There is such a thing/collaboration already at http://www.merchant911.org , along with fraud prevention tips and tools, important cc company phone numbers, etc...
Jo Shea -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Genie Livingstone Sent: Thursday, May 16, 2002 12:57 AM To: [EMAIL PROTECTED] Subject: Re: Increase in fraudulent registrations and transfers Hey - I have an idea - anyone interested in sharing a database of known fraud suspects? We had our share of Indonesian, Romanian and other kids with 10 year registrations which turned out to be fraud... I know it is an extra labor, but I would not mind chiping in the time to put together something like a searchable database by cc#, name used. email used and IP address - I believe these folks make rounds so if they do not succeed at one site they go next door... so especially with suspect multi year regs we'd all have one extra reference point We are not using scoring service, our payment processor utilizes CCV and AVS plus we get either success or BADCARD notification via email on every transaction - so if we see slew of BADCARD attempts for the same domain with STOLEN / CALL reason it is a clear sign ALSO we implemented CCV and since then even attempts to use stolen cards on our site reduced about 90% Genie > Is anybody using one of the neural/fraud-scoring services by the > gateways? I'm wondering if it's worth the extra $$$... > > thx, > m2 > > At 01:03 PM 5/15/2002, you wrote: > >Hi Ken, > > > >Anything with a 10 year registration should be looked at for fraud. When it's > >not your money, why not go for the full period? Until we smartened up on > >this, > >about half of chargebacks had 10 year registration periods. > > > >It's also a good idea to compare the address given with reverse lookup on > >the IP > >given with the order. It's common for fraudulent transactions to have a > >mismatch. > > > >Thanks, > >Doug. > > > > > >Quoting Ken Anderson <[EMAIL PROTECTED]>: > > > > > Attn: > > > > > > Watch out for fraudulent registrations and transfers submitted via > > > marketscore.com proxy service (so the real ip is masked). > > > Common elements in registrations are 10 yr reg period, and liberal use > > > of ALL CAPS with [EMAIL PROTECTED] as the email address. > > > The phone & fax numbers are usually disconnected. > > > We've seen 4 of these come through in the last month. The first one got > > > > > > through. Credit card will be valid, but stolen. > > > Chargeback comes later :-( > > > > > > ------------- > > > access_log.0:66.119.34.39 - - [06/May/2002:04:09:51 -0700] "POST > > > /cgi/reg_system.cgi HTTP/1.1" 200 1320 > > > access_log.0:216.148.244.38 - - [06/May/2002:04:11:07 -0700] "POST > > > /cgi/reg_system.cgi HTTP/1.1" 200 1320 > > > > > > > > > host -a 66.119.34.39 > > > Name: proxy.ia2.marketscore.com > > > Address: 66.119.34.39 > > > Aliases: > > > > > > host -a 216.148.244.38 > > > Name: proxys.sjc.marketscore.com > > > Address: 216.148.244.38 > > > Aliases: > > > -------------- > > > > > > Ken > > > Pacific.Net > > > > > > > > > > > > > > > > > > > > > > > > > > > > > >
