homepage Welcome to WebmasterWorld Guest from 54.227.41.242
register, free tools, login, search, pro membership, help, library, announcements, recent posts, open posts,
Become a Pro Member

Home / Forums Index / WebmasterWorld / Ecommerce
Forum Library, Charter, Moderators: buckworks

Ecommerce Forum

    
60 Declined Transactions Per Hour from Nigeria
What's going on?
sun818




msg:646467
 4:05 am on Apr 30, 2005 (gmt 0)

Since 4:00 this afternoon, an IP originating from Lagos-Nigeria has been submitting different credit card orders about every 60 seconds. I could not block them since it is the remote shopping cart service that submits to my merchant processor.

What are the crooks in Nigeria trying to do anyway?

 

benevolent001




msg:646468
 5:27 am on Apr 30, 2005 (gmt 0)

Why dont you block whole country from coming to ur website

hurlimann




msg:646469
 6:52 am on Apr 30, 2005 (gmt 0)

What are the crooks in Nigeria trying to do anyway?

Commit Fraud.

I never really understood why they bothered with those silly 419 emails until I read a US Gov report that these netted them hundreds of millions of dollars annually.

I guess that just as they send out millions of emails knowing some idiots will fall for it they are submitting millions of credit card orders knowing some will get though.

sun818




msg:646470
 7:58 am on Apr 30, 2005 (gmt 0)

> Why dont you block whole country from coming to ur website

The shopping cart is remotely hosted so putting a deny from in my .htaccess file would not do anything. The remote shopping cart finally blocked the set of crooked IPs.

jsinger




msg:646471
 7:59 am on Apr 30, 2005 (gmt 0)

" never really understood why they bothered with those silly 419 emails until I read a US Gov report that these netted them hundreds of millions of dollars annually."
---
I've read that too, but I'm dubious. If those scam emails are so profitable why do the letters almost entirely originate from one place, Nigeria. Why don't we get them from Latin America, for example. OTOH, I have no doubt the Nigerian gov't is complicit in those scams, despite what they say.

My guess is the profit per scammer is pretty small, especially in recent years.

hurlimann




msg:646472
 9:20 am on Apr 30, 2005 (gmt 0)

The UK National Criminal Intelligence Service figures for 2002 show 150 people in the UK lost 8.4m with the average loss being 56,675. I guess it was even worse as some people may not have reported their loss.

Like the advance fee scam this type of fraud has a very low % success rate but they make millions of attempts.

Did it not trip the fraud protection systems of your merchant processor?

bcc1234




msg:646473
 9:53 am on Apr 30, 2005 (gmt 0)

What are the crooks in Nigeria trying to do anyway?

They are trying to see which cards are still good and which are not... and you are paying for it.

Corey Bryant




msg:646474
 1:49 pm on Apr 30, 2005 (gmt 0)

bcc1234 is correct. Apparently they got ahold of some credit card numbers and they just want to see which ones are good so they can go out to other merchants to actually buy something. You should consider blocking all the IP addresses on the gateway

-Corey

larryhatch




msg:646475
 2:20 pm on Apr 30, 2005 (gmt 0)

I Googled up "Nigerian Viagra" as an exact phrase,
quotes included
and only saw 32 pages returned.
Somebody is missing a bet. -Larry

oddsod




msg:646476
 2:57 pm on Apr 30, 2005 (gmt 0)

This post may get deleted but..... "Nigerian honesty" [google.com] gets me zero results ;)

Till Google spiders this page, of course

Essex_boy




msg:646477
 5:16 pm on Apr 30, 2005 (gmt 0)

Ive worked with god fearing Nigerians who'd give you teh shirt off their backs if that would help.

Not all are bad they do have some good ones.

worker




msg:646478
 5:31 pm on Apr 30, 2005 (gmt 0)

Does anyone have a site that lists the IP range for Nigeria?

incrediBILL




msg:646479
 5:36 pm on Apr 30, 2005 (gmt 0)

If you have a drop down list of allowed countries in your checkout process for billto/shipto just remove nigeria. Maybe they'll stop when they can't direct the order to their house :)

hfwd




msg:646480
 5:41 pm on Apr 30, 2005 (gmt 0)

IncrediBILL - that's exactly what we've done with our checkout procedure. We removed Nigeria & Indonesia, and a whole bunch of other "suspect" countries.

Every now and then we get an email trying to order from these countries, which we just delete.

incrediBILL




msg:646481
 6:53 pm on Apr 30, 2005 (gmt 0)

We also disabled credit card processing for most international orders except a couple of countries we have very little trouble with.

When customers get to the page where credit card information would be input it displays a page about how to process the order via a wire transfer. If they want to proceed with the order and a wire transfer, then thay continue with "SAVE ORDER PENDING WIRE TRANSFER", otherwise they just go away as we don't take a hit on our payment gateway which costs per each failed transaction.

worker




msg:646482
 8:36 pm on Apr 30, 2005 (gmt 0)

I'd like to block visitors from certain countries from even hitting the site. Does anyone have any sites that list IP address by geographical location...specifically country IP address ranges?

Corey Bryant




msg:646483
 10:05 pm on Apr 30, 2005 (gmt 0)

There is a free GoeIP here: http://www.maxmind.com/app/geoip_country

And the code can be found here: [codeproject.com...] or [sourceforge.net...]

-Corey

[edited by: lorax at 1:17 pm (utc) on May 1, 2005]
[edit reason] delinked commercial URL [/edit]

otc_cmnn




msg:646484
 5:30 pm on May 3, 2005 (gmt 0)

If your merchant processer does not block an IP after X number of unsuccessful transactions, get a new processor! These guys are constantly looking for open processors where they can run a database of hundreds of cards hoping to find one that doesn't get denied. They may not want YOUR products, just access to your crappy gateway.

If you block the IP range then they won't get to your site (as often) and therefore won't end up at your hosted checkout page (as often). We send everyone from suspect countries to:
[ifccfbi.gov...]

Just taking out the drop down list doesn't help (In my experience) we get orders trying to get to "Lagos" Alabama, USA as they just leave the drop downs on the default.

It is a numbers game for them but also for us. When you send out a hundred thousand orders a year, a few of them are going to be fraudulant. Just try to keep the % low. Just don't kick yourself to hard if ones creeps through, the occasional crook is smart.

Habtom




msg:646485
 8:23 pm on May 3, 2005 (gmt 0)

May be it is not good to generalize that Africa as a whole is not comfortable in ecommerce. There are so many people, including myself, have had websites dealing on ecommerce business in Africa, and haven't got a problem in fraud.

I know Nigerians have had fraud as "part of their culture". But except Nigeria, you can still have business with the rest of Africa. There are so many African countries with descent people dealing with descent ideas. . .Look at South Africa, Ethiopia, Eritrea, among others are good for business.

Let's not conclude Africa is a source of fraud. . .it could as well be a source of income.

Habtom

Global Options:
 top home search open messages active posts  
 

Home / Forums Index / WebmasterWorld / Ecommerce
rss feed

All trademarks and copyrights held by respective owners. Member comments are owned by the poster.
Home ¦ Free Tools ¦ Terms of Service ¦ Privacy Policy ¦ Report Problem ¦ About ¦ Library ¦ Newsletter
WebmasterWorld is a Developer Shed Community owned by Jim Boykin.
© Webmaster World 1996-2014 all rights reserved