Results 1 to 25 of 31
Thread: Fraud Accounts
-
05-09-2011, 03:56 AM #1Aspiring Evangelist
- Join Date
- Jan 2008
- Location
- Washington DC
- Posts
- 443
Fraud Accounts
With all of the data breaches recently and millions of peoples information being stolen, We have seen an uptick in fraud accounts, as well as hacking attempts via brute force password guessing. Now the brute force doesnt concern us too much as we require very secure passwords FOR EVERYTHING, however, we were wondering if there was a central resource for established web hosts to share information about fraud accounts like:
Email addresses used,
Mailing addresses used
IP Addresses
"sob" stories used to try and get free services
etc.
We believe there should be a centralized resource, or at least a thread or topic that web hosts can post this information in to alert others to.
Does anyone else have any thoughts about this?
-
05-09-2011, 04:35 AM #2Web Hosting Master
- Join Date
- May 2008
- Location
- Melbourne, Australia
- Posts
- 10,629
We believe there should be a centralized resource, or at least a thread or topic that web hosts can post this information in to alert others to.
We have had a few fraud orders come through that have actually been genuine customers so sometimes you need to be on your toes and address those issues, I am not sure if opening one thread is going to address all of our issues -- then again privacy might be another concern in such instances.██ l Dedigeeks • Shared • Wordpress • Dedicated • Established 2006
██ l Leading AUSTRALIAN Hosting Provider • Sydney & Melbourne Datacentres
██ l cPanel/WHM • R1Soft Backups • 24/7/365 Support • SMS Hosting Alerts*
██ l www.dedigeeks.com • Managing Director • Service Superstars
-
05-09-2011, 06:41 AM #3Web Hosting Master
- Join Date
- Sep 2007
- Posts
- 1,018
-
05-09-2011, 07:20 AM #4Web Hosting Master
- Join Date
- Feb 2002
- Location
- New York
- Posts
- 791
We have always seen an increase in fruad when we launch a new promotion, especially if the promo is something includes giving away free month or something like that. Then when the promo ends all the fraud orders seem to go back down to like 1% of orders or something like that. It always amazes me.
Anyway we have had good luck with using MaxMind. However I too have always thought it would be cool to have a database like the OP has posted. I have seen in the premium section of this forum some of us larger hosts post peoples IP addesses and names used during the signup of hosting that turned out to be a fraud order.
I understand their is liability in publishing such info but still think their are some ways to do a database that would be somewhat of a rliable source. I know some time ago their was a member here on WHM that mentioned building such a database and I think even had like a beta of it. I will see if I can search and find it if so I will post it later on.~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
just a programmer
-
05-09-2011, 07:30 AM #5Web Hosting Master
- Join Date
- Jan 2011
- Location
- Varna, Bulgaria
- Posts
- 1,276
To solve the privacy issue, the database can contain only an MD5 hash of the users details, this way noone can see the real user details (so no private data exposed), yet everyone can compare if their user's details matches 100% the details of an already well-known fraudster.
-
05-09-2011, 09:16 AM #6Web Hosting Master
- Join Date
- Feb 2002
- Location
- New York
- Posts
- 791
I think maybe something like this might help. I have not actually used this and not sure if the project is still alive since I signed up back in Sept and never heard anything more about it
http://www.webhostingtalk.com/showthread.php?t=970170~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
just a programmer
-
05-09-2011, 09:38 AM #7Hello World
- Join Date
- Nov 2009
- Location
- /etc/my.cnf
- Posts
- 10,657
-
05-09-2011, 09:40 AM #8Web Host Reviewer
- Join Date
- Feb 2006
- Location
- Kepler 62f
- Posts
- 16,703
|| Need a good host?
|| See my Suggested Hosts List || Editorial: EIG/Site5/Arvixe/Hostgator Alternatives
||
-
05-09-2011, 09:47 AM #9Web Hosting Master
- Join Date
- Jan 2011
- Location
- Varna, Bulgaria
- Posts
- 1,276
-
05-09-2011, 09:58 AM #10Web Hosting Master
- Join Date
- Jan 2011
- Location
- Varna, Bulgaria
- Posts
- 1,276
About Privacy Policies: We (and i guess most everyone else) already send customer details to MaxMind. How is this handled (if at all) in your privacy policy?
-
05-09-2011, 02:09 PM #11Web Hosting Master
- Join Date
- Feb 2002
- Location
- New York
- Posts
- 791
Well Maxmind does not publicly list/make available peoples names, etc that are found to be submitting fraud orders (correct me anyone if I am wrong). Maxmind just looks at various data points for a given order and assigns it a "risk score" as a company owner you decide what score is too high to risk processing/accepting. I find the information Maxmind provides is very useful for pre-order processing scanning.
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
just a programmer
-
05-10-2011, 06:40 AM #12Aspiring Evangelist
- Join Date
- Jan 2008
- Location
- Washington DC
- Posts
- 443
Glad to hear that others are considering or have thought of the same thing. We have seen such a massive influx of attempted fraud from most of the Asian countries that we have basically taken a hardline stance not to accept orders from them unless they successfully pass multiple layers of verification. And we have blocked nearly every IP address from China due to the large volumes of spam, hacking attempts, or fraud attempts.
Recently we had one attempt to sign up for services trying to use the disaster in Japan to con us into giving him a free dedicated server. He stated that his other host shut him down without warning and wouldnt answer his support tickets. We inquired into his other host about the reason for account termination and well as we suspected, it was for non-payment.
Even if there was a way that the information could be encrypted, or even just generalized. Say just post the IP's and email addresses they used or the stories they used trying to con hosts into giving free services or using the services then having the charge disputed due to stolen information.
Thanks for the feedback on the topic.
-
05-10-2011, 07:06 AM #13Hello World
- Join Date
- Nov 2009
- Location
- /etc/my.cnf
- Posts
- 10,657
I wouldnt be so confident when theirs sites like this lurking around: http://www.md5decrypter.co.uk/
I,d say the opposite
From Wiki:
MD5 was designed by Ron Rivest in 1991 to replace an earlier hash function, MD4. In 1996, a flaw was found with the design of MD5. While it was not a clearly fatal weakness, cryptographers began recommending the use of other algorithms, such as SHA-1 (which has since been found also to be vulnerable). In 2004, more serious flaws were discovered, making further use of the algorithm for security purposes questionable; specifically, a group of researchers described how to create a pair of files that share the same MD5 checksum.[4][5] Further advances were made in breaking MD5 in 2005, 2006, and 2007.[6] In an attack on MD5 published in December 2008, a group of researchers used this technique to fake SSL certificate validity.[7][8] US-CERT of the U. S. Department of Homeland Security said MD5 "should be considered cryptographically broken and unsuitable for further use,"[9] and most U.S. government applications now require the SHA-2 family of hash functions.Last edited by Server Management; 05-10-2011 at 07:12 AM.
UK Based Proactive Server Management.
Zabbix Enterprise 24/7 Monitoring.
-
05-10-2011, 07:07 AM #14Aspiring Evangelist
- Join Date
- Jan 2008
- Location
- Washington DC
- Posts
- 443
And let us be first to point out this obvious fraud attempt:
05/09/2011 Rengers Huon ------------------------------------------------------------ Hi, sorry to bother you but. I am currently useing (Rackspace.com) Windows VPS 2003. Now my VPS is getting hacked regulary, there staff is not helping me one bit, then thay just shutdown my VPS and i got no REFUND, also i have suffered through the Queensland floods and cyclone, also my Brother died in the Japan Earthquake and Flooding/ Tsunami too. So, im just asking you. Can i possible please can i get a Free trial for 1 Week - 1 month on one of your fantastic Windows Servers. look i got RIPPED off, look im so poor from what i have suffered from. So please can you help me out and support me ? Also look, im really poor now because of this Inncident. Look ill try to Donate whenever i can, ill advertise/ Invite or help out plus much more. So please can you support and help me ?
Thank you for your interest in Agent Black Web Hosting. We are glad
that you have taken the time to inquire into our services.
First let us say that we are terribly sorry to hear of your troubles.
We are also sadden to hear of the loss of your brother in the horrible
events in Japan.
However, prior to us giving any services away, we would like to check
with your previous host and see what kinds of problems you were
experiencing. We maintain a SPAM free network and we also take our
network security very seriously. Please visit our Terms of Service
and other legal documents at:
https://client.agentblackhosting.com...eId=2&public=1
and
https://client.agentblackhosting.com...eId=4&public=1
.
To which, if you could provide us with your old Rackspace account
number and/or support ticket numbers that you had with them, we will
follow up with Rackspace just to see what kind of troubles you were
having. Also, if possibly, please contact rackspace and have us added
to your contact list so we can discuss with them about your troubles.
We would also like to know what you would be using your Windows
Machine for. Do you have a domain name? If so, what is it? Who is
it registered with?
After you reply with this information and we verify with Rackspace the
problems you were having, we will pass your information up to our
management team for review.
Again, we are sorry to hear of your troubles, and we look forward to
hearing from you soon.
Several back and forth emails including these (edited to fix some of the profanity):
Can i possible get a FREE month or FREE trial on 1 of your Lovely Windows SERVERS or NOT ????Wait, there LIEING/ Cheating, scammers. There not telling you the TRUTH, Thay scammed me and SHUTDOWN my VPS no Reason, no REFUND. i had the Recipet, but since i got a NEW computer, i cannot find IT. So please man, can you please HELP and SUPPORT me ????Fine then, you just a very RUDE and SAD individual, you dont even care, support or HELP me. You Sir, you must be VERY SAD and you must be AS#HAMED of yourselfYea, i know it. Your COMPANY is a SHADY, RUDE and Proberly you SCAM too. I will WRITE BAD reviews about your Company on FORUMS, ill tell people not to come to your Company and you will proberly go BANKRUPT and never be back online EVER AGAIN, now F$%K off !!!!
So our suggestion is to deny his request and terminate any services you may have with him.
Good luck!
Edit: Full transcript of the support ticket is available to any webhost who wishes to review it.Last edited by James-AgentBlack; 05-10-2011 at 07:18 AM.
-
05-10-2011, 07:14 AM #15Web Hosting Master
- Join Date
- May 2008
- Location
- Melbourne, Australia
- Posts
- 10,629
██ l Dedigeeks • Shared • Wordpress • Dedicated • Established 2006
██ l Leading AUSTRALIAN Hosting Provider • Sydney & Melbourne Datacentres
██ l cPanel/WHM • R1Soft Backups • 24/7/365 Support • SMS Hosting Alerts*
██ l www.dedigeeks.com • Managing Director • Service Superstars
-
05-10-2011, 07:14 AM #16Hello World
- Join Date
- Nov 2009
- Location
- /etc/my.cnf
- Posts
- 10,657
UK Based Proactive Server Management.
Zabbix Enterprise 24/7 Monitoring.
-
05-10-2011, 07:16 AM #17Web Hosting Master
- Join Date
- May 2008
- Location
- Melbourne, Australia
- Posts
- 10,629
@SLD - Try looking over here
http://www.webhostingtalk.com/showth...08%40gmail.com██ l Dedigeeks • Shared • Wordpress • Dedicated • Established 2006
██ l Leading AUSTRALIAN Hosting Provider • Sydney & Melbourne Datacentres
██ l cPanel/WHM • R1Soft Backups • 24/7/365 Support • SMS Hosting Alerts*
██ l www.dedigeeks.com • Managing Director • Service Superstars
-
05-10-2011, 07:16 AM #18Cloud & Web Hosting Specialist
- Join Date
- Oct 2007
- Posts
- 4,332
[ James Lee - Cloud & Web Hosting Specialist • 10+ Years WHT Veteran]
[ Magento Performance Consultation by Magento Master ]
-
05-10-2011, 07:17 AM #19Hello World
- Join Date
- Nov 2009
- Location
- /etc/my.cnf
- Posts
- 10,657
-
05-10-2011, 07:18 AM #20Web Hosting Master
- Join Date
- Jan 2011
- Location
- Varna, Bulgaria
- Posts
- 1,276
-
05-10-2011, 07:19 AM #21Web Hosting Master
- Join Date
- May 2008
- Location
- Melbourne, Australia
- Posts
- 10,629
Dont worry Sean ive already seen it
But honestly, you could see it from the get go, no need to open a thread really as you are going to encounter a heck of a lot more in your journeys an this one was just a silly fool who got caught.
Fraud accounts are inevitable, it is up to the provider to wiggle them out, or have preventative measures to ensure they are detected and manually reviewed prior to activation of their services to avoid any unwarranted actions.██ l Dedigeeks • Shared • Wordpress • Dedicated • Established 2006
██ l Leading AUSTRALIAN Hosting Provider • Sydney & Melbourne Datacentres
██ l cPanel/WHM • R1Soft Backups • 24/7/365 Support • SMS Hosting Alerts*
██ l www.dedigeeks.com • Managing Director • Service Superstars
-
05-10-2011, 07:23 AM #22Aspiring Evangelist
- Join Date
- Jan 2008
- Location
- Washington DC
- Posts
- 443
After it was passed along to management, it was very obvious that it was a scam, however we wanted to do due diligence to ensure that maybe it was a valid request.
And to SLDHosting, this is in our Acceptable Use Policy:
Agent Black may disclose subscriber information or information transmitted over its network where necessary to protect Agent Black and others from harm, or where such disclosure is necessary to the proper operation of the system. However, Agent Black will never sell information to other services or outside companies.
-
05-10-2011, 07:26 AM #23Aspiring Evangelist
- Join Date
- Jan 2008
- Location
- Washington DC
- Posts
- 443
All accounts are manually verified multiple ways, including by telephone verification. Our staff has done a great job weeding out the scammers.
Well it is nice to know that this guy has been spotted on here before. Glad to see others are on to his tricks.
And we agree that it is wrong and just down right disgusting to use the disaster in Japan and Australia to try and win sympathy.
-
05-10-2011, 07:29 AM #24Hello World
- Join Date
- Nov 2009
- Location
- /etc/my.cnf
- Posts
- 10,657
Where did I state that I was an MD5 cracking expert?
I merely stated the facts that MD5 can be decrypted and has been decrypted maybe times thus goverment departments jumped its ship, Why not take your request over to some cracking forums
He might want to know more information on your windows offeringsUK Based Proactive Server Management.
Zabbix Enterprise 24/7 Monitoring.
-
05-10-2011, 07:31 AM #25Web Hosting Master
- Join Date
- May 2008
- Location
- Melbourne, Australia
- Posts
- 10,629
██ l Dedigeeks • Shared • Wordpress • Dedicated • Established 2006
██ l Leading AUSTRALIAN Hosting Provider • Sydney & Melbourne Datacentres
██ l cPanel/WHM • R1Soft Backups • 24/7/365 Support • SMS Hosting Alerts*
██ l www.dedigeeks.com • Managing Director • Service Superstars
Similar Threads
-
Fraud Accounts
By haaser in forum Running a Web Hosting BusinessReplies: 16Last Post: 02-23-2010, 07:39 PM -
fraud accounts
By Precise in forum Running a Web Hosting BusinessReplies: 0Last Post: 09-25-2002, 01:58 PM -
Fraud and third-party merchant accounts protection
By poncho2000 in forum Running a Web Hosting BusinessReplies: 0Last Post: 07-05-2002, 02:44 PM -
Just proving *shell* accounts = fraud
By jic in forum Web HostingReplies: 15Last Post: 02-19-2001, 08:30 PM