Stop spam sign up and payments

[Anubianhost]

I have been running WHMCS for a while now and doing hosting for a few years.

 

Recently I had a person signup and pay via Credit Card for a domain and a hosting package. The charge went through and WHMCS did it's thing and registered the domain and made the account active. Within a couple days the hosting account was set up to send spam mail and it was a nightmare to fix. After blocking and terminating that account and getting my ip's removed from blacklists I got a charge back from Paypal (My CC processor) I use enom as my registrar and from what I can tell I am out my registration fee for this spam account. So I had to eat this money.

 

Fast Forward a few weeks I had another new signup but thankfully their credit card denied. They tried multiple times to process it and it failed each time. I blocked and terminated the account as nothing matched and the domains they are trying to register are just gibberish for the most part.

 

I disabled the auto-activation for new signs up and have had 2 more accounts created in the same fashion. The payments are going through but I know if I let it process I'm going to be stuck in the same mess again. I just had another signup moments ago. The name and emails don't seem to match and Paypal does not give me the actual name on the CC used to verify. The domain they tried to register was not gibberish but obviously something is up.

 

At this point I don't know what to do. I can't afford to lose the domain registrations fees in the event it's spam and have to keep dealing with chargebacks etc. It's like i'm being targeted now since one was allowed to go through.

 

I'm just not sure what to do. What I run is fairly small and I know most if not all my customers personally. Im thinking about doing away with my main site and only using WHMCS as my front end and account system and making it where It's by invite only etc.

[Brandonm]

Do you use one of the fraud protection modules?

 

For the Paypal Gateway Module do you have "Client Address Matching" enabled?

[Anubianhost]

I have that option for regular Paypal payments but not for Paypal payment pro for credit cards.

[Brandonm]

What about a fraud protection module?

[Anubianhost]

No I wasn't aware there was any. I just setup a max mind thing. Not sure if it's set up correctly though.

[Brandonm]

We have these enabled and it seems to catch 99% of the fraud signups:

 

Reject Country Mismatch

Reject Anonymous Proxy

Reject High Risk Country

MaxMind Fraud Risk Score: 5

Use New Risk Score

 

Never used the telephone verification.

[searley]

If you get a lot of trouble from say Indonesia edit countries.php so that Indonesia does not show, then they will choose another country and it will fail the country match

 

But they still get an entry in the database

 

I have used a script that does a country lookup for all visitors, and if they are from a country i dont want to deal with, they get directed to a page outside of whmcs explaining they are not welcome on our site

 

So not more Indonesians trying to get a free trail hosting plan

[kbdavis07]

Hi Anubianhost,

 

Had you tried using CloudFlare?

 

 

https://www.cloudflare.com/

 

 

 

With Cloudflare you can block starting at the DNS level stopping them from even visiting your website in the first place.

 

CloudFlare has lots of filters they use to block spammers,hackers, and others you don't won't visiting your website.

 

Even with the Free version comes with a basic Web Application Firewall which stops auto sign up attempts and etc.

 

With the CloudFlare network it also keeps track to see if that User has tried or visited other websites in a short amount of time and then block those that jump site to site.

 

 

I would give it a try if I were you, it helps alot and you can also add country filters where you can block known spamming countries that you don't want to deal with.

[robertk1]

ALWAYS telephone the new client to welcome them to your company. Spammers and such won't take your call. Calls to other countries are cost effective these days, it is better to pay 5-15¢ per minute than to eat the chargeback fee.

[adroitssd]

Use maxmind module and 2co for credit card payment. They have 300+ fraud detection rule so every payment will be verified before approve.

[durangod]

remember with maxmind you might want to uncheck the box that says ip does not match location. If you leave it checked and someone traveling for business signs up they will get flaged and get upset, so just be careful with that.

 

Also understand that with services like cloudflare you have to give up some control of your server/site and i never liked doing that so i chose not to do that.

 

I think blocking countries is a good idea, i do it as well.

 

You might also want to add a question captcha to your registration, its not hard to do and i did my own.

 

There is a module here which might help https://www.whmcs.com/appstore/3090/Client-PermBlock-Addon.html