Tools and resources that exist to combat fraudulent, malicious and abusive customers?

[MannDude]

I'm working on getting a write up created for The Library that will serve as an introductory guide to resources available to service providers that will allow them to help combat undesirable clients, all in the effort of creating a better industry. Seems like most providers, when it's justified, will terminate a customer who is deserving of such action and and that their action against the customer generally stops. Customer then moves onward, repeats actions at an endless supply of hosts.

I've actually recently became a big supporter of FraudRecord. After having used it, I discovered I loved it and would ideally like to see more providers use it as well. I'm also aware of the ICANN and ARIN related options for filing reports.

What other options exist that are worth mentioning? What other tools besides FraudRecord exist for reporting undesirable troublemakers?

 

[MikeA]

FraudRecord (like you said) is great. I doubted it at first but after using it I'd probably give it a better rating over some of the paid services, plus the providers who actually do use it and report clients are great, I know there's some that wouldn't help improve it. The past 4 orders I've had have been from clients reported by other companies through FraudRecord (for CC fraud and spam). I'd like to see some other options too even though I doubt I'd use them, I don't know of any myself.

 

[danielm]

We use MaxMind with WHMCS for one of our brands. Its usually very good at catching most fraudulent orders, great since its automated and will automatically close orders. We resort to FraudRecord for a second opinion if needed.

 

[MannDude]

Maxmind by itself seems almost too easy to bypass. It seems that anyone with a VPN who also lists their address is within the same region (IE: Chicago VPN, list Chicago address) will usually get approved. As far as I know they don't run a list of common VPN IP ranges or residential ones so if the geolocation of the order IP matches that of the address on file it usually passes.

I really wish WHMCS had built in fraud features such as red-flagging accounts for manual review that have IP discrepancies such as having a US based order, then following logins are from high risk countries. Some spammers may appear to be ordering from legitimate US based residential lines that are either spoofed IPs to look like Comcast or something or the order is being made by a proxy person as all logins after the original order will be from places such as Nigeria. In cases like that it would be nice if a feature or tool existed to detect such things so a service provider can look into it and see if any action is justified or not.

 

[mitgib]

Maxmind by itself seems almost too easy to bypass. It seems that anyone with a VPN who also lists their address is within the same region (IE: Chicago VPN, list Chicago address) will usually get approved. As far as I know they don't run a list of common VPN IP ranges or residential ones so if the geolocation of the order IP matches that of the address on file it usually passes.

Hopefully people pay attention to the IP, WHMCS/MaxMind lists who the provider/owner of the block is, if I see a block I own, you are not getting a order approved, same for others I see on a regular basis, AWS, the list goes on, every provider under the sun, I've seen it

 

[danielm]

Hopefully people pay attention to the IP, WHMCS/MaxMind lists who the provider/owner of the block is, if I see a block I own, you are not getting a order approved, same for others I see on a regular basis, AWS, the list goes on, every provider under the sun, I've seen it

Sure, MaxMind can be bypassed, its happened to us, but in general we haven't had any major issues with them.

We (generally) dont allow orders from IPs owned by service providers (non-ISPs) either. Too easy to order a VPS in the US and run a VPN. We also pay pretty close attention to the email address used by the client; in my opinion it can sometimes be a clear indicator of the type of client.

 

[SSDapp]

Hey,

I would say FradRecord and MaxMind are good, but nothing beats taking time out of your day to check orders properly. You can get around 99% accuracy if you check them yourself. 

If ever in doubt asked for a scanned ID and proof of address - be careful as they usually photoshop the images so check them and ask for high resolution. 

If you get a large order e.g. 500 USD or more, you can even go as far as Googling the email address or name, you can sometimes find they have been reported on a forum, or in a case I had last month the email address and name belonged to a 75 Year old Actor living in LA famous for Spaghetti Westerns all listed on IMDB! 

danielm is also correct in noting the IP's if this is not from a ISP e.g. they are using a VPN or another service providers VPS to order then massive alarm bells! 

Danny