popped up... One of his kids or their friends etc. Who knows.
I'd ask if he had one of those installed just out of curiousity. If he says he does, mention that someone COULD have used that and he was defrauded as well as you. ;-) I know if it happened to me, I'd leave the money with the company but someone would get a hiding.
Refund him and then go add a disclaimer to your join area in bright and bold letters that you WILL follow up and press charges on any attempts to commit fraud. That is enough to scare off at least a percentage of cheats.
__________________
<center><a target="_blank" href="http://dev.datedollars.com/index.php?s=signup&aid=535&cfg=aac"><img border="0" src="http://216.130.172.224/gfy/gsig.gif" width="490" height="100"></a><br><a href="http://dev.datedollars.com/index.php?s=signup&aid=535&cfg=aac" target="_blank"><b><font face="Arial"><font color="#FF99FF"> Buy me away from Slavedriver Smokey!<br>It's May Sig Sweeps!<font></b></center>