Results 1 to 11 of 11

Thread: Fedup of fraud

  1. #1

    Fedup of fraud

    Hello,

    In the space of 1 month we have had two fradulent signups. The first one was quite obvious so we terminated his account after he had used a spam script to send hundreds of e-mails bringing the server load up to around 30.

    Secondly today, we've had a scammer sign up to our services and registered a domain, then I have paypal e-mail me telling me that the funds paid have been frozen, now losing money 2 times due to spammers is annoying, and contacting paypal to opt in for the seller protection most likely is more hassle than its worth.

    The problem is this order seemed legitimate, so I installed the account and a few hours later find its a scam. This is beggining to get slightly irritating. The question at hand is how can we prevent this occuring in the future? I live outside the USA, therefore calling USA numbers is quite dear, so I can't verify that way. Is there any paypal service which lets you check if the account has been compromised before I activate the hosting plan?

    There needs to be some major crackdown on fraud these days, it seems all too easy to gain access to funds that arn't yours, and this is quite disturbing.

    Thanks for your help,

    Jeff
    BeeServe
    * Rock solid shared & reseller UK webhosting. No downtime™ *
    Now offering fully managed VPS servers

  2. #2
    Join Date
    Feb 2005
    Location
    Northern VA
    Posts
    1,582
    I don't mean to minimize your problem because fraud irks me to no end but 2 cases of fraud in a month is not a lot. I think any fraud protection you can get is a very good thing.
    Rich
    Husband, Father, Retired Marine, Geek

  3. #3
    I check all orders #s on whitepages.com on the reverse lookup. That can help if you aren't quite sure if its a fraud or not. I noticed with most of the fraud signups I get they dont have domain names (but still enter one, always do a whois), and they put . in between the phone #s ex. 544.444.4444 (just something small I noticed) If your going to register a domain for the account make sure all their information is real and send them an email to say their paypal account email that they must respond to.
    Eleven2 Web Hosting - World-Wide Hosting, Done Right!

  4. #4
    Join Date
    Nov 2001
    Location
    Chicago
    Posts
    1,135
    We get over 30 fraudulent orders a day. Without serious scrubbing, our bank would
    be very upset with us.

    My recommendation: Telephone verification (automated if you can afford it) and IP
    checking is enough to get rid of all but 1-2% of fraud. The rest you have to catch by
    hand.

    Look for asian domain names and american addresses, IPs that trace to Viet Nam
    when the address is in California... Ips in Ukraine when the customers address is
    in Chicago... Its not hard to catch. If you have access to CC numbers, check for
    multiple attempts from sequentual IPs -- like xxx1234 then it declines, so they try
    xxxx1235, etc.

    Catching fraud is an art more than a science, but its very important. Fraud WILL put
    you out of business fast unless you can control it.
    ---
    Dan Ushman
    Co-founder & CMO
    SingleHop, Inc.

  5. #5
    Join Date
    Oct 2001
    Location
    The Ozarks
    Posts
    888
    1. Don't automate signups.
    2. Trace the IP and see if the order came from the correct area as the signup info
    3. Check to see if the signup email address on the order matches the paypal address of the customer
    4. If you are suspicious, lookup the customers phone online, if available, and call to verify.

    Automating signups can target you by spammers...word gets around fast. All they need i a few minutes to send their spam and they could care less if you kill their account.
    Also, if they used a hacked paypal account to purchase hosting, seller protection won't help you, as the funds will be returned, regardless. Your best bet is to screen all orders yourself, and cancel subscriptions and refund the money if it seems suspicious, before paypal does.

    BTW....only 2 fraud signups in a month? Everyone should be so lucky.
    Need Control Panel help? Tutorials, FAQS, user guides. and more
    Don't have the control panel you use listed? Let us know.

  6. #6
    Thanks very much for everything people, it was of great help

    BTW....only 2 fraud signups in a month? Everyone should be so lucky.
    I presume its because we only use paypal at the moment, the 2checkout gateway hasn't been activated so far, thanks for making me feel lucky though
    BeeServe
    * Rock solid shared & reseller UK webhosting. No downtime™ *
    Now offering fully managed VPS servers

  7. #7
    Join Date
    Oct 2001
    Location
    The Ozarks
    Posts
    888
    Paypal has been our largest fraud gateway.....2Checkout fraud is very limited.
    We had one (gentleman) signup with the same information, using different stolen paypal accounts, multiple times in 2 days. We don't use automated signups, don't they get it? We were just so tired of it that we no longer have paypal as an option on our order form. If they have a paypal account, they most likely have a credit/debit card, either paypal or bank style, and can use another gateway....
    Need Control Panel help? Tutorials, FAQS, user guides. and more
    Don't have the control panel you use listed? Let us know.

  8. #8
    Robert, would you reccomend us removing paypal as a gateway and only using merchant accounts? I can see this problem escalating, so it would be nice to remove the threat of near future occurences.

    Once again, thanks for all your help guys
    BeeServe
    * Rock solid shared & reseller UK webhosting. No downtime™ *
    Now offering fully managed VPS servers

  9. #9
    Join Date
    Mar 2004
    Location
    Singapore
    Posts
    6,990
    For us we take cheques normally , so such frauds doesnt affect us, but it is a nuisance to receive a few orders every day with USA addresses and Vietnam names.

  10. #10
    Join Date
    Oct 2001
    Location
    The Ozarks
    Posts
    888
    It all depends on the target market you are trying to reach, and how much time you are willing to spend manually verifying orders. If the 2 fraud orders you received are a very low percentage of total orders, and all your orders are thru paypal, it wouldn't make sense to disable it. I would first activate your 2checkout gateway and monitor the fraud to both..There are several good verification companies that are very cheap to use, including FraudGuardian, or Fraudcall from Varilogix which verifies the order before it's completed. Might be worth a look into this.

    No matter what gateway you use, there is always a risk of fraud...in our experience it has been less credit card fraud vs stolen paypal accounts. Plus with some of the issues we've seen with paypal, we just chose to not use it at this time...maybe that will change in the future.
    Need Control Panel help? Tutorials, FAQS, user guides. and more
    Don't have the control panel you use listed? Let us know.

  11. #11
    Join Date
    Aug 2004
    Location
    Earth
    Posts
    8,154
    2Checkout does protect you against fraud, but even their system lets it slide sometimes.

    PayPal on the other hand has no fraud protection at all, they do not trace ips or verify any information.

    1. Disable instant account activations
    2. Verify each order with a human phone call
    3. Trace the IP always!
    4. Make sure the phone number and address match.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •