It’s a fraud, fraud, fraud, fraud world.
August 23, 2005 on 10:33 am | In Insider View by Josh Jones |
You don’t need me to tell you there’s a lot of skeeziness on the Internet.
Stolen credit cards, spyware, Nigerian 419 scams, identity theft… if it’s possible, some Vietnamese or Romanian is trying it to reunite themselves with your hard-earned cash. (And I don’t mean all Vietnamese and Romanians of course… I just mean that 99% of the sign-ups we get from those countries are FRAUD FRAUD FRAUD FRAUD!)
And quite a lot of them are hosted with DreamHost.
Not on purpose! And not for long.. as soon as we detect their first string of spam or fake paypal website, we shut them down and clean up the mess. But it’s really hard, and recently getting harder, to catch them all before they make their first move. Nowadays, about 20% of our daily sign ups are with stolen credit cards (or stolen paypal accounts), and are for the express purpose of spamming, conning, storing “warez”, or cracking (our system or somebody else’s).
What’s a poor host to do?
Just like there’s no 100% accurate way to filter spam, there’s no 100% accurate way to catch these fraudsters before they’re approved. Even with a 99% success rate, that means a few a week get by, spend a bunch of spam, and get us in trouble with AOL, Paypal, Bank Of America, etc..
We could do something like require a faxed rubbing of the actual credit card for every new sign up, but what a hassle for the 80% of people who aren’t fraud! We could manually review each account for tell-tale signs of fraud, but that would mean longer waits for new account set ups, not to mention more work for us!
That’s where FRAUDINATOR comes in!
FRAUDINATOR is our hueristics-based system for determining if a new sign up is fraud. Inspired by Spam Assassin, FRAUDINATOR runs dozens of automated tests on new sign ups and attempts to determine automatically if they’re fraudulent! Each test has been given a score from -15 (very un-fraudy) to 15 (very fraudy), with the scores based on running the test on old accounts that we know to be fraudulent or not. If the sum of the score of all the tests you pass is above a certain threshold, your account is automatically disabled. If it’s below a certain threshold, it’s automatically approved, and everybody else we actually look at a few times a day and decide for ourselves.
Those ones we look at ourselves are the problem ones: it turns out humans are even worse at determining if an account is fraud than we are at determining if an email is spam! Fortunately, only about 2% of our sign ups fall into this range. Our false positive rate for auto-approved and auto-disabled accounts is less than 1%, which could be better but isn’t totally unacceptable.
So what sort of things does FRAUDINATOR look for?
Even though we’re pretty sure most of the people reading this blog arean’t doing this stuff, we’d prefer to keep that a secret! “Security through obscurity,” we say!
Suffice it to say there are a lot of tests, with a bunch of really obvious ones and a few not so much so.
And that’s all I have to say about that,
THE BLOGINATOR
23 Comments
Sorry, the comment form is closed at this time.
Categories:
Archives:
- May 2008 (2)
- April 2008 (2)
- March 2008 (3)
- February 2008 (5)
- January 2008 (7)
- December 2007 (3)
- November 2007 (3)
- October 2007 (5)
- September 2007 (3)
- August 2007 (4)
- July 2007 (4)
- June 2007 (7)
- May 2007 (3)
- April 2007 (3)
- March 2007 (8)
- February 2007 (4)
- January 2007 (6)
- December 2006 (5)
- November 2006 (2)
- October 2006 (4)
- September 2006 (4)
- August 2006 (5)
- July 2006 (3)
- June 2006 (3)
- May 2006 (5)
- April 2006 (6)
- March 2006 (7)
- February 2006 (6)
- January 2006 (8)
- December 2005 (7)
- November 2005 (5)
- October 2005 (8)
- September 2005 (19)
- August 2005 (11)
- July 2005 (4)
Other Sites
- DreamHost Status - An off-network page for all DreamHost Announcements! (Not as silly as this blog.)
- DreamHost! - The host behind the blog.
- Forum - Discuss DreamHost and web hosting!
- Web Control Panel - Manage your account.
- Wiki - On DreamHost and web hosting.
Powered by WordPress. Pool theme by Borja Fernandez, modified by DreamHost.
Entries and comments feeds.
^Top^
ISP Reports 20% of New Accounts are Fraudsters
In It’s a fraud, fraud, fraud, fraud world, my ISP, DreamHost, gives a shocking statistic:Nowadays, about 20% of our daily sign ups are with stolen credit cards (or stolen paypal accounts), and are for the express purpose of spamming, conning, storing…
Trackback by Discourse.net — August 23, 2005 #
419eater dot com & 419legal dot com have some amazing information and stories on these guys. Some of them are much more dangerous that simple con artists too.
I would submit a credit card fax rubbing in a moment if it meant stopping these criminals from hurting people. I know first hand because of a handicapped relative who was taken by them.
Comment by Adam — August 23, 2005 #
If I was required to submit a credit card rubbing when creating a new account, I am fairly certain that I would not have signed up at Dreamhost. What happens if the rubbing gets lost or misplaced?
Comment by Martey — August 23, 2005 #
[...] My lovely hosting people wrote about spammers and our old friend, the nigerian businessman/prince who wants to share his millions. I hadn’t really thought about the fact that these people sign up for webhosting to do their spamming, and 20% of sign ups is quite a big proportion really. [...]
Pingback by Intelligent Agents for Blogs » Blog Archive » Naughty naughty spammers — August 23, 2005 #
20%? Ouch. How many signups do you guys get per day? Whatever the number, 20 percent is a lot. Keep up the good fight.
Comment by Brandi Epps — August 23, 2005 #
Glad to see you guys are keeping such high standards for both fraud detection and customer care.
Comment by Jack — August 23, 2005 #
cheeeeeze 20% a bit high, that’s a shocker.
Comment by riki — August 23, 2005 #
Where can we find out our Fraudinator score? :D
Comment by Jack — August 24, 2005 #
Bluehost requires a working telephone number when you sign up. I was annoyed at first, because I always give a dummy number, and my account would not activate. I called in and they explained that is why. Smart move on their part, it’s not as much a hassle as the card rubbing, but it probably helps keep out a decent percentage of the scum.
Comment by Duce — August 25, 2005 #
That implies that they had my money in the first place…
Comment by Albright — August 25, 2005 #
Albright… lol…
I think he meant reunite their country by the use of your hard-earned cash.
Theft from the U.S. (or other countries) benefits poor foreign economies.
Comment by Daniel — August 26, 2005 #
very nice to see dreamhost fighting this issues. out there, there are many that contribute with these crimes. there are reports of providers announcing networks for periods less than a week and allocating it for spammers. many hosting companies indeed contribute and profit from these practices.
Comment by vinicius — August 27, 2005 #
Blog notes
My webhost now has a blog, which strikes me as the sort of thing that webhosts in general ought to…
Trackback by Off the Kuff — August 28, 2005 #
A local AM radio talk show got a Nigerian scammer to record a song for their show under the false pretense that they were a major record company. The scammer aka Tenor Hot sent them the song. The song is actually really good. Days later the record company called to tell Tenor Hot that his manager / main contact had died from a heart attack. They had Tenor call in to be piped into the funeral to deliver some last words and sing a song…
HILLARIOUS - Everything is recorded on a podcast
molsonandlee.com
Comment by shoo — August 29, 2005 #
[...] Reason number two is CSC codes don’t do a thing to help fight fraud. [...]
Pingback by DreamHost Blog » Why We Don’t Use CSC Codes — September 8, 2005 #
[...] Here’s a good post from them about how 20% of their daily sign-up are done with stolen credit cards. [...]
Pingback by StopBuyingCrap.com » Webhost vs Online Fraud — September 12, 2005 #
i googled for something completely different, but found your page… and have to say thanks. i like your site.
Comment by Hotels Demänovska Dolina — December 10, 2005 #
I like it too
Comment by Jane — December 13, 2005 #
Keep up the good work Dreamhost antifraud people!
Waiting a couple of days vs. potential fraud, I choose the extra day or two any time.
Comment by Dreamhost user — January 14, 2006 #
bugaga!.. no comments (c)
Comment by John — February 13, 2006 #
[...] Because it’s a fraud, fraud, fraud, fraud world! [...]
Pingback by DreamHost Blog » Why We Do Use CSC Codes — April 6, 2006 #
Seriously pi**ed off with Dreamhost at the moment. Just exactly what criteria do you use to automatically detect a possible fraudulent transaction?
Comment by riki — April 27, 2006 #
Hello. Can you tell me whether these Nigeran perpetrators committing fraudulent activity using stolen credit cards are getting access to the billing address and/or three digit security code for the card as well? I’m surprised they are getting through the “registration” process for getting new accounts as most applications usually require legitimate billing address and/or code to move forward…
Comment by Anita — February 5, 2007 #