Page 1 of 5 1234 ... LastLast
Results 1 to 25 of 104

Thread: Fraud Orders

  1. #1
    Join Date
    Aug 2001
    Location
    Houston, TX
    Posts
    377

    Fraud Orders

    We have recently started seeing a very large inflow of fraudulent orders – wonder if others are also seeing this – perhaps we can all get together and come up with ways to battle this …

    Any suggestions?
    < < E Z Z I . n e t > >
    Best-of-breed Hosting Services
    http://www.ezzi.net | 1-866-GET-EZZI : sales@ezzi.net

  2. #2
    Join Date
    Jun 2011
    Location
    Kansas City
    Posts
    142
    How many are you getting? I usually get maybe 1 a day, nothing out of the ordinary.
    SCOTT CORBIN http://www.zipservers.com/
    Managed Hosting | Virtual Private Servers | Dedicated Servers
    "Award Winning Hosting" TOLL FREE: 1-800-560-3450
    DATA CENTERS : Dallas, Seattle, Washington, D.C., and London, UK.

  3. #3
    Join Date
    Feb 2004
    Location
    Atlanta, GA
    Posts
    5,662
    You probably had 1-2 get through and now they are slamming you with more.

  4. #4
    Join Date
    Oct 2009
    Location
    Cleveland, TX.
    Posts
    228
    Quote Originally Posted by RyanD View Post
    You probably had 1-2 get through and now they are slamming you with more.
    What Ryan said. We had this happen last month. Two got through that looked completely legitimate and was processed and activated. After that we got like 10 more within a week, but we caught those. You just have to scrutinize everything about the orders. What alerted us to it was the person used the same secret question and answer for every account they tried to open.

  5. #5
    Join Date
    Apr 2008
    Location
    England
    Posts
    553
    Are they using proxies to make the orders?

  6. #6
    Join Date
    Aug 2004
    Location
    Kauai, Hawaii
    Posts
    3,799
    Quote Originally Posted by ispclub.com View Post
    We have recently started seeing a very large inflow of fraudulent orders – wonder if others are also seeing this – perhaps we can all get together and come up with ways to battle this …

    Any suggestions?
    Ask all customers to sign and return your T&C and provide ID. You'll turn away maybe 1% of legit orders (some people don't like to show ID) but you will also eliminate near 100% of fraudulent orders. Losing 1% of legit customers is worth it IMO, the problems associated with fraud (charge-backs, SPAM, network abuse etc) are costly.

  7. #7
    Join Date
    Dec 2004
    Location
    New York, NY
    Posts
    10,710
    Asking for signed terms and service + ID may be a bit extreme, but I suppose it's not a bad method.

    At the minimum, you might want to start voice verifying orders. Most customers shouldn't have a problem with that (in fact, I doubt any will).
    MediaLayer, LLC - www.medialayer.com Learn how we can make your website load faster, translating to better conversion rates for your business!
    The pioneers of optimized web hosting, featuring LiteSpeed Web Server & SSD Storage - Celebrating 10 Years in Business

  8. #8
    Join Date
    Jun 2010
    Location
    Panama
    Posts
    267
    We receive 2 fraud orders a day on creditcards, we wait for 2checkout fraud check but sometimes it pass fraud checks and the next day we receive the charge back so we wait 24 hours on creditcard customers and 98% of them are aware of this problem and they are ok on waiting, paypal customers get activated instantly.
    Offshore Hosting & High Privacy in Panama
    Cloud Servers & Shared Web Hosting | Daily Backups | 99.9% Uptime
    www.OffshoreRacks.com

  9. #9
    Join Date
    Aug 2004
    Location
    Kauai, Hawaii
    Posts
    3,799
    Quote Originally Posted by OffshoreRacks View Post
    We receive 2 fraud orders a day on creditcards, we wait for 2checkout fraud check but sometimes it pass fraud checks and the next day we receive the charge back so we wait 24 hours on creditcard customers and 98% of them are aware of this problem and they are ok on waiting, paypal customers get activated instantly.
    We experienced the following with a PayPal order, which is why we started requiring ID:
    • customer called our office, discussed custom setup for over an hour
    • client paid via paypal high $x,xxx amount for 8x SAS, dual proc, high RAM, RAID, dedicated gigabit server setup
    • customer IP geo location matched phone number area code
    • call back to the client answered promptly
    • custom hardware ordered from our vendor
    • 4 or 5 days later paypal reversed the funds stating that the paypal account had been hijacked/stolen
    • call back to the client's phone number resulted in no answer, found out it was a google voice number
    • found out the client IP was a VPS machine
    • emails to the client started bouncing

    Most fraudsters I would guess don't ever get on the phone with you, but with the availability of google voice / skype, etc phone verification simply isn't enough. It's a pain forcing customers to provide ID etc, but losing a few hundred dollars in sales is better than getting scammed with custom setups (which probably would of been used to send masses of SPAM).

    Whatever you decide to do, just realize that you can't be too careful. You either risk fraud against yourself or risk turning away legitimate clients.

  10. #10
    Join Date
    Aug 2006
    Location
    Ashburn VA, San Diego CA
    Posts
    4,615
    I've seen plenty of fake ID's and CC's submitted (ane they look VERY legitimate). To the point where we no longer accept faxed or otherwise low resolution scans and it's STILL hard to tell at times.
    Fast Serv Networks, LLC | AS29889 | DDOS Protected | Managed Cloud, Streaming, Dedicated Servers, Colo by-the-U
    Since 2003 - Ashburn VA + San Diego CA Datacenters

  11. #11
    Join Date
    Apr 2011
    Location
    Washington
    Posts
    324
    It is a problem that is not going to go away. You can try all the suggestions above but in the end it comes down to you reviewing the order, making any followup you see fit and going with your gut. Any method you use will allow fraud to get through at some point. Just do what you can to limit it.
    M3Server - Celebrating 20 years of hosting
    Fully Managed Shared, Virtual & Dedicated Servers
    Chris Stach - chris@m3server.com
    http://www.m3server.com

  12. #12
    Join Date
    Apr 2001
    Posts
    1,045
    Quote Originally Posted by FastServ View Post
    I've seen plenty of fake ID's and CC's submitted (ane they look VERY legitimate). To the point where we no longer accept faxed or otherwise low resolution scans and it's STILL hard to tell at times.
    Exactly what I was going to say as we see the same thing.

    The one thing we have noticed is they do not like to sign our CC authorization form. You'll hear that they dont have a scanner or a printer(but they happened to have their ID and CC scanned already, the highres ones) and to cancel the order.
    » ReliableServers.com
    » Dedicated Servers | Colocation | VPS
    » 973-849-0535

  13. #13
    Join Date
    May 2006
    Location
    NJ, USA
    Posts
    6,645
    Quote Originally Posted by gordonrp View Post
    We experienced the following with a PayPal order, which is why we started requiring ID:
    • customer called our office, discussed custom setup for over an hour
    • client paid via paypal high $x,xxx amount for 8x SAS, dual proc, high RAM, RAID, dedicated gigabit server setup
    • customer IP geo location matched phone number area code
    • call back to the client answered promptly
    • custom hardware ordered from our vendor
    • 4 or 5 days later paypal reversed the funds stating that the paypal account had been hijacked/stolen
    • call back to the client's phone number resulted in no answer, found out it was a google voice number
    • found out the client IP was a VPS machine
    • emails to the client started bouncing

    Most fraudsters I would guess don't ever get on the phone with you, but with the availability of google voice / skype, etc phone verification simply isn't enough. It's a pain forcing customers to provide ID etc, but losing a few hundred dollars in sales is better than getting scammed with custom setups (which probably would of been used to send masses of SPAM).

    Whatever you decide to do, just realize that you can't be too careful. You either risk fraud against yourself or risk turning away legitimate clients.
    was this the HP box you were selling a while back
    AS395558

  14. #14
    Join Date
    Aug 2001
    Location
    Houston, TX
    Posts
    377
    We are getting 2-3 fraud orders a day - we are using Maxmind but these guys have obviously found ways to fool those systems.
    < < E Z Z I . n e t > >
    Best-of-breed Hosting Services
    http://www.ezzi.net | 1-866-GET-EZZI : sales@ezzi.net

  15. #15
    Join Date
    Mar 2009
    Location
    NL
    Posts
    594
    We've even had one fraud case with matching ID and bank card. I can recommend asking for a home utility bill to verify the address. This is not something that is offered on the "ID market".
    YISP - High Bandwidth dedicated servers and colocation in YISP-AS(Amsterdam)!

    Website: http://www.yisp.nl
    Contact: info "(AT)" yisp.nl

  16. #16
    Join Date
    Aug 2006
    Location
    Ashburn VA, San Diego CA
    Posts
    4,615
    Quote Originally Posted by Rens View Post
    We've even had one fraud case with matching ID and bank card. I can recommend asking for a home utility bill to verify the address. This is not something that is offered on the "ID market".
    +1, we actually had several orders like this. There's no replacement for your 'gut feeling' about processing orders sometimes. Utility bill would be a good idea though.
    Fast Serv Networks, LLC | AS29889 | DDOS Protected | Managed Cloud, Streaming, Dedicated Servers, Colo by-the-U
    Since 2003 - Ashburn VA + San Diego CA Datacenters

  17. #17
    Join Date
    Oct 2009
    Posts
    416
    Quote Originally Posted by FastServ View Post
    +1, we actually had several orders like this. There's no replacement for your 'gut feeling' about processing orders sometimes. Utility bill would be a good idea though.
    Isn't that even easier to fake? Personally I wouldn't be able to tell for sure if some far away city X does or does not have a power company called Y-Electric or what their bills are supposed to look like.

  18. #18
    Join Date
    Sep 2004
    Location
    Cincinnati, OH
    Posts
    298
    Has anyone been having problems with paypal? It seems every day paypal gets worse.

    What I hate most is that paypal will initially clear a payment then 24 hours later decide to flag it for "review". I'll have the customer call in and talk to their abuse teams to clear their account and payment. Even then sometimes they'll still reverse the payment and the user needs to initiate another payment which goes through without issue.

    I've been getting 1-5 paypal charge backs a week

    Google checkout is another story. I absolutely love it. In the past 2 years i've had maybe 3-4 charge backs with checkout. Whatever they're doing it works great.

    Quote Originally Posted by ReliableServers View Post
    Exactly what I was going to say as we see the same thing.

    The one thing we have noticed is they do not like to sign our CC authorization form. You'll hear that they dont have a scanner or a printer(but they happened to have their ID and CC scanned already, the highres ones) and to cancel the order.
    I don't have a scanner or printer. But do have my CC and passport scanned in on my computer (went to a cybercafe). I guess I'm a scammer?
    Last edited by sensel; 08-17-2011 at 07:25 PM.

  19. #19
    Join Date
    Aug 2004
    Location
    Kauai, Hawaii
    Posts
    3,799
    Quote Originally Posted by Dougy View Post
    was this the HP box you were selling a while back
    You must have me confused with someone else :-) I've never had HP. This was a supermicro box from one of the vendors on this forum that we use a lot. Fortunately I managed to rent the server to another client within 30 days or so.

  20. #20
    Join Date
    Aug 2011
    Posts
    147
    Quote Originally Posted by Rens View Post
    We've even had one fraud case with matching ID and bank card. I can recommend asking for a home utility bill to verify the address. This is not something that is offered on the "ID market".
    Hmm. That is a good idea. Have you had success with requesting this form of ID?

  21. #21
    Join Date
    Jun 2011
    Posts
    76
    just curious as i am not a provider myself...so what do scammers usually do with their account, which they presumably only have for a few days?

  22. #22
    Join Date
    Mar 2009
    Location
    Minnesota
    Posts
    700
    It is surprising, they're even emailing/calling in for support...and to have a chargeback 24-40 days later, it's a huge waste of time, and PITA.
    madgenius.com - S Corp. We are US based company.
    Web Hosting, Cloud VPS, and Dedicated Solutions since 1998
    Also offering custom solutions and automated provisioning for most services

  23. #23
    Quote Originally Posted by ispclub.com View Post
    We have recently started seeing a very large inflow of fraudulent orders – wonder if others are also seeing this – perhaps we can all get together and come up with ways to battle this …

    Any suggestions?
    You want to automate this. Not make people submit stuff via the website... or w/e. You want to use something like Ethoca360 or someone serious like that, who has a large database and works with big hosting companies and large ecom merchants... like they do. I would suggest giving them a call... its not cheap... I think prices start at like $500/mo, but well worth the results, if you are having big CC problems....

    If its PayPal related, where they just keep using fake orders and stuff. I would recommend that you contact paypal, or perhaps ban their IP from your site if they are using the same IP... if not... disable paypal if possible for an hour... they might stop.

    Depends... could you give us more information about what type of medium is being used?

  24. #24
    Join Date
    Aug 2001
    Location
    Houston, TX
    Posts
    377
    We’re seeing quite few fraudulent orders coming from people with emails on different WORLD.com domains (like techie.com, minister.com etc.)

    Please reply if you are experiencing the same? Also, any suggestions?
    < < E Z Z I . n e t > >
    Best-of-breed Hosting Services
    http://www.ezzi.net | 1-866-GET-EZZI : sales@ezzi.net

  25. #25
    Join Date
    Jul 2008
    Location
    New Zealand
    Posts
    1,225
    Quote Originally Posted by vivithemage View Post
    It is surprising, they're even emailing/calling in for support...and to have a chargeback 24-40 days later, it's a huge waste of time, and PITA.
    We have this mostly. I don't even think they're fraud but legit customers who chargeback near the end of their term after fulling using their server/bandwidth AND contacting support on various occasions.

    Recently however, we've been having PayPal "review" many legit transactions. Normally this is fine, but they hold payments for nearly 2 weeks and customers simply don't want to wait this long. We can't provide service in case Paypal decides to reverse the transaction and the client doesn't want to pay for service already used.

    Also I've found 2CheckOut's fraud checking to fail a lot recently. We have bigger orders (3monthly-6monthly) pass, then 30-60days later chargeback. We've challenged the charges a few times, but every-time we've lost based on the same reason (something like bank has decided XX)

Page 1 of 5 1234 ... LastLast

Similar Threads

  1. Fraud Orders
    By HostingOne-Jeff in forum Running a Web Hosting Business
    Replies: 12
    Last Post: 02-24-2007, 04:01 PM
  2. How many fraud orders?
    By TechnicGeek in forum Running a Web Hosting Business
    Replies: 11
    Last Post: 05-17-2005, 02:01 PM
  3. Fraud Orders all Over
    By EpicServers in forum Running a Web Hosting Business
    Replies: 16
    Last Post: 07-02-2004, 11:29 PM
  4. Fraud Orders
    By tazd9t9 in forum Web Hosting
    Replies: 3
    Last Post: 10-24-2003, 06:53 PM
  5. Replies: 15
    Last Post: 09-21-2003, 05:21 AM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •