Results 1 to 22 of 22
  1. #1
    Join Date
    Feb 2006
    Posts
    466

    This abuse is really aggressive...

    Someone keeps signing up for hosting accounts on my servers using different stolen Paypal accounts and identities. I register the domain name and have to pay it for a year in advance. One day later he sends hundreds of fraudulent phishing mails. This is really really bad now because:

    - I may lose my Paypal account due to a large number of fraudulent orders
    - I may lose my server due to the spam
    - I am paying a lot of money to register domain names.

    Anyway...does anyone have an idea what can be done against these bastards ?

  2. #2
    Join Date
    Oct 2005
    Location
    UK
    Posts
    552
    Do you have any sort of fraud protection? If not you seriously need to look into implementing a fraud protection system.

    There are services out there that can help you identify fraud (but aren't going to catch all your fraud orders) such as minFraud from http://www.maxmind.com. There are other services out there and articles on how to reduce fraud, do some Google searches and they should reveal themselves to you.

    You might be able to, depending on the time that you have had the domain for, cancel the domain and get part or all of your money back. You'll need to ask your registrar about this.

    Hope that helps,

  3. #3
    Join Date
    Feb 2006
    Posts
    466
    My registrar does not refund : ( And unfortunately since I am using Paypal as my payment processor I can not really use fraud protection (i.e. I can not look at IPs etc.).

    Maybe I could look at the IP they use when they sign up. If it is from Onga Bonga the order will be denied...but most of the time they use hacked proxy servers to log in to my Cpanel accounts so I guess they are also using these when they order something. However, that is something I will try.

    I thought about registering the domain 1 day or 2 later so that I will at least save domain costs but of course this would disturb my honest customers.

  4. #4
    Join Date
    Sep 2003
    Posts
    3,854
    Quote Originally Posted by glace View Post
    My registrar does not refund : ( And unfortunately since I am using Paypal as my payment processor I can not really use fraud protection (i.e. I can not look at IPs etc.).

    Maybe I could look at the IP they use when they sign up. If it is from Onga Bonga the order will be denied...but most of the time they use hacked proxy servers to log in to my Cpanel accounts so I guess they are also using these when they order something. However, that is something I will try.

    I thought about registering the domain 1 day or 2 later so that I will at least save domain costs but of course this would disturb my honest customers.
    PayPal or not, you do need to use fraud protection. MaxMind as mentioned is a great choice.

    You should also consider phone verifying them. These are basic elementary things you should be doing.
    InnoHosting, Performance Web Hosting || US: 1-888-522-INNO UK: 0800 612 8075
    Web Hosting - Virtual Servers - Managed Servers - Application Hosting
    Reseller Hosting with WHMCS & Preloaded KB | SSL | activGuard | End User Support
    LiteSpeed / CloudLinux / Idera Backups / True 24x7 Support / 10+ Years in Business

  5. #5
    Join Date
    Oct 2005
    Location
    UK
    Posts
    552
    I have to agree. There is no excuse for not using fraud protection of any kind. You can check the sign up IP addresses, check blacklists, check e-mails, perhaps deny free e-mails, require PayPal e-mail on signup, do not register the domain instantly - instead wait for the order to be verified, check proxy headers, check IP country against PayPal country, etc.

    Just some things you can be doing yourself without the use of services such as minFraud from MaxMind - though fraud services can help to automate the processes - for example the telephone verification.

    Hope that helps,

  6. #6
    Join Date
    Feb 2006
    Posts
    466
    I think I will do it manually then. I have been running this business for 4 years and got signups from 5000 people. The fraud rate was around 0.1 to 0.2%. But now it is different. These ******** really get aggressive. Someone should put them out of their misery.

  7. #7
    Join Date
    Dec 2002
    Location
    Quad Cities, Iowa
    Posts
    1,597
    A few tips on Fraud Checking:

    Use whitepages reverse phone search, make sure the phone number provided matches up to the city, state that the customer specified.

    Use a geoip location service to check IP to the physical location provided by the client.

    Do a reverse address search (whitepages.com again). Often times, either this or the phone number will get you a last name (if their main number is published). Compare the name to the one the customer provided.

    The information you obtain always needs to be taken with a grain of salt, as their are occasions clients have a reason some of the data doesn't match up.

    Anyhow, in most fraud cases...At least 1 of those checks will fail.

    Personally, I call to verify each order, even if I think it's legit.

    There's only 1 case of fraud where I called and the order was verified.
    Need a new Web Host?
    Become a Host Refugee and receive TRUE 24/7 Support

    cPanel + Fantastico, PHP4 or PHP5
    HostRefugee.com - See our current promotions

  8. #8
    Join Date
    Sep 2006
    Location
    Cardiff - United Kingdom
    Posts
    1,568
    Whilst I can't comment on how to get hunt down fraudsters, I do know about domain buying.

    Either Moniker.com, GoDaddy and... one other, which I've forgotten, all allow you to cancel any domains you buy within 4-5 days, and you get a refund.

    With Moniker.com, there's a 4 day grace period (in which you can delete), and they charge a $0.25 fee.

    With GoDaddy, it's completely free to get a refund, and I think the grace period is 3-5 days (not sure on the exact time). To do this with GoDaddy, cancel the domain from your account, and then reply to the cancellation e-mail they send you with something like "Please refund me the money for this domain" (or similar).

    I hope this helps,
    Tristan Perry
    Plagiarism Guard - Protect Against Content Theft
    Tristan Perry - Personal blog

  9. #9
    Join Date
    Sep 2003
    Location
    Washington, USA
    Posts
    3,219
    Quote Originally Posted by glace View Post
    Someone keeps signing up for hosting accounts on my servers using different stolen Paypal accounts and identities. I register the domain name and have to pay it for a year in advance. One day later he sends hundreds of fraudulent phishing mails. This is really really bad now because:

    - I may lose my Paypal account due to a large number of fraudulent orders
    - I may lose my server due to the spam
    - I am paying a lot of money to register domain names.

    Anyway...does anyone have an idea what can be done against these bastards ?
    Here's something you can use to stop the spam problems:

    http://assp.sourceforge.net/

    It's an outbound spam filtering software that I've heard works well filtering phishing e-mails too.
    SHAW NETWORKS Simple. Professional. Reliable. Web Hosting Done Right.
    Low Cost & Award-Winning: cPanel Reseller Plans 24/7/365 Live Technical Support
    Website: www.shawnetworks.com Fast Response E-mail: sales @ shawnetworks.com
    Sick of downtime? Fed up with excuses? Drop your host! Switch to Shaw Networks.

  10. #10
    Join Date
    Jan 2008
    Location
    London, UK
    Posts
    154
    Do you use something like WHMCS or ClientExec to deal with your signups? They have optional modules...
    EX Networks Limited (EXN)
    █ Enterprise Managed Services, VMware Cloud, Complex Hosting
    █ UK Datacentre Solutions, IP Transit, Layer 2 Services
    www.exn.uk - Call us on: +44 (0) 203 002 9259

  11. #11
    Join Date
    Dec 2006
    Location
    Netherlands
    Posts
    1,430
    6 months back, I had 2-3 fraudulent orders a week and this continued for a month.

    Signed up for MaxMind's minFraud and phone verification. Now, 1 fraudulent order per month at MOST.

    It costs around 10 USD a month to get their services and saves you 1000s!

  12. #12
    Join Date
    Feb 2006
    Posts
    1,108
    Just wondering, does using phone ver really do much? Is it worth the price? Most of my orders are off IRC, and a few minutes of text pretty much lets me make up my mind on whether they are the person they say they are.

    Like someone with an english name, etc, etc, US address, with an email in yahoo.cn and horribly broken english on IRC.
    semi-retired

  13. #13
    Join Date
    Dec 2006
    Location
    Netherlands
    Posts
    1,430
    It costs 5 bucks for about 50 calls!

    What do you mean by 'worth' it? Time? Efficiency?

  14. #14
    Join Date
    Feb 2006
    Posts
    1,108
    Quote Originally Posted by ganesh-rao View Post
    It costs 5 bucks for about 50 calls!

    What do you mean by 'worth' it? Time? Efficiency?
    I guess so.
    Order volume isn't really too high for shell hosts, I can normally check everything up myself at the moment.

    Last fraud order was just funny.
    [22:09:14] > ok ,can you answer verification phone call?
    [22:09:20] <Dragan> no
    [22:09:23] > why not?
    [22:09:35] <Dragan> because this paypal its from irc
    [22:09:39] <Dragan> i buy it
    [22:09:42] <Dragan> for 15 $
    [22:09:50] <Dragan> or its illegal in your company ?
    [22:09:53] > so if i called xxx-xxx-xxxx
    [22:09:55] > will you answer?
    [22:10:01] <Dragan> no afcourse
    [22:10:26] <Dragan> that is fraud ?
    [22:11:06] <Dragan> one man give me on undernet
    [22:11:11] <Dragan> nick : prisonman
    [22:11:20] <Dragan> and i pay him 15$
    [22:11:29] <Dragan> and he says to me that i can buy shells
    [22:11:31] <Dragan> many shells
    semi-retired

  15. #15
    Join Date
    Jan 2003
    Location
    U.S.A.
    Posts
    3,911
    That is a great reason why its perfectly fine to not answer a phone call... I would highly suggest adding phone verification from maxmind. Why not spend 10-20 cents per a phone call to avoid fraud, your time, money, and chargebacks? A chargeback can cost anywhere from $10.00 to conduct from paypal, money spent to register a domain, and i'm sure criminal charges.

  16. #16
    Join Date
    Feb 2004
    Location
    New Zealand
    Posts
    1,202
    Depending on who they are, I could track them.

    Any particular patterns in there orders?

    Do you have some of the scripts / files they are using?

    Really your systems shouldn't be allowing them to use foreign scripts. or you should be alerted when they upload such a script.
    DigitalGoods.info
    FREE Shared, Mega Resellers + Dedicated Servers

  17. #17

    Lightbulb

    A couple things to consider when using Paypal as your only payment method. Under Profile, Selling Preferences and Payment Receiving Preferences, you may want to enable the following options:

    Block payments from U.S. users who do not provide a Confirmed Address: Yes or Ask me

    Block payments sent to me in a currency I do not hold: Ask me

    Block payments from users who: Have non-U.S. PayPal accounts

    That will block all international customers, and that is where most of the fraud comes from. It will limit your customer base, but you could offer to take alternative payments from them.

    Block the following payments: Pay with eCheck for website and Smart Logo payments, or German bank transfer for all website payments except eBay

    Check fraud is obviously easier to do than CC fraud, but I am not sure what Smart Logo payments are or what the story is with German bank transfers.

    I am familiar with how Paypal fraudsters work too and would be happy to explain it. I'm a member of a forum that sells virtual credit cards and these are often used to open temporary Paypal accounts and can be used for fraud.

    Something else to consider is getting another merchant account besides Paypal to offer your customers more than one way to pay, such as authorize.net, and using services like Versign, Thwart, and Geotrust can also help prevent fraud and give customers more confidence in your business.

    Good luck and I hope that helps,
    pogue

    Quote Originally Posted by Procyon View Post
    I guess so.
    Order volume isn't really too high for shell hosts, I can normally check everything up myself at the moment.

    Last fraud order was just funny.
    Just an FYI, there are now VoIP services that provide "temporary" phone numbers, so some clever fraudsters might be able to bypass that method even.

  18. #18

    Question

    Quote Originally Posted by LoganNZ View Post
    Depending on who they are, I could track them.

    Any particular patterns in there orders?

    Do you have some of the scripts / files they are using?

    Really your systems shouldn't be allowing them to use foreign scripts. or you should be alerted when they upload such a script.
    I'm planning to run a web hosting service in the near future and have heard about some software that can be installed to let you know when scripts are uploading, do you know the names of any of this type of software and is it free?

    Thanks,
    pogue

  19. #19
    Join Date
    May 2007
    Location
    Arizona
    Posts
    1,201
    Quote Originally Posted by pogue View Post
    I'm planning to run a web hosting service in the near future and have heard about some software that can be installed to let you know when scripts are uploading, do you know the names of any of this type of software and is it free?

    Thanks,
    pogue
    WHM does this for me, it emails, texts and IMs me, the script file name, what account it's on, and where on the server, and what the script does. I love it

    Regards,
    Nick Kitmitto

  20. #20
    Join Date
    Dec 2007
    Location
    Indiana, USA
    Posts
    16,087
    Quote Originally Posted by Internet-Guru View Post
    WHM does this for me, it emails, texts and IMs me, the script file name, what account it's on, and where on the server, and what the script does. I love it

    Regards,
    Nick Kitmitto
    That sounds very nice, I don't have anything like this set up, but I manually check accounts after they are set up, and then monitor them for a few days to ensure that they're not doing anything they shouldn't be.

    How did you set up WHM to do this?

    <<removed quoted post>>

    Thanks!
    Last edited by bear; 03-01-2008 at 08:58 AM.
    Michael Denney - MDDHosting LLC
    New shared plans for 2016! Check them out!
    Highly Available Shared, Premium, Reseller, and VPS
    http://www.mddhosting.com/

  21. #21
    Sorry, what's WHM?

  22. #22
    What we do every day is when someone signs up and something seems wrong - ask the person for an ID verification or call them on the phone. Have a special note on the signup page that new orders are subject to verification. Fraud is just a part of the whole hosting industry and it's most likely going to increase.
    As for spam emails limit the number to 250-400 an hour that an account can send. Check your mail queue a few times a day and check the uploaded mail scripts as well.
    Cheap web hosting
    Any CMS pre-installed
    Joomla Hosting

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •