Running a Web Hosting Business – Identifying Fraud Orders


If you are a reseller providing web hosting services, you will get excited every time you receive a new order from someone whom you do not knows. It shows that your web hosting service is becoming popular and you are doing good business! However, you need to be careful when accepting such orders. There is a possibility that the order payment was done using a stolen credit card or a hacked PayPal account. Such illegal payments will result in a charge back for you and a negative rating from your payment processor. This is a guide for our reseller hosting clients in order to help you combat this growing problem.


First of all, never enable automatic order setup in your billing software even if you plan to verify the order later. Frauds who sign up using illegal payment methods have intentions like using the server for sending spam, propagating trojans, phishing, etc. So once you check the order later, the damage might have been done already. So always verify your orders manually even if you will be able to check it after some time only.


The first point of identifying a fraud order is the IP address from where the order came. You should be able to find out the state (and/or city) and most importantly the country to which the IP address belongs. You can check this using third party services like whois.sc (format will be www.whois.sc/IP), IP2Location (www.ip2location.com/demo.aspx), etc. Most billing software will also show this information (the IP origin and history details). Compare the state/city and country with the billing address that they have entered in the order form. If it disagrees completely, it is very likely that the order is fraud. You might receive an order from a Nigerian IP while the billing address shows a California address! Analyze the address mentioned couple of times. Frauds don’t take the time to upper case their names or the right places of the address and state. Such bad formatting are good indicators that the order is likely to be fraud.


Sometimes the IP may belong to an ISP or a web host (server) or it could be a proxy server address. Most third party providers like whois.sc will show the name of the network which should help you to confirm whether it is an ISP or a server or a proxy server. If it is a server (you can cross check it by opening the IP address in your browser) or if you see it as a proxy server, immediately cancel the order and issue a refund.


It is important that you refund the payment, else you will receive a charge back later when the credit card company or PayPal identifies it as an illegal transaction. Too many such charge backs will also have a negative impression on you from your payment processor and you might even loosing the merchant account forever.


If the order is for year up front instead of monthly, be suspicious especially if they didn’t ask any pre-sales questions before signing up. This is not as common but usually frauders try to buy a longer period since they know the credit card will be reported and are hoping that the one charge might sneak by on the bill. Most frauds will also be in a hurry to get the account activated and might keep asking you about the status through email or live chat (if you have one).


Another important point in identifying a fraud order is the domain name entered in the order details. Find the whois details of the domain name and cross check the physical address and email address mentioned in the order form. Most of the time, legitimate orders will have the same details. However if it doesn’t match, it doesn’t necessarily mean that the order is fraud as the domain name could have been purchased through a company address earlier. If the domain name sounds wierd like jdjjtiskg.com or myhsbconline.com, etc., you might want to hit the fraud button immediately.


If everything looks alright and you still have a slight hesitation to accept the order, try calling the phone number in the order details or ask the user to email/FAX you documents like a valid ID card (license, etc.) to get the order approved.


You can also use third party services like MaxMind which is fraud scanning software that can be integrated into your billing software. Such plug ins will help you to identify fraud orders automatically though it cannot be considered 100% fool proof.


Fraud orders are a never ending problem and there is fool proof method to avoid them completely. This guide should help you prevent fraud and just use your common sense to make a decision before hitting the Accept button when you receive a new order next time!

Leave a Reply

Your email address will not be published. Required fields are marked *