Results 1 to 30 of 30
  1. #1

    How do you deal with fake (somewhat harmless) customer information?

    We have some cases of (paranoid?? - funny??) customers that use fake information at sign up like company names that obviously they don't belong to, silly street names, 1234567 phone numbers, etc.

    We look at them closely specially at the beginning of the setup process just to see that they are hosting harmless content, so we don't do anything about it.

    Do you let them be or do you do something about it?

  2. #2
    Join Date
    May 2013
    Posts
    177
    At least with domains you aren't allowed to let them be anymore - your registrar will be requiring that you collect the valid, verifiable information now.

    So if you're selling hosting services chances are that now it isn't your choice anymore, as most webhosting services also bundle domains.

  3. #3
    For phone numbers, I don't really mind as its a personal thing and especially if your host is younger, people may not trust you as much as with hosts like HostGator or BlueHost. Its the same with where people live etc.

  4. #4
    Join Date
    May 2013
    Posts
    177
    Quote Originally Posted by Synerhost View Post
    For phone numbers, I don't really mind as its a personal thing and especially if your host is younger, people may not trust you as much as with hosts like HostGator or BlueHost. Its the same with where people live etc.
    But yet they trust you with their credit card number?

    Makes you think whether it's really theirs...

  5. #5
    Join Date
    Oct 2013
    Location
    Everywhere
    Posts
    696
    Even though the fake information may seem harmless, it is harmless when nothing goes wrong. It's when things go wrong that you need someone who can take responsibility. And it's hard to get someone to take responsibility if you don't have all the applicable information (e.g. John Doe spammed the server!).

    Imagine for a second owning a shared server and managing the IP reputation. Your client gives you fake information and gets your IP's blacklisted. You need to get a the IP address cleaned up, and I'd personally charge a cleaning fee if the spam appears to be intentional. You'll have a really hard time collecting on this charge if you have a fake phone number or even a fake name.

    Even though in many cases it's somewhat harmless, it's an unnecessary risk. Just tell them to provide proper information or to face account suspension.

    Quote Originally Posted by derp View Post
    But yet they trust you with their credit card number?

    Makes you think whether it's really theirs...
    Clients may be paying via a payment gateway like PayPal where the credit card information isn't available to the merchant.

  6. #6
    Join Date
    Dec 2013
    Location
    Tirana, Albania
    Posts
    25
    Actually you don't deal with it! You should enforce it by stating that accounts with dummy data cannot be used. Don't go there and check all domains, but if they contact you through support, refuse to provide support unless they clearly identify themself as a normal customer and not as a fake zombie.

  7. #7
    Join Date
    Mar 2003
    Location
    Canada
    Posts
    8,910
    People worry too much...

    I work with a hosting business and we see a ton of fake information for whatever reason. However, we could care less. Why? All we care about is that the customer pays on time and that it is a valid payment. All the other details are not important to us. Maybe the customer values their privacy, maybe they are up to something... not our problem to sort out.

  8. #8
    Join Date
    Dec 2013
    Posts
    111
    Quote Originally Posted by Synerhost View Post
    For phone numbers, I don't really mind as its a personal thing and especially if your host is younger, people may not trust you as much as with hosts like HostGator or BlueHost. Its the same with where people live etc.
    I seconded this. I personally is not comfortable storing my PERSONAL information in someone else's database. Why? Because even though they have privacy policy, it's just paper and ink posted online with no signature even. I know people / employees in companies that sell personal information database to black market.
    So i don't trust them with my credit card too. I use PayPal.

  9. #9
    Join Date
    Dec 2013
    Posts
    111
    Quote Originally Posted by DomainNameAL View Post
    Actually you don't deal with it! You should enforce it by stating that accounts with dummy data cannot be used. Don't go there and check all domains, but if they contact you through support, refuse to provide support unless they clearly identify themself as a normal customer and not as a fake zombie.
    Wow. With all due respect, this reminds me to be not hosted by you. Remember that all transactions made online isn't 100% trustworthy. As much as hosts want to protect themselves, how about the protection of the customers? If the personal information database is stolen and sold in the black market the poor customer wouldn't even know from where his/her information was stolen from.

    I've even received an email notification that WHMCS of a host (won't mention the host name) was hacked and personal information was stolen.

    I've been a victim of this several times already and I won't be risking it again. I've even seen too many identity theft in some countries and I won't risk sending my ID to someone I don't personally know.
    Last edited by apartmentph; 01-01-2014 at 08:46 AM.

  10. #10
    Join Date
    May 2013
    Posts
    177
    Quote Originally Posted by AcclaimedHost Alan View Post
    Clients may be paying via a payment gateway like PayPal where the credit card information isn't available to the merchant.
    PayPal provides some billing information, and you as a merchant can set it to return the bill to address.

    If that's fake or seems fake then you'd be better off declining the order.

  11. #11
    Join Date
    May 2011
    Posts
    471
    Quote Originally Posted by derp View Post
    But yet they trust you with their credit card number?

    Makes you think whether it's really theirs...
    Ahh no. As a host, I only accept paypal (others do other payment methods where they do not collect credit cards)

    I do freak out a little when its clearly fake details, as it makes me think that I will be in for a chargeback / dispute. I do tolerate fake phone numbers, as I am the same, as I personally dont feel comfortable giving out my phone number simply as 9 times out of 10, people never take into consideration something known as timezones.

    But even if it is legit address, without asking for id, for all i know it could be their neighbours, or someone elses house.

    I just dont like the solution of having to force all clients to scan in ID... and even that doesnt help. One host here (on WHT) got a fake id with charlie sheens pic on it.
    I dont know what the best solution is, just so far, I let it slide.

    What I do not accept is signup with one email, and payment with another. I will either cancel the order, or shoot them an email, get an email from the payment account, and decide from that.

    @apartmentph, "I've even received an email notification that WHMCS of a host (won't mention the host name) was hacked and personal information was stolen. "

    It really does suck, and I *hate* having my own information online, but especially if you have domains where you host, you have to have correct information.

  12. #12
    The best practice is to refund transactions and to close an account that has fake or incorrect personal details. This should be specified in the web host's Terms of Service. Any Account profile should be at the name of the payee. Anything else is not just risky, but would create some legal issues. PayPal is not anonymous payment system, is it?
    Host Color Cloud Servers & Dedicated Hosting & European Infrastructure Hosting
    U.S. Data center 90 miles from Chicago
    Network ★ AS46873 Level 3, Cogent, Hurricane Electric, Retn.net, Midwest Peering
    24/7 Support 1-574-367-2393; Skype: HostColor

  13. #13
    Join Date
    May 2011
    Posts
    471
    Quote Originally Posted by HostColor View Post
    The best practice is to refund transactions and to close an account that has fake or incorrect personal details. This should be specified in the web host's Terms of Service. Any Account profile should be at the name of the payee. Anything else is not just risky, but would create some legal issues. PayPal is not anonymous payment system, is it?
    Good point, I might need to revise the TOS I have.

    but how do you verify that it is their legit address and not a real address chosen at random?

  14. #14
    The best option is the billing address to match the address in the customer's profile. However it is absolutely fine a customer to have different billing and account addresses. A provider just needs to record them into its account management system. When it comes to a company it is even easier to locate the valid corporate address.
    Host Color Cloud Servers & Dedicated Hosting & European Infrastructure Hosting
    U.S. Data center 90 miles from Chicago
    Network ★ AS46873 Level 3, Cogent, Hurricane Electric, Retn.net, Midwest Peering
    24/7 Support 1-574-367-2393; Skype: HostColor

  15. #15
    Join Date
    May 2013
    Posts
    177
    Quote Originally Posted by Mad_matt View Post
    Good point, I might need to revise the TOS I have.

    but how do you verify that it is their legit address and not a real address chosen at random?
    Depends how far you're willing to go. If you're needing the most stringent of checks, do it manually: first google the address to make sure it isn't one of those 'rent an address' services, then send a letter with a verification code to that address.

  16. #16
    Join Date
    May 2013
    Posts
    177
    Quote Originally Posted by HostColor View Post
    When it comes to a company it is even easier to locate the valid corporate address.
    That's not true. You can put any address you want on a company profile.

  17. #17
    It would raise our suspicions of fraudulent/abusive intentions and upon discovering that they provided us with false information, we would kindly request the correct information and then phone verify the client to make sure.

  18. #18
    Join Date
    Nov 2013
    Location
    Las Vegas
    Posts
    12
    We shrug it off as long as long as they arent trouble makers
    www.twojacksoneport.com
    Managed Dedicated Servers
    HA VPS servers
    24x7 Support

  19. #19
    We recently had a client. Who signed up, and just before his billing period was ending he asked for money back. His address and his phone both were fake so obviously he was doing something wrong. We found he was posting on different forums with his VPS, as it has USA ip. But we didnt find any abuse data.

    He was a local client so, then he came back at our office, and gave us his original license copy to verify. So then we have issued his moneyback.

    But that might not possible in other cases where client can be from anywhere around the world.

  20. #20

  21. #21
    Join Date
    Feb 2008
    Posts
    335
    You should always try to collect the correct/valid information from your customer.

    Not only because it can be a malicious customers trying to use your services to make a chargeback after using it, but also because you're providing a service that is a bridge through the Internet to other users, which allows this customers to sell illegal services/products, bullying someone, spread malware, hijack information (Phishing - credit card details, login details, etc), send Spam, and many other things.

    As already someone shared, at this moment anyone who has a domain name, needs to have valid data at their WHOIS Contact. If not, they can probably lose their domain name.

    I run a webhosting company, but i'm also a Internet user. I'm not concerning about sharing my name, address or phone number as i'm not paranoic about privacy.

    But if i would like to protect my information, i wouldn't be providing fake data to my suppliers. For domains, i could just simply use a Privacy Protection / Whois Protection / Whois Proxy service.

    For billing data and other information present in "online Client Areas", i would first contact the company and ask them some informations and details about how they protect customer information and if they could store some private information only on offline accessible systems.

    I would like to share one little situation that happened recently with us: http://www.webhostingtalk.com/showthread.php?t=1337400

    As a Web Hosting company you can choose which side you are. You are either responsible, provide a good customer service and support and allow the Internet to grow securely, or you just accept any customer that you get, even knowing that something bad can happen.

    @Patrick said "All we care about is that the customer pays on time and that it is a valid payment."

    I don't know if you are providing webhosting services, but from my view, you're doing it wrong.

    Anyway, i would like to know if someone agrees with me.
    WebTuga Hosting - Portuguese Shared, Virtual and Dedicated Web Hosting
    CloudFire WebHosting - European Low Cost Cloud WebHosting

  22. #22
    Join Date
    Feb 2008
    Location
    South Florida
    Posts
    108
    I always think it is fraud or there is going to be a chargeback when I see fake information. I will usually contact the client and ask for their correct information. I find that a little bit of work in the beginning saves you from problems down the road.
    Michael Caputa President Web Results Inc
    REAL RESULTS FOR REAL REWARDS
    www.webresultsinc.com | follow us @webresultsinc
    design | hosting | e-commerce & shopping carts | app development | fax-to-email | announcer pro

  23. #23
    Join Date
    Jun 2002
    Location
    Texas
    Posts
    60
    @cenourinha I totally agree with you. Now especially when the information that is required by the Registrar's is stricter.

    In regards to credit cards we do not store them on our dedicated server but in Authorized.net credit card vault. Its cost a little more but worth it for our clients security.

    We have had to many bad experiencs with charge backs and fake addresses. So will closely look at new orders from new clients.

  24. #24
    Quote Originally Posted by Patrick View Post
    People worry too much...

    I work with a hosting business and we see a ton of fake information for whatever reason. However, we could care less. Why? All we care about is that the customer pays on time and that it is a valid payment. All the other details are not important to us. Maybe the customer values their privacy, maybe they are up to something... not our problem to sort out.
    I personally find that a little worrying. This opens a big opportunity for fraud, chargebacks and further legal issues. Sure, you can get your payments on time, but in the era of online fraud you HAVE TO verify that they are coming from the card owner or an authorized source. Thus, why hosting companies need to have a clearly defined and protective verification check.

    A fake phone number is not an issue, but should there are missmatches in the order and its marked for verification, the phone call is one of the most efficient methods to catch a fraudster - experience shows that such criminals rarely give a real number, just because it makes them vulnerable to be exposed. Imagine calling your new potential "client" Jane Smith and hearing a deep voice with a thick accent on the other side...and I've personally had such calls too

    A fake address is somewhat unnecessary too - it will still differ from the billing details and create grounds for further investigation. So at the end, you still might undergo a phone and/or ID verification.

    From the position of the customer its all a matter of choice - if you don't feel safe enough to share all your details - fine, you might try and fake some of them, but in such case you have to be prepared to supply further documentation, like an ID and not take offence in the host, who are just trying to protect all their customers
    www.WebHostFace.com where Service always comes with a smiling face!
    Contact us for Shared, VPS, Reseller and Dedicated Hosting Solutions.

  25. #25
    Hi ##first_name##,

    I do apologize for the inconvenience on this. As part of our fraud checking procedures, we look at a large number of risk factors, and compare current orders against orders that in the past have been charged back due to fraud. For security reasons, we cannot disclose what specific things about your order caused it to be flagged as fraudulent. I do apologize for the inconvenience here, but due to a large number of red flags associated with the details on your order, we cannot accept your order and had to refund it.

    Best regards,
    That's our template, I think it gives an indication of how we would handle the situation. Is the irregularity on the order consistent with orders that in the past have caused problems regarding fraud or abuse? If so, we care about it. If not, we don't. Clearly fake details are definitely a fraud flag, but rejected orders normally have a number of fraud flags, not just one, so certain irregularities would not on their own cause us to reject an order.
    Last edited by funkywizard; 02-06-2014 at 10:56 AM.
    Phoenix Dedicated Servers -- IOFLOOD.com
    Email: sales [at] ioflood.com
    Skype: iofloodsales
    Backup Storage VPS -- 1TBVPS.com

  26. #26
    Join Date
    Oct 2013
    Location
    Everywhere
    Posts
    696
    Quote Originally Posted by TwoJacks View Post
    We shrug it off as long as long as they arent trouble makers
    Unfortunately, those who use fraudulent details are usually the ones who are the troublemakers.

  27. #27
    Join Date
    Dec 2011
    Posts
    563
    Quote Originally Posted by SaaSMX View Post
    We have some cases of (paranoid?? - funny??) customers that use fake information at sign up like company names that obviously they don't belong to, silly street names, 1234567 phone numbers, etc.
    Any obviously fake information means the order has a 99.9999% of being fraud - usually with a stolen credit card. Deprovision their service and bin that order.

  28. #28
    Join Date
    Dec 2011
    Posts
    563
    Quote Originally Posted by Patrick View Post
    People worry too much...

    I work with a hosting business and we see a ton of fake information for whatever reason. However, we could care less. Why? All we care about is that the customer pays on time
    Please please PLEASE - post your IP information so we can add it to our spam filters immediately.

    Pink hosts like yours are the primary reason spammers, botnets and every other form of malware user have the run of the internet. :|

  29. #29
    Join Date
    Jun 2004
    Location
    Europe
    Posts
    3,523
    Quote Originally Posted by Patrick View Post
    People worry too much...
    I work with a hosting business and we see a ton of fake information for whatever reason. However, we could care less.
    Until someone tries to sue one of your customers, gets a court order that you should disclose the details of your customer and you cannot, since you do not have anything valid on file. Then you run the risk that you get sued instead, after all, how can you prove that there was a 3rd party client that uploaded the content and its not actually yours?
    Swiftway.net Your Business deserves our Quality - Experts on Hand since 2005. Europe & US locations, we operate our own network AS35017
    Unbeatable dedicated bandwidth deals for Dedicated servers ! Support response time <15 minutes 24/7

  30. #30
    Join Date
    Mar 2012
    Location
    United Kingdom
    Posts
    1,178
    We get a ton of these so I always send them a message and multiple emails telling them to update their contact addresses etc. When they don't reply and they don't do it then I just terminate them as they're normally hosting 'hack' material or 'suspicious' content
    Sapatana.eu ILoveBilling
    120Gbps DDoS Protection on Shared Hosting, Reseller Hosting, XEN Windows and Linux VPS, Domains, SSL Certificates
    PayPal | BitPay (BitCoin) | UK Bank Transfer | International Bank Transfer

Similar Threads

  1. [FEATURED] Customer provided fake data and is asking for refund
    By cenourinha in forum Running a Web Hosting Business
    Replies: 11
    Last Post: 01-16-2014, 08:35 PM
  2. Is it illegal to use fake names for customer service?
    By joephill in forum Web Hosting Lounge
    Replies: 26
    Last Post: 09-13-2005, 12:21 PM
  3. Real or fake ? .Org contact information
    By thomas.smith in forum Running a Web Hosting Business
    Replies: 10
    Last Post: 11-03-2004, 02:16 AM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •