Results 1 to 19 of 19
  1. #1
    Join Date
    Mar 2009
    Location
    Austin, TX
    Posts
    934

    Fraudulent client to watch out for

    There were 2 clients recently ordered, used for almost a month, and filed a chargeback.

    There are hints that leads me to believe is from the SAME person.

    If the first name is Shannon or Josehine, and they ordered their VPS name with "supervps" I do strongly suggest you don't accept their order
    SysAdmin.xyz
    Having severs with customer data on it without proper monitoring is like having one night stand without using protections - eventually, there will be an 'oh s**t!' moment.

  2. #2
    thanks for the kind info!
    ControlVM.com :: Cloud Hosting Reliable Xen VPS :: Serving Customer From More Than 40 Countries.
    Hosting Services Available in the USA ● Germany ● Malaysia ● Singapore and Hong Kong

  3. #3
    Join Date
    Jul 2007
    Location
    Jupiter, Florida
    Posts
    405
    Thnx for the warning - this is an important and useful part of all hosting companies sharing data on fraudsters
    Barak Hosting
    http://barakhosting.com
    Shared, VPS & Dedicated Hosting - Lunatic Support is what sets us apart

  4. #4
    Join Date
    Jul 2006
    Location
    USA, EU, UK, CA, AUS
    Posts
    1,798
    Great info. Do you have an IP also?

  5. #5
    Join Date
    Jul 2007
    Location
    Jupiter, Florida
    Posts
    405
    Very good point

    We capture IP addresses for all order and submissions

    We may start a beware of fraud website to list everything we all experience in the negative
    Barak Hosting
    http://barakhosting.com
    Shared, VPS & Dedicated Hosting - Lunatic Support is what sets us apart

  6. #6
    Join Date
    Aug 2008
    Location
    UK
    Posts
    71
    We've have a couple like this, However under ''Gregg Baker'' and ''Tony Taylor'' however we've taken steps to reduce this. Beefed up monitoring and empoyed a good legal team
    NationhostUK - International Hosting Provider
    UK, US & Asia based servers - Shared, VPS & Dedi
    LancasterSecure - Secure Online Solutions
    www.lancastersecure.co.uk - 01934 310013

  7. #7
    Join Date
    Mar 2009
    Location
    Austin, TX
    Posts
    934
    199.126.181.181 - Alberta, Canada
    24.47.235.235 - NY, USA

    It is just too ironic that both ordered about a week apart, and filed chargeback the same exact day.
    SysAdmin.xyz
    Having severs with customer data on it without proper monitoring is like having one night stand without using protections - eventually, there will be an 'oh s**t!' moment.

  8. #8
    Join Date
    Aug 2003
    Location
    Taiwan
    Posts
    1,061
    great info. thank you
    www.hostinginside.com
    Taiwan Dedicated Server
    Taiwan, US, UK & Germany XEN Based VPS with RAID 10

  9. #9
    Join Date
    Mar 2009
    Location
    Miami, Florida
    Posts
    19,185
    Quote Originally Posted by marcbarak View Post
    Very good point

    We capture IP addresses for all order and submissions

    We may start a beware of fraud website to list everything we all experience in the negative
    Hello,
    I already started work on this a few weeks ago. I will try to complete it ASAP.
    Keith I Myers
    KMyers.me The rantings of a lunatic
    Geek Survival Guide - Reviews and Advice for Geeks

  10. #10
    Join Date
    Dec 2007
    Posts
    609
    Thanks for the warning, added to our list

  11. #11
    Join Date
    Feb 2008
    Location
    Midcoast Maine
    Posts
    306
    Quote Originally Posted by quad3datwork View Post
    199.126.181.181 - Alberta, Canada
    24.47.235.235 - NY, USA
    Correct me if I'm wrong, but this will not work. Most people do NOT have a static IP. If I have to reboot my modem, I'm assigned a new one, as are most people.

    Now, what happens if someone else that gets one of those "fraudulent" IPs and tries to buy your services? They're forbidden or blocked, even if they have nothing to do with the original purchase attempt?

    You want to lose legitimate business? Go ahead and make your blacklist. But I can guarantee you will be shooting yourselves in the foot.

    justsayin'
    Sue

    A generation which ignores history has no past and no future. --Lazarus Long

  12. #12
    Join Date
    Mar 2005
    Location
    Labrador, Canada
    Posts
    951
    Quote Originally Posted by BristolSue View Post
    Correct me if I'm wrong, but this will not work. Most people do NOT have a static IP. If I have to reboot my modem, I'm assigned a new one, as are most people.

    Now, what happens if someone else that gets one of those "fraudulent" IPs and tries to buy your services? They're forbidden or blocked, even if they have nothing to do with the original purchase attempt?

    You want to lose legitimate business? Go ahead and make your blacklist. But I can guarantee you will be shooting yourselves in the foot.

    justsayin'
    I think you're absolutely right. Both those IPs look like dynamic IPs, and may have changed hands a dozen times since the incident. Publishing them on a website as sources of fraud is not the right thing to do.

  13. #13
    Join Date
    Sep 2006
    Location
    Dallas, TX
    Posts
    333
    Most large ISPs give you the same "dynamic" IP address forever. I have had the same IP from Comcast for well over 6 months! It certainly can't hurt anything to hold all orders for those IPs until you talk to the customer to see if they are for real.
    Last edited by Mike V; 10-26-2009 at 01:25 AM.

  14. #14
    Join Date
    Jan 2006
    Location
    Ontario, Canada
    Posts
    324
    Quote Originally Posted by quad3datwork View Post
    199.126.181.181 - Alberta, Canada
    24.47.235.235 - NY, USA

    It is just too ironic that both ordered about a week apart, and filed chargeback the same exact day.
    What if they were not fraudulent and you just made client information available on a public forum?

  15. #15
    Join Date
    Feb 2005
    Location
    India
    Posts
    1,048
    Recently we've noticed a lot of chargeback and false purchases from proxy servers that originate from the US. You can generally track a false order when you read a Woman's name (which is very common) and see the country is USA but the email id is not usa based (.co.uk) or something like (@me.com) which offers trial base accounts (Mac) or even easier to spot the payment comes from a different name, and the signup name is different.

    Seems recently alot of credit card numbers have been floating around from USA , most of them owned by women. We manually verify and call our high order clients and found most of them didnt' order. Half the time we just "know" when the order is a bad one....but we do spend time to verify orders. WE recently had a guy from Europe who tried his hand at 4 credit cards (Florida based) and we contacted the real owner by a google search (she worked at a bank or used to). Funny things.

    I think manual verification is necessary nowadays. Also I would suggest accepting payments from verified subscribers (paypal,etc) to reduce (if not stop) the risk.

    Publishing IPs wont help much. People are using proxy's like crazy. But seeing mistakes between multiple forms is a better way to guide you, as well as manual intervention.

    I would further suggest listing email and names on a website (which should be formed) to help sort or deal with abusers, should be created. Though when I was a premium member at WHT I had started this and a few other members had also added support - this should not be done at WHT since it would become trivial and controversial. I would suggest a seprate website made by a joint venture of companies/hosts to deal with this. The question of false information being put my providers - is like asking what proof do you have that a customer complaint is actually genuine or not....if we allow customers to complain..why not the hosts. As long as sufficient proof of happening is provided, I think its worth it. But again, since its very controversial - a seprate organization/community focused at this should be created.

    Though creating false emails ids is as simple as dynamic ip changes, your still giving the thieves a run for their money and delaying and frustrating them does often help.

  16. #16
    Join Date
    Feb 2008
    Location
    Midcoast Maine
    Posts
    306
    Quote Originally Posted by NeilAgg View Post
    Most large ISPs give you the same "dynamic" IP address forever. I have had the same IP from Comcast for well over 6 months!
    Then you must not have had to reboot your modem in that time. I too can keep the same IP for a long time, until we have a power outage, the router (which I since got rid of) is bad and keeps dying, and so on. And yes, I have a "big ISP" (roadrunner). But you cannot assume everyone has broadband, just because you live in an area where it's common. And even if you do, that the IP will stay "permanently assigned" for everyone.

    Quote Originally Posted by RDOSTI View Post

    I think manual verification is necessary nowadays. Also I would suggest accepting payments from verified subscribers (paypal,etc) to reduce (if not stop) the risk.

    Publishing IPs wont help much. People are using proxy's like crazy. But seeing mistakes between multiple forms is a better way to guide you, as well as manual intervention.
    The use of Paypal and other verification methods like RDOSTI suggests is a much better way than publishing IPs, which change. And as mentioned, the use of proxies does not help one bit if you're going to be looking for fraudulent orders based on that.

    While I certainly understand the need to stop fraudulent orders, I also, from a customer point of view (and that's all I am), would hate to be blocked from ordering because someone had an IP before me that tried to use a stolen credit card or was doing chargebacks.
    Sue

    A generation which ignores history has no past and no future. --Lazarus Long

  17. #17
    Quote Originally Posted by RDOSTI View Post
    Recently we've noticed a lot of chargeback and false purchases from proxy servers that originate from the US. You can generally track a false order when you read a Woman's name (which is very common) and see the country is USA but the email id is not usa based (.co.uk) or something like (@me.com) which offers trial base accounts (Mac) or even easier to spot the payment comes from a different name, and the signup name is different.
    Ow. This is where I run into a problem. I DO happen to have a woman's name, but it's actually MY name. Fortunately though, I do happen to have a verified paypal address in my own/company name and my email addy matches that. I would hate to think that fraudulent orders could be gender based (or fake gender based). Ick.

  18. #18
    Join Date
    Oct 2009
    Location
    Lithuania
    Posts
    73
    I think thatmaybe anyone knows a some lists of fraudulent IP's proxies or smth, which can be blocked from accesing website?

  19. #19
    Join Date
    Aug 2003
    Location
    Taiwan
    Posts
    1,061
    Quote Originally Posted by webilly View Post
    I think thatmaybe anyone knows a some lists of fraudulent IP's proxies or smth, which can be blocked from accesing website?
    Read previous post that mention block ip wont help much and even you block all listed proxies. They can change the proxies IP or find others.
    www.hostinginside.com
    Taiwan Dedicated Server
    Taiwan, US, UK & Germany XEN Based VPS with RAID 10

Similar Threads

  1. We got done. Please watch out for this client.
    By zenex5ive in forum Fraud and Abuse
    Replies: 14
    Last Post: 03-10-2006, 03:45 PM
  2. Possible client to watch out for...
    By TLott in forum Running a Web Hosting Business
    Replies: 9
    Last Post: 12-31-2003, 03:01 PM
  3. Please watch out for this client
    By VNPIXEL in forum Running a Web Hosting Business
    Replies: 30
    Last Post: 10-20-2003, 12:12 PM
  4. Watch Out for this client
    By VH-Robert in forum Web Hosting
    Replies: 30
    Last Post: 09-14-2003, 11:10 PM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •