What Anti-Fraud Measures Do You Use
Sep 30, 2009
Over the past number of years there has been an obvious increase in credit card fraud and identity theft.
Our policies have always tried to stay a step ahead but it seems no matter what is done the occasional fraudster manages to squeeze through, costing us a lot of money. At one some point in early 2009, it got as bad as 60% of the orders we received. It ended up eating a LOT of our time just to go through each order and verify them as best we could.
What methods do you use to fight fraud?
I'll start with some of the things we do.
- Require CVV code on the credit card
- We call the customer's telephone number and verify with them. - Verify the telephone number matches the region of the address they provide
- Require the CC issuing Bank's name and number
- We often require the customer to fax a signed credit card authorization form
- GeoIP matches location of the address in the order
Obviously the big challenge is proving that the person placing the order is the actual owner of the card. I've received the correct CVV, spoken with the customer on the phone number, had the phone number match the region... non-US so I wasn't able to verify their telephone details with the issuing bank. Had the GeoIP match and still found out it was fraud.
On a side note: Am I the only one that feels banks and those issuing credit cards need to take more responsibility for a system that's clearly broken? Even after going through the process above, it can still be fraud with a chargeback issued. In those cases, the company loses the money they made, pay a fee to the payment provider, lost time for Sales Reps and Tech Reps, and of course they lose money on hardware, electricity and bandwidth.
View 14 Replies
ADVERTISEMENT
Sep 21, 2008
When I order, I have input all correct info.I always get these warning:
"Rejected by the Anti-Fraud System. Please contact Technical Support Team."
these guys spent a lot on adwords, but when i click on the AD, i have no way to order!
View 6 Replies
View Related
May 27, 2013
It is possible to have anti-virus and anti-spam enabled by default when we go to "CREATE E-MAIL ADRESS" -> "SPAM FILTER" / "ANTI-VIRUS" is always disabled.
View 13 Replies
View Related
Feb 7, 2007
Seems like I'm having considerable problems with APF's antidos feature. I keep getting legit users banned from my site, and don't know how to stop it (other than disabling antidos altogether, but I guess there should be another way).
I've already set:
TRIG="100"
SF_TRIG="100"
...in the antidos configuration file but I'm still seeing more and more legit IPs getting added to ad.rules. I've read that raising or lowering LN="100" is the other tweak I should try, but there simply is no such value defined in my conf.antidos file.
Another thing I noticed that, although I only got two notification mails telling me about "attackers" blocked by antidos, there are roughly 40 entries in ad.rules. As a matter of fact, I don't understand what antidos is doing there in the first place. Seems like iptables doesn't log to var/log/messages anyway, at least not on my machine - so where is antidos getting those ips from?
View 2 Replies
View Related
Jul 24, 2009
I hope all are fine and doing good, can somebody provide detail guide line how to test Penetration testing on linux servers and what security measures are required in against of that.
View 8 Replies
View Related
Jan 26, 2008
I am renting a cheap Linux server merely to test and learn as much as possible.
The server itself is completely unsecured, as I am doing everything one at a time to learn as much as possible.
Now, a few days ago I noticed someone with a US based IP had logged into my root account. The bash log mentioned something about some network commands and I traced the IPs to my server datacenter, so no big deal I thought, but I changed the root password anyways.
Today it happened again, but this time the bash log was cleared, and in my /var/www/html folder I found a suspicious folder with eBaywhateverapi.dll in it. I deleted it, seeing as this was not normal, which led me to the conclusion my server was hacked. Since it's a cheap test server, it's no loss at all, I'm just glad it's not the server I use for my customers!
So, what I did now was this:
Removed all suspicious folders in /home
Turned off root login (made a new account which I use to su into root)
Changed the SSH port
Changed root password
Will this be enough for now, or should I do anything else?
I'm running CentOS 4
View 5 Replies
View Related
Jan 20, 2008
Currently configuring my VPS, have been for a while now, and am relooking at the security I'll need on it. The VPS will be running something similar to a CMS/Forum site and won't be offering webhosting. Alot of the security measures around here are webhosting orientated. What security procedures does everyone suggest for my situation?
I've got APF, BFD and restricted root SSH access. Is there anything else?
View 2 Replies
View Related
Nov 8, 2007
I got like 3 orders today for domain elixshop.com from different guy name , 2 different email ids, and maxmind fraud reject all the 3 orders for high security risk, checked domaintools and guess what it says "France" as the location of use "Pending cancellation due to non-payment" , trying to order from various states in US
Address used 1 :
City: Farmington Hills
State: MI
Address used 2 :
City: Stamford
State: CT
I will try to contact the person and lets see how it goes, but why do people try their luck with fraud.
It might not be legit fraud but wait... someone just signed up brb...
It was him again, now from Lebanon , in US
Edit other update, seems like few weeks back this domain : intourgold.com was also marked fraud by system from same dude . Anyone here can tell how to stop the users like these and showing them page not found error
View 14 Replies
View Related
May 21, 2008
We've had a couple cases of fraud recently, and have blacklisted the IPs (which turned out to be proxy servers) of the perpetrators. It got me thinking... has anybody put together any kind of IP blacklist for fraudulent orders? Something like a DNSBL for spam, but focused on IPs that fraudsters use?
View 5 Replies
View Related
Jun 24, 2008
I polaced an order for a VPS on Fri, i got an autoresponse that it will be setup within the next 24 hours.
After 2 days I thought it because of sat n sun .. their billing team must be off. On monday I tried my best to contact them ... no avail... no chat on their site ...
submitted three tickets no response up till now (after 36 hours of submitting tickets).
Are they real people or should I go for a chargeback?
View 4 Replies
View Related
Jul 18, 2007
i´ve registered here brecause I´ve written an article for speak about my experience with this Hosting Enterprise, also i speak a bit about Adiungo but EMC Hosting are the worst
the article is this:
emcvpsandadiungofraud.blogspot.com/2007/07/emc-hosting-terror-history.html
I Speak about the bad support and about some BILL mistakes that they don´t want to resolve .
View 4 Replies
View Related
Jun 9, 2008
I had recently had an account signup through WHMCS, When I woke up in the Morning the Account was suspended and it alerted me as a Fraud.
What do I do with that Account that is in WHMCS?
View 13 Replies
View Related
Jul 28, 2009
Anyone else see an influx of fraudulent CC orders with all valid information? Even the IP of these orders matches or comes close to matching the address. What's in common is that email correspondence reveals Asia-based IP addresses and the phone number never checks out.
Could this be due to the recent Network Solutions breach? I've never seen so many fraudulent orders with nearly everything checking out.
View 6 Replies
View Related
Jul 3, 2008
I've gotten two fraudulent signups from the following ip address:
206.53.49.**
Luckily, maxmind has caught him both times, but he's using an address from canada and the phone is fake but the domains he's using are real.
I've gone ahead and blocked the ips, but I just wanted to let you guys know.
View 14 Replies
View Related
Oct 24, 2008
what are some of the ways to minimize credit/debit card fraud when someone purchases services over the Internet? I understand the following are commonly used:
-AVS check
-IP of customer vs. Billing Address
-Amount of order
With chargeback fees so high I'd really like to minimize fraud without tossing legit orders.
View 2 Replies
View Related
Aug 30, 2007
I run a Free web hosting service on my server with XPanel script installed. It has around 47K accounts in all. Recently i started getting mails from e-bay, banks and many other institutions regarding the Phishing sites operating from my server for cheating their customers / members. Though i removed them but i have to do it manually and after getting mails from them.
Now that i dont want any more such site to run from my hosting site, What are the options available for me in order to check all accounts automatically and remove any such site on its own? As there are 47K accounts and 100+ new signups each day, it is not possible to check all accounts manually.
I want any script / addon which can check all possible Phishing / Spamming / Spurious / Fraud sites and intimate me/ delete them upon request. Any person using such services? I need your guidance + support.
Looking for some fast and effective answers from experts here.
View 10 Replies
View Related
Jun 12, 2007
One of my potential client is getting DDOS occassionally. According to the DCs-PCCW and Singtel, the attacks come from China mainly and the DDOS used up all the available bandwidth.
I have asked many DC in Hong Kong. Most of them said they will only null route their IPs and wait the DDOS gone. It seems that none of the DC in HK offer any sort of Anti-DDOS solution.
My client don't want their site completely offline every time they got attacked. So, could any professional suggest what we can do?
What I am thinking of is:
1. Getting 2 connection from different bandwidth providers
2. Using Geo DNS: [url]
Then, I can separate all China users by forcing them to use 1 connection. Will this work? Is there any potential problem here?
Also, I am also thinking of using BGP. Will that make us partially visible as well?
View 0 Replies
View Related
Mar 8, 2008
Can you recommend any anti DDOS provider that can help My servers are being attacked by low bandwidth, botnet attack.
View 14 Replies
View Related
Apr 13, 2009
We have 2 servers, one running Windows 2003 Enterprise that hosts a ColdFusion app, and one running Windows 2003 Standard that hosts our SQL database that is used by the CF app. Nothing else runs on them.
Does anyone have any suggestions for anti-virus products that we could use on these? I don't want one of those elaborate and expensive "suite" programs. I just need to protect the boxes.
I use Kaspersky on our individual machines, and I really don't care much for Norton anymore.
View 5 Replies
View Related
Jul 9, 2009
it seems people tell Dos Deflate is the best basic antiddos script and tons of webhosts use it.
I think its ratter old and it doesnt work for anything these days. Why do hosts still run it? And why isnt there a better alternative?
I used Deflate some years ago and I got problems. And tried then after some years again and nothing changed, the same basic old script which counts connections and ban IPs.
The think with Deflate is that if you have a high limit, lets say ban with 150 connections per IPs, its absolutely worthless for attacks, since you are letting already 150 connections per IP.
And if you lower it at least me got with tons of problems banning real visitors. Even over 150 I had complaints about real visitors on a server telling the server blocks him. Dont ask me how someone has 150 connections to a servers but I got complaints from multiples people over the world the 1 month i had it running over a 2 years ago.
I also see a really big problem with it. Allot of ISP share IPs between users. So its really possible you get 200 connections from the same IP and they are different users. Banning an IP based on the connections you can probably shutdown a full IPS and their visitors. I wish there was a better solution but using a high value like 300 or 500 doesnt make sense in a Dos attack. And if you use a low value you start to get into problems.
We agree it will not work with distributed attacks but I dont think it can even work with single attacks since besides connection count it doesnt seem to be any more analisys behaviour.
The way I would make a script like that. Is to check all traffic and IPS all the time. And mark IPs that always access a server ass good ones. The newer the IP the more suspicious. On a attack this way real visitors would still pass but attackers will not as they are new ips. You can also match then the number of times its connecting, how long, etc.
View 2 Replies
View Related
Feb 15, 2008
Is there any anti proxy script which can detect any proxy sites on my server and kill it?
View 4 Replies
View Related
Jun 21, 2008
I am running Win2003 server with Plesk 8.3. Antivirus running is F-Prot. Me and my clients have been getting a lot of spam emails and I am looking for suggestions on how to stop them. Plesk seems to provide some options for checking blacklisted spam servers but I was not too satisfied with the result. Maybe I was not looking up the right urls?
So, any suggestions on blocking the spam would be welcome. I am ready to pay for it too...but I am on a very tight budget. A free solution would be the best for me at the moment.
I also used SpamAssasin for a time being but it did not work out to any of my client's satisfaction even after a month's "training" of SpamAssasin.
View 8 Replies
View Related
Jun 14, 2008
I am interested in ASSP as a anti-spam tool and have heard good things, but I have 1 question I can't seem to find an answer too.
With ASSP is there a way to screen image spam like you can with FuzzyOCR? With ASSP do you even need to scan images at all? Because it waits for the sending server to respond for authentication?
I was running MailScanner / SpamAssasin / FuzzyOCR combo with a couple of chron jobs (to sweep fake bounce email out of the mail que for example) with very effective results, but it took forever to tweak all three to reduce server load. MailScanner was breaking webmail randomly so I have it disabled currently so I get a lot more spam.
View 0 Replies
View Related
Oct 4, 2007
We recently had a problem with a mail spammer. He sent over 90,000 emails and had 20,000 in the queue. Is there anyway to possibly stop this as it was really lagging the server bad. So bad the softlayer took it offline for a while...
View 4 Replies
View Related
Jul 22, 2007
where i can buy some cheap spam protection appliance. Right now, we are buying from mailfoundry, but it is a little bit expensive. I send an email to can spam, but i was quoted 18 K anually, to protect 25K emails. Anyone, have a way to buy some cheap anti-spam appliances.
View 14 Replies
View Related
Nov 3, 2008
Best Dedicated Hosting for Anti DDOS - Please Help!
Our website has been coming under attack for the last 6 months. Usually every weekend for 3 days. We are currently hosting at ThePlanet and they do nothing more than turn on Cysco Guard which blocks the bad traffic and the good traffic as well. They don't do anything on their level to block the ddos attack.
I contacted the guys at ProxyShield and they want $1244 a month to route the traffic for us. That's a bit high for someone with a small business not making more than $500 a week online. EDIT: Just got back in touch with them and the $1244 is only for 20mb if you need 100mb it's $2400! that's just insane for a small business.
My question to you guys is who can host us or what services can I use to get rid of these ddos attacks? The Planet has horrible support and I'm not sure where to go or look. Unless we sit at the computer and block every inbound attack all day we simply can't beat it.
Any suggestions?? Currently they are sending SYN_FLOODs in the amount of 93MBit/s and our hosting only includes 100MBit/s, so you can guess how difficult it is to maintain reach ability.
View 10 Replies
View Related
Apr 10, 2009
I am trying to purchase either a anti-ddos or firewall machine. My main objective is to prevent from ddos attack.
Do i purchase a anti-ddos hardware (please recommend), or firewall hardware (please recommend)?
anti-ddos and firewall is the same right? is about ip analyse and filter right?
After using the ddoss/firewall , i may also want to subscribe to those third party doss prevention which has big bandwidth, if i have a good hardware anti-ddos/firewall already, do i still need to have subscribe to these services?
View 12 Replies
View Related
Mar 2, 2007
Is this just for mail antivirus? where do I see the report of the anti virus?
View 2 Replies
View Related
Apr 30, 2009
I have some windows 2k3 and 2k8 win servers and now i must to protect..
I need best free/commercial solution for firewall and anti brute force protection.
View 9 Replies
View Related
Jul 25, 2009
I thought I should share this among all.
You will find many Anti spam blocker tools available in market. I recently come to know about[url]
. It’s an excellent tool to encrypt your email account if you use to display it on your website.
Generally, spammers uses robots (some kind of crawler) to get email accounts from websites. Once they get it they start selling it to other spammers and will start sending spoofing emails.
This tool will help you to encrypt your email address and stop spam coming from your website
View 0 Replies
View Related
Apr 24, 2009
i have a ironport and its coming close to my renew, frankly for my 50 and less users its expensive and i end up with a so so of a server.
my goal would be to use a vm based one for power "green" and backups/migration needs.
im runing scalix with clamav/spamass
View 4 Replies
View Related
