Results 1 to 11 of 11
  1. #1

    Fighting Fraud - Which IP's to block

    Can anyone provide any information on what IP blocks we should block to prevent fraud from countries such as Indonesia, Vietnam, etc?

  2. #2
    Join Date
    May 2002
    Location
    Kingston, Ontario
    Posts
    1,588
    This can easily be avoided by using a proxy, I don't see blocking IPs as a viable solution to a fraud problem.

  3. #3
    Join Date
    Feb 2006
    Location
    Buffalo, NY
    Posts
    1,501
    I wouldn't recommend doing this, not only is it not effective, it won't really stop anyone.

    The best way to prevent fraud is use your common sense. If the details such as address, phone, etc say "Chicago Illinois", and the IP for the account is in China.. most likely it's going to be fraud. (Use your discretion of course)
    Cody R.
    Hawk Host Inc. Proudly Serving websites since 2004.
    Official Let's Encrypt Sponsor

  4. #4
    Appreciate your comments however we know that many fraudulent orders we receive come from these high risk countries. We need to know which IP blocks they use typically so we can have these blocked by our payment processor. Otherwise, the way the system currently works is that we have to refund the transaction and in the case of Worldpay, we lose the merchant service fee (4.5%). This is quite considerable over the course of a year.

    If we can block the IP blocks, we can have these orders rejected before they are processed. Of course, scammers can use proxy's, but at least we have implemented an extra step of protection.

    Can anyone else shed some light on this?

  5. #5
    Join Date
    Feb 2006
    Location
    Buffalo, NY
    Posts
    1,501
    In that case I'm not sure where you can get a list of ranges, but you could probably just resolve the hostname and take the country code from the butt end of it and mark it accordingly.
    Cody R.
    Hawk Host Inc. Proudly Serving websites since 2004.
    Official Let's Encrypt Sponsor

  6. #6
    Join Date
    Aug 2002
    Location
    Atlanta, GA
    Posts
    1,114
    http://software77.net/cgi-bin/ip-country/geo-ip.pl

    On the right hand side is a box that says 2 country code. You can get IPs for any country.

    What you want to do will not stop even the average hacker as they will come in from open servers in the US or where ever. However, it will stop a lot of standard script stuff.
    SiteSouth
    Atlanta, GA and Las Vegas, NV. Colocation

  7. #7
    Join Date
    Feb 2006
    Location
    Buffalo, NY
    Posts
    1,501
    I for one tend to use TOR, which happens a lot of the servers are in these "high-risk" countries. Though it shouldn't be much of a problem, it's something to think about.
    Cody R.
    Hawk Host Inc. Proudly Serving websites since 2004.
    Official Let's Encrypt Sponsor

  8. #8
    Use the countries.blackholes.us RBL list.

  9. #9
    Join Date
    Sep 2002
    Location
    Top Secret
    Posts
    14,135
    Using proper fraud protection service is what you need to do, not blocking all orders from these countries. Occasionally you will receive legitimate orders from them.

    Use something like maxmind or fraudguardian to scan for fraud, this will be good if you implement it properly
    Tom Whiting, WHMCS Guru extraordinaire
    Linux problems? WHMCS Problems? Give me a shout
    Check out my WHMCS Addons

  10. #10
    Join Date
    Feb 2006
    Location
    Buffalo, NY
    Posts
    1,501
    I wouldn't say you would be missing out on much if anything. The cost of most services usually outweigh occasional fraudulent orders. If you use your own discretion without removing all human interaction you should be fine.
    Cody R.
    Hawk Host Inc. Proudly Serving websites since 2004.
    Official Let's Encrypt Sponsor

  11. #11
    Join Date
    Aug 2002
    Location
    Atlanta, GA
    Posts
    1,114
    The best thing to do is call anyone that signs up. We started doing this a little over a year ago. Since then we have had no succesful fraud signups. All it cost was a phone call.
    SiteSouth
    Atlanta, GA and Las Vegas, NV. Colocation

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •