Hi,

We have had one or two order for hosting and domains that don't look right possible fraud, however what do you do to try a stop this ?

Regards,
Garry

Do you call to confirm all orders? Do you check where the order was submitted from (visually match the IP to the location entered on the order)?

Hi,

I normally check the postcode that matches the address, I check the IP matches the Country, try and check the phone number with there address on BT site also Worldpay do there checks.

I don't call the client. Is there any other checks I can do

Regards,
Garry

Well, give a call if you can. I don't know what isn't looking right about these orders (can you explain?) but do what you can to check up on it and you'll be less likely to have fraudulent orders.

This is a very useful organization: http://www.maxmind.com/

They provide a free toolkit for identifying the country for a specific IP. They also have paid subscriptions for more detailed information.

Also, a high maintenance trick to fool most proxies (overkill, but if you get a lot of fraud it's worth it):

- Set up Apache to listen on several ports
- Set a specific cookie within a viewed page
- Call a script via <a href=...> tag on each one of the several ports, script reads the cookie and posts the visitors IP into a database, when all entries don't match for a specific visitor raise a red flag for review.

This can cause problems because a lot of people do legitimately use proxies, and some ISP's will load balance requests across many IP's so you have to really review the information before ruling it as a definite fraud order.

I've managed to locate several open proxy servers, including TWO public schools in Southern CA whom I contacted. They didn't seem to care. :( Both times the order was in fact fraud and the true originating IP address showed through on the other ports (presumably not proxied) as originating in MX.

Hi,

When I say about not looking right

A. IP does not match country order from
B. CVV is not match
C. Details give to Worlday did not match at all
D. Card Address not matching with card company (Worlday Check)

We have had 1 or 2 so far and just cancelled the order and refunded the card

Regards,
Garry

Originally posted by silvernetuk:
We have had 1 or 2 so far and just cancelled the order and refunded the card


And that would be the correct thing to do. :)

Theres only 1 way to stop fraud. Call on every order. Doesnt matter if its for a domain or for hosting. Doesn't matter if it from the same city your in... or from china. CALL and verify!

Theres nothing better then hanging up the phone after the person on the other end thanks you for letting them know someone else is using thier card. They are HAPPY you called and that you instructed them to call and cancel thier card to avoid further hassels.

Regular customers do not mind either. They actually like it. You dont know how many times i have heard "WOW, Its nice to see a company actually call and verify the order".