It’s a fraud, fraud, fraud, fraud world.
August 23, 2005 on 10:33 am | In Insider View by Josh Jones |
You don’t need me to tell you there’s a lot of skeeziness on the Internet.
Stolen credit cards, spyware, Nigerian 419 scams, identity theft… if it’s possible, some Vietnamese or Romanian is trying it to reunite themselves with your hard-earned cash. (And I don’t mean all Vietnamese and Romanians of course… I just mean that 99% of the sign-ups we get from those countries are FRAUD FRAUD FRAUD FRAUD!)
And quite a lot of them are hosted with DreamHost.
Not on purpose! And not for long.. as soon as we detect their first string of spam or fake paypal website, we shut them down and clean up the mess. But it’s really hard, and recently getting harder, to catch them all before they make their first move. Nowadays, about 20% of our daily sign ups are with stolen credit cards (or stolen paypal accounts), and are for the express purpose of spamming, conning, storing “warez”, or cracking (our system or somebody else’s).
What’s a poor host to do?
Just like there’s no 100% accurate way to filter spam, there’s no 100% accurate way to catch these fraudsters before they’re approved. Even with a 99% success rate, that means a few a week get by, spend a bunch of spam, and get us in trouble with AOL, Paypal, Bank Of America, etc..
We could do something like require a faxed rubbing of the actual credit card for every new sign up, but what a hassle for the 80% of people who aren’t fraud! We could manually review each account for tell-tale signs of fraud, but that would mean longer waits for new account set ups, not to mention more work for us!
That’s where FRAUDINATOR comes in!
FRAUDINATOR is our hueristics-based system for determining if a new sign up is fraud. Inspired by Spam Assassin, FRAUDINATOR runs dozens of automated tests on new sign ups and attempts to determine automatically if they’re fraudulent! Each test has been given a score from -15 (very un-fraudy) to 15 (very fraudy), with the scores based on running the test on old accounts that we know to be fraudulent or not. If the sum of the score of all the tests you pass is above a certain threshold, your account is automatically disabled. If it’s below a certain threshold, it’s automatically approved, and everybody else we actually look at a few times a day and decide for ourselves.
Those ones we look at ourselves are the problem ones: it turns out humans are even worse at determining if an account is fraud than we are at determining if an email is spam! Fortunately, only about 2% of our sign ups fall into this range. Our false positive rate for auto-approved and auto-disabled accounts is less than 1%, which could be better but isn’t totally unacceptable.
So what sort of things does FRAUDINATOR look for?
Even though we’re pretty sure most of the people reading this blog arean’t doing this stuff, we’d prefer to keep that a secret! “Security through obscurity,” we say!
Suffice it to say there are a lot of tests, with a bunch of really obvious ones and a few not so much so.
And that’s all I have to say about that,
THE BLOGINATOR
23 Responses to “It’s a fraud, fraud, fraud, fraud world.”
Leave a Reply
Categories:
Archives:
- June 2008 (3)
- May 2008 (6)
- April 2008 (2)
- March 2008 (3)
- February 2008 (5)
- January 2008 (7)
- December 2007 (3)
- November 2007 (3)
- October 2007 (5)
- September 2007 (3)
- August 2007 (4)
- July 2007 (4)
- June 2007 (7)
- May 2007 (3)
- April 2007 (3)
- March 2007 (8)
- February 2007 (4)
- January 2007 (6)
- December 2006 (5)
- November 2006 (2)
- October 2006 (4)
- September 2006 (4)
- August 2006 (5)
- July 2006 (3)
- June 2006 (3)
- May 2006 (5)
- April 2006 (6)
- March 2006 (7)
- February 2006 (6)
- January 2006 (8)
- December 2005 (7)
- November 2005 (5)
- October 2005 (8)
- September 2005 (19)
- August 2005 (11)
- July 2005 (4)
Other Sites
- DreamHost Status - An off-network page for all DreamHost Announcements! (Not as silly as this blog.)
- DreamHost! - The host behind the blog.
- Forum - Discuss DreamHost and web hosting!
- Web Control Panel - Manage your account.
- Wiki - On DreamHost and web hosting.
Powered by WordPress. Pool theme by Borja Fernandez, modified by DreamHost.
Entries and comments feeds.
^Top^
August 23rd, 2005 at 11:13 am
ISP Reports 20% of New Accounts are Fraudsters
In It’s a fraud, fraud, fraud, fraud world, my ISP, DreamHost, gives a shocking statistic:Nowadays, about 20% of our daily sign ups are with stolen credit cards (or stolen paypal accounts), and are for the express purpose of spamming, conning, storing…
August 23rd, 2005 at 12:43 pm
419eater dot com & 419legal dot com have some amazing information and stories on these guys. Some of them are much more dangerous that simple con artists too.
I would submit a credit card fax rubbing in a moment if it meant stopping these criminals from hurting people. I know first hand because of a handicapped relative who was taken by them.
August 23rd, 2005 at 3:43 pm
If I was required to submit a credit card rubbing when creating a new account, I am fairly certain that I would not have signed up at Dreamhost. What happens if the rubbing gets lost or misplaced?
August 23rd, 2005 at 3:43 pm
[...] My lovely hosting people wrote about spammers and our old friend, the nigerian businessman/prince who wants to share his millions. I hadn’t really thought about the fact that these people sign up for webhosting to do their spamming, and 20% of sign ups is quite a big proportion really. [...]
August 23rd, 2005 at 4:24 pm
20%? Ouch. How many signups do you guys get per day? Whatever the number, 20 percent is a lot. Keep up the good fight.
August 23rd, 2005 at 5:53 pm
Glad to see you guys are keeping such high standards for both fraud detection and customer care.
August 23rd, 2005 at 8:23 pm
cheeeeeze 20% a bit high, that’s a shocker.
August 24th, 2005 at 5:16 am
Where can we find out our Fraudinator score? :D
August 25th, 2005 at 12:52 pm
Bluehost requires a working telephone number when you sign up. I was annoyed at first, because I always give a dummy number, and my account would not activate. I called in and they explained that is why. Smart move on their part, it’s not as much a hassle as the card rubbing, but it probably helps keep out a decent percentage of the scum.
August 25th, 2005 at 9:36 pm
That implies that they had my money in the first place…
August 26th, 2005 at 10:28 am
Albright… lol…
I think he meant reunite their country by the use of your hard-earned cash.
Theft from the U.S. (or other countries) benefits poor foreign economies.
August 27th, 2005 at 7:24 pm
very nice to see dreamhost fighting this issues. out there, there are many that contribute with these crimes. there are reports of providers announcing networks for periods less than a week and allocating it for spammers. many hosting companies indeed contribute and profit from these practices.
August 28th, 2005 at 11:27 am
Blog notes
My webhost now has a blog, which strikes me as the sort of thing that webhosts in general ought to…
August 29th, 2005 at 12:17 pm
A local AM radio talk show got a Nigerian scammer to record a song for their show under the false pretense that they were a major record company. The scammer aka Tenor Hot sent them the song. The song is actually really good. Days later the record company called to tell Tenor Hot that his manager / main contact had died from a heart attack. They had Tenor call in to be piped into the funeral to deliver some last words and sing a song…
HILLARIOUS - Everything is recorded on a podcast
molsonandlee.com
September 8th, 2005 at 10:01 am
[...] Reason number two is CSC codes don’t do a thing to help fight fraud. [...]
September 12th, 2005 at 8:35 pm
[...] Here’s a good post from them about how 20% of their daily sign-up are done with stolen credit cards. [...]
December 10th, 2005 at 3:47 pm
i googled for something completely different, but found your page… and have to say thanks. i like your site.
December 13th, 2005 at 8:36 am
I like it too
January 14th, 2006 at 10:40 am
Keep up the good work Dreamhost antifraud people!
Waiting a couple of days vs. potential fraud, I choose the extra day or two any time.
February 13th, 2006 at 8:50 am
bugaga!.. no comments (c)
April 6th, 2006 at 10:23 pm
[...] Because it’s a fraud, fraud, fraud, fraud world! [...]
April 27th, 2006 at 5:50 am
Seriously pi**ed off with Dreamhost at the moment. Just exactly what criteria do you use to automatically detect a possible fraudulent transaction?
February 5th, 2007 at 7:28 am
Hello. Can you tell me whether these Nigeran perpetrators committing fraudulent activity using stolen credit cards are getting access to the billing address and/or three digit security code for the card as well? I’m surprised they are getting through the “registration” process for getting new accounts as most applications usually require legitimate billing address and/or code to move forward…