We've had a couple cases of fraud recently, and have blacklisted the IPs (which turned out to be proxy servers) of the perpetrators. It got me thinking... has anybody put together any kind of IP blacklist for fraudulent orders? Something like a DNSBL for spam, but focused on IPs that fraudsters use?
We have WHMCS too, and already use MaxMind. But that's different than what I'm talking about... they give you a fraud score based on a number of things (including IP), but I'm talking about an actual blacklist for known fraud IPs
So you mean they use a proxy in the country of the address they use for the transaction and therefore get a relatively low score, as maxmind doesnt know that the ip is a proxy.
The WHMCS order screening does sometimes inform you that its a known open proxy, so there must be a list out there somewhere. but all it needs is for the fraudster to keep getting a VPS or something and keep registering ...
The Multi-RBL check is a valuable source, but keep in mind that a lot of IP addresses are blocked because they are cable modems or ISP's with dynamic IP addresses and that doesn't make it a fraud risk, so you have to understand the results and what each blacklist does.