Results 1 to 11 of 11
-
10-24-2006, 06:58 PM #1WHT Addict
- Join Date
- Aug 2003
- Posts
- 152
Fighting Fraud - Which IP's to block
Can anyone provide any information on what IP blocks we should block to prevent fraud from countries such as Indonesia, Vietnam, etc?
-
10-24-2006, 07:02 PM #2Keep rockin' in the free world
- Join Date
- May 2002
- Location
- Kingston, Ontario
- Posts
- 1,588
This can easily be avoided by using a proxy, I don't see blocking IPs as a viable solution to a fraud problem.
-
10-24-2006, 07:26 PM #3Web Hosting Master
- Join Date
- Feb 2006
- Location
- Buffalo, NY
- Posts
- 1,501
I wouldn't recommend doing this, not only is it not effective, it won't really stop anyone.
The best way to prevent fraud is use your common sense. If the details such as address, phone, etc say "Chicago Illinois", and the IP for the account is in China.. most likely it's going to be fraud. (Use your discretion of course)█ Cody R.
█ Hawk Host Inc. Proudly Serving websites since 2004.
█ Official Let's Encrypt Sponsor
-
10-24-2006, 10:39 PM #4WHT Addict
- Join Date
- Aug 2003
- Posts
- 152
Appreciate your comments however we know that many fraudulent orders we receive come from these high risk countries. We need to know which IP blocks they use typically so we can have these blocked by our payment processor. Otherwise, the way the system currently works is that we have to refund the transaction and in the case of Worldpay, we lose the merchant service fee (4.5%). This is quite considerable over the course of a year.
If we can block the IP blocks, we can have these orders rejected before they are processed. Of course, scammers can use proxy's, but at least we have implemented an extra step of protection.
Can anyone else shed some light on this?
-
10-24-2006, 10:51 PM #5Web Hosting Master
- Join Date
- Feb 2006
- Location
- Buffalo, NY
- Posts
- 1,501
In that case I'm not sure where you can get a list of ranges, but you could probably just resolve the hostname and take the country code from the butt end of it and mark it accordingly.
█ Cody R.
█ Hawk Host Inc. Proudly Serving websites since 2004.
█ Official Let's Encrypt Sponsor
-
10-24-2006, 11:30 PM #6Web Hosting Master
- Join Date
- Aug 2002
- Location
- Atlanta, GA
- Posts
- 1,114
http://software77.net/cgi-bin/ip-country/geo-ip.pl
On the right hand side is a box that says 2 country code. You can get IPs for any country.
What you want to do will not stop even the average hacker as they will come in from open servers in the US or where ever. However, it will stop a lot of standard script stuff.SiteSouth
Atlanta, GA and Las Vegas, NV. Colocation
-
10-25-2006, 12:23 AM #7Web Hosting Master
- Join Date
- Feb 2006
- Location
- Buffalo, NY
- Posts
- 1,501
I for one tend to use TOR, which happens a lot of the servers are in these "high-risk" countries. Though it shouldn't be much of a problem, it's something to think about.
█ Cody R.
█ Hawk Host Inc. Proudly Serving websites since 2004.
█ Official Let's Encrypt Sponsor
-
10-25-2006, 03:57 AM #8WHT Addict
- Join Date
- Sep 2006
- Posts
- 129
Use the countries.blackholes.us RBL list.
-
10-25-2006, 04:09 AM #9
Using proper fraud protection service is what you need to do, not blocking all orders from these countries. Occasionally you will receive legitimate orders from them.
Use something like maxmind or fraudguardian to scan for fraud, this will be good if you implement it properlyTom Whiting, WHMCS Guru extraordinaire
Linux problems? WHMCS Problems? Give me a shout
Check out my WHMCS Addons
-
10-25-2006, 05:18 AM #10Web Hosting Master
- Join Date
- Feb 2006
- Location
- Buffalo, NY
- Posts
- 1,501
I wouldn't say you would be missing out on much if anything. The cost of most services usually outweigh occasional fraudulent orders. If you use your own discretion without removing all human interaction you should be fine.
█ Cody R.
█ Hawk Host Inc. Proudly Serving websites since 2004.
█ Official Let's Encrypt Sponsor
-
10-25-2006, 12:48 PM #11Web Hosting Master
- Join Date
- Aug 2002
- Location
- Atlanta, GA
- Posts
- 1,114
The best thing to do is call anyone that signs up. We started doing this a little over a year ago. Since then we have had no succesful fraud signups. All it cost was a phone call.
SiteSouth
Atlanta, GA and Las Vegas, NV. Colocation