Why dont you block whole country from coming to ur website
What are the crooks in Nigeria trying to do anyway?
I never really understood why they bothered with those silly 419 emails until I read a US Gov report that these netted them hundreds of millions of dollars annually.
I guess that just as they send out millions of emails knowing some idiots will fall for it they are submitting millions of credit card orders knowing some will get though.
> Why dont you block whole country from coming to ur website
The shopping cart is remotely hosted so putting a deny from in my .htaccess file would not do anything. The remote shopping cart finally blocked the set of crooked IPs.
" never really understood why they bothered with those silly 419 emails until I read a US Gov report that these netted them hundreds of millions of dollars annually."
I've read that too, but I'm dubious. If those scam emails are so profitable why do the letters almost entirely originate from one place, Nigeria. Why don't we get them from Latin America, for example. OTOH, I have no doubt the Nigerian gov't is complicit in those scams, despite what they say.
My guess is the profit per scammer is pretty small, especially in recent years.
The UK National Criminal Intelligence Service figures for 2002 show 150 people in the UK lost £8.4m with the average loss being £56,675. I guess it was even worse as some people may not have reported their loss.
Like the advance fee scam this type of fraud has a very low % success rate but they make millions of attempts.
Did it not trip the fraud protection systems of your merchant processor?
|What are the crooks in Nigeria trying to do anyway? |
They are trying to see which cards are still good and which are not... and you are paying for it.
bcc1234 is correct. Apparently they got ahold of some credit card numbers and they just want to see which ones are good so they can go out to other merchants to actually buy something. You should consider blocking all the IP addresses on the gateway
I Googled up "Nigerian Viagra" as an exact phrase,
and only saw 32 pages returned.
Somebody is missing a bet. -Larry
This post may get deleted but..... "Nigerian honesty" [google.com] gets me zero results ;)
Till Google spiders this page, of course
Ive worked with god fearing Nigerians who'd give you teh shirt off their backs if that would help.
Not all are bad they do have some good ones.
Does anyone have a site that lists the IP range for Nigeria?
If you have a drop down list of allowed countries in your checkout process for billto/shipto just remove nigeria. Maybe they'll stop when they can't direct the order to their house :)
IncrediBILL - that's exactly what we've done with our checkout procedure. We removed Nigeria & Indonesia, and a whole bunch of other "suspect" countries.
Every now and then we get an email trying to order from these countries, which we just delete.
We also disabled credit card processing for most international orders except a couple of countries we have very little trouble with.
When customers get to the page where credit card information would be input it displays a page about how to process the order via a wire transfer. If they want to proceed with the order and a wire transfer, then thay continue with "SAVE ORDER PENDING WIRE TRANSFER", otherwise they just go away as we don't take a hit on our payment gateway which costs per each failed transaction.
I'd like to block visitors from certain countries from even hitting the site. Does anyone have any sites that list IP address by geographical location...specifically country IP address ranges?
There is a free GoeIP here: http://www.maxmind.com/app/geoip_country
And the code can be found here: [codeproject.com...] or [sourceforge.net...]
[edited by: lorax at 1:17 pm (utc) on May 1, 2005]
[edit reason] delinked commercial URL [/edit]
If your merchant processer does not block an IP after X number of unsuccessful transactions, get a new processor! These guys are constantly looking for open processors where they can run a database of hundreds of cards hoping to find one that doesn't get denied. They may not want YOUR products, just access to your crappy gateway.
If you block the IP range then they won't get to your site (as often) and therefore won't end up at your hosted checkout page (as often). We send everyone from suspect countries to:
Just taking out the drop down list doesn't help (In my experience) we get orders trying to get to "Lagos" Alabama, USA as they just leave the drop downs on the default.
It is a numbers game for them but also for us. When you send out a hundred thousand orders a year, a few of them are going to be fraudulant. Just try to keep the % low. Just don't kick yourself to hard if ones creeps through, the occasional crook is smart.
May be it is not good to generalize that Africa as a whole is not comfortable in ecommerce. There are so many people, including myself, have had websites dealing on ecommerce business in Africa, and haven't got a problem in fraud.
I know Nigerians have had fraud as "part of their culture". But except Nigeria, you can still have business with the rest of Africa. There are so many African countries with descent people dealing with descent ideas. . .Look at South Africa, Ethiopia, Eritrea, among others are good for business.
Let's not conclude Africa is a source of fraud. . .it could as well be a source of income.