http://www.e-junkie.com/bb/ E-Junkie Forum RSS en-us Copyright 2012, 19.5 Degrees. All rights reserved. webmaster@e-junkie.com webmaster@e-junkie.com Wed, 17 Aug 2011 00:30:20 GMT Fri, 10 Feb 2012 15:53:48 GMT 681 E-JUNKIE 5 http://www.e-junkie.com/bb/ http://www.e-junkie.com/ej/logo.gif 290 104 http://www.e-junkie.com/bb/topic/4134/pg/1#post18596 http://www.e-junkie.com/bb/topic/4134/pg/1#post18596 Wed, 17 Aug 2011 00:30:20 GMT
IP address assignments are not perpetual; they are typically assigned to the user at random for each connection session, from a pool of IPs their ISP holds. Moreover, everyone using a given public WiFi hotspot would appear to be using the same public IP, assigned to the WiFi router at that location.

Fraudulent buyers rarely use an ISP connection that can be traced back to them (such as a connection at their home or work), preferring to use public hotspots that make their activity effectively anonymous. By blocking the IP used for a fraudulent transaction, you would block everyone who ever uses that public hotspot, without blocking the fraudulent buyer, who will have skipped along to the next cyber cafe by then anyway.]]> E-junkie Discussions; E-junkieGuru http://www.e-junkie.com/bb/topic/4134/pg/1#post18596 http://www.e-junkie.com/bb/topic/4134/pg/1#post18596 Tue, 16 Aug 2011 03:33:55 GMT E-junkie Discussions; TCE http://www.e-junkie.com/bb/topic/4134/pg/1#post18596 http://www.e-junkie.com/bb/topic/4134/pg/1#post18596 Wed, 16 Mar 2011 21:25:55 GMT
Meanwhile, one thing you might do is set "PayPal Account Optional: OFF" in the Website Payment Preferences of your PayPal profile settings. That way, buyers would be unable to check out using any credit card numbers and email address they wish to provide; they must use an existing PayPal account or register for one.

That still would not block cases where the fraudulent buyer steals or hacks into someone else's PayPal login, but if you also set up a Common Thank-you Page URL, then buyers would be unable to claim their digital purchase immediately following checkout, and would need to wait to receive the thank-you email message we send with the link to reach their thank-you/download page. Since we only send that message to the buyer's registered PayPal Email address for orders paid via a PayPal account, this means fraudsters would also need to have access to the separate inbox account for the PayPal Email address registered to the PayPal account they'd stolen/hacked to make their payment, so this puts an extra obstacle in their way of obtaining the actual product.]]> E-junkie Discussions; E-junkieGuru http://www.e-junkie.com/bb/topic/4134/pg/1#post18596 http://www.e-junkie.com/bb/topic/4134/pg/1#post18596 Wed, 16 Mar 2011 17:44:07 GMT
Could we have a check box option that says:

"Only allow download(s) from the same IP address as the buyer IP address"

I know that the download links are kicked out to the scammers fake email address and then the download is prompted when they click on the download link itself. But, if the auth. key in the download URL could do a quick authentication against the Buyer IP address used for that purchase it would stop this type of fraud for us, or at least the scammer would have to use the same IP address both both instances.

Can you advise on this?

I just had 3 more transactions today for a total of $600+ from scamming ________ (fill in the blank with what you'd like.]]> E-junkie Discussions; socialseo http://www.e-junkie.com/bb/topic/4134/pg/1#post18596 http://www.e-junkie.com/bb/topic/4134/pg/1#post18596 Mon, 14 Feb 2011 06:11:12 GMT
"""
13.3 Ineligible Items. PayPal Purchase Protection only applies to PayPal payments for certain tangible, physical goods. Payments for the following are not eligible for reimbursement under PayPal Purchase Protection:

Intangible items, including Digital Goods
"""

Looks like intangible goods are ineligible for PayPal Purchase Protection.]]> E-junkie Discussions; Wing http://www.e-junkie.com/bb/topic/4134/pg/1#post18596 http://www.e-junkie.com/bb/topic/4134/pg/1#post18596 Mon, 14 Feb 2011 02:24:50 GMT abuse@hostmysite.com and abuse@hosting.com (since the former domain just redirects to the latter), with details of the exact date and time that IP was used for any fraudulent transactions, so they can look up who was using that IP at that time and take whatever action they deem appropriate. In order to get any info from them about the user to take action yourself, you may need to lawyer-up and make formal legal demands or even obtain a court order.

The problem with blocking IPs is that an IP cannot reliably identify any particular user or computer across time. Most end-users' routers typically get assigned a new IP at random from a common pool of IPs maintained by their ISP every time they start using their connection, so blocking one of those IPs would only block whatever random user of that ISP happened to be assigned that IP at that moment (which could become a problem if it happens to be a large ISP). Moreover, even if the IP is static or at least used constantly enough by a given router that it never gets assigned a new IP, that could just be the router for a public WiFi hotspot (commonly used by crooks wanting to hide their trail) or a large organization such as a university campus.]]> E-junkie Discussions; E-junkieGuru http://www.e-junkie.com/bb/topic/4134/pg/1#post18596 http://www.e-junkie.com/bb/topic/4134/pg/1#post18596 Fri, 11 Feb 2011 21:53:33 GMT
First, we sell Drupal themes via download from one of our websites. Themes range from $39 to $99 depending on the theme. Over the past couple of months we have had 3 to 4 transactions where I believe someone gains access to a Paypal account, orders one or more products from us, and then downloads our products from another IP address versus the Billing Info. IP address.

My concern is that we have seen the same "Download" IP address several times with these fraudulent transactions. Looking up the IP address of the downloaded files shows this IP:

IP: 76.12.48.68
NetRange: 76.12.0.0 - 76.12.255.255
CIDR: 76.12.0.0/16
OriginAS: AS20021
NetName: HOSTMYSITE
NetHandle: NET-76-12-0-0-1
Parent: NET-76-0-0-0-0
NetType: Direct Allocation
NameServer: NS3.LNHI.NET
NameServer: NS1.LNHI.NET
NameServer: NS2.LNHI.NET
RegDate: 2007-05-01
Updated: 2008-02-01
Ref: http://whois.arin.net/rest/net/NET-76-12-0-0-1

OrgName: HostMySite
OrgId: LNH
Address: 650 Pencader Drive
City: Newark
StateProv: DE
PostalCode: 19702
Country: US
RegDate: 2001-02-19
Updated: 2008-05-28
Comment: Abuse Contact:
Ref: http://whois.arin.net/rest/org/LNH

So, 76.12.48.68 is seen multiple times in the download IP address info within our sales logs.

I don't understand why we cannot just block any downloads from 76.12.48.68 in the future because this is the IP address used each time to download the files.

I hate scammers...

Any advise or help?]]> E-junkie Discussions; socialseo http://www.e-junkie.com/bb/topic/4134/pg/1#post18596 http://www.e-junkie.com/bb/topic/4134/pg/1#post18596 Wed, 11 Aug 2010 17:34:13 GMT
2. I used to make it so that they were print-protected so the scammers couldn't get free stuff, but then sending a "live" file to my legit customers was a hassle, so I took print-protect off.

3. In the end - if people are scammers - let them have the book and move on with life. Ban their IP from viewing your site and focus on money-making, not administrative crap that wastes your time and effort.]]> E-junkie Discussions; JeffE http://www.e-junkie.com/bb/topic/4134/pg/1#post18596 http://www.e-junkie.com/bb/topic/4134/pg/1#post18596 Wed, 11 Aug 2010 13:01:52 GMT Effective Date: Aug 24, 2010

Increased Chargeback Fee. Section 8.5 (Additional Fees) is amended to increase the Chargeback Fee from $10 to $20 for payments in US dollars, and the foreign currency equivalent if the payment was in another currency.

Source: https://cms.paypal.com/us/cgi-bin/?&cmd=_render-content&content_ID=ua/upcoming_policies_full

As previously stated, it is the cost of doing business. All you can do is block their name and email and ban them from your website.

Costs
1. Loss of funds
2. Loss of product
3. $20 chargeback fee
4. Chargeback strike (too many and you have a portion of your funds withheld to build a chargeback reserve or they terminate your account because you're high risk)

Fun stuff!]]> E-junkie Discussions; Landro http://www.e-junkie.com/bb/topic/4134/pg/1#post18596 http://www.e-junkie.com/bb/topic/4134/pg/1#post18596 Tue, 10 Aug 2010 20:51:09 GMT E-junkie Discussions; E-junkieGuru http://www.e-junkie.com/bb/topic/4134/pg/1#post18596 http://www.e-junkie.com/bb/topic/4134/pg/1#post18596 Tue, 10 Aug 2010 18:41:44 GMT
Am I understanding that correctly?]]> E-junkie Discussions; wmmonroe http://www.e-junkie.com/bb/topic/4134/pg/1#post18596 http://www.e-junkie.com/bb/topic/4134/pg/1#post18596 Mon, 5 Apr 2010 16:22:13 GMT
the funny thing click bank they know that and they are not thinking to take any action about it they all thing of the buyer as he is angel and in fact some buyers are crocks

there is no way to protect the seller under any terms they told me that so the only thing i have to do was to cancel my account because it dose not make any sense]]> E-junkie Discussions; adihamo http://www.e-junkie.com/bb/topic/4134/pg/1#post18596 http://www.e-junkie.com/bb/topic/4134/pg/1#post18596 Mon, 5 Apr 2010 02:29:28 GMT
You can enable the Shipping/Buyer's Address setting to trigger collection of a street address during checkout for any product including downloads, but that shouldn't normally be necessary unless you're actually shipping something.

Perhaps your speculation regarding the amount of the purchase is relevant to their interest in this transaction, and/or perhaps this may have more to do with something shady about the buyer's account rather than anything to do with your own account or product.]]> E-junkie Discussions; E-junkieGuru http://www.e-junkie.com/bb/topic/4134/pg/1#post18596 http://www.e-junkie.com/bb/topic/4134/pg/1#post18596 Sun, 4 Apr 2010 08:16:55 GMT
PayPal then decided to do an investigation of the order without any complaint from the customer. I would think its because of the new price and they have withheld the money whilst the investigation continues. I know what the outcome will be which is the customer gets his money back and the items.

Anyone come across this before?

Cheers

Stu

P.S. My work around is going to be a free physical backup will be shipped as well, that way I fall into the guidelines.]]> E-junkie Discussions; alittlephotoshop http://www.e-junkie.com/bb/topic/4134/pg/1#post18596 http://www.e-junkie.com/bb/topic/4134/pg/1#post18596 Wed, 31 Mar 2010 04:24:57 GMT I cant explain how many times a payment comes through and is instantly flagged, since I sell gift card codes they already have the code and I am out money, but if there was even a 1 minute delay I wouldnt be.]]> E-junkie Discussions; gballz http://www.e-junkie.com/bb/topic/4134/pg/1#post18596 http://www.e-junkie.com/bb/topic/4134/pg/1#post18596 Wed, 31 Mar 2010 04:04:40 GMT
Enough of those complaints will get your PayPal account shut down, and you won't be able to set up another account with the same bank account or credit card information, so after you go through that a couple times using a different bank every time, it becomes increasingly difficult to impossible to continue doing business online at all.

We want to help our merchants, but we don't want to make it possible (or at least easy) for them to "shoot themselves in the foot" like that. Development is working on some fraud prevention routines that should work automatically and invisibly to prevent obviously fraudulent orders while blocking few if any legitimate orders and allowing those buyers to continue to claim their product as soon as payment completed.]]> E-junkie Discussions; E-junkieGuru http://www.e-junkie.com/bb/topic/4134/pg/1#post18596 http://www.e-junkie.com/bb/topic/4134/pg/1#post18596 Mon, 29 Mar 2010 18:29:47 GMT
My biggest problem isnt with people who reverse payment, its with people who are on phished accounts. Typically they get access to PayPal by getting access to an email account first. Ive sent a few emails to e-junkie about setting up a delay, but...]]> E-junkie Discussions; gballz http://www.e-junkie.com/bb/topic/4134/pg/1#post18596 http://www.e-junkie.com/bb/topic/4134/pg/1#post18596 Sat, 27 Mar 2010 22:58:34 GMT
The best thing you can do is take all the precaution advice given and do the best you can. Unfortunately, expect these things to happen. If you've done everything you can to protect yourself, then you've done everything you can. Don't let it get you down too much and move on.

I know it stinks ... big time ... but at least it IS a digital product and you have very, very little overhead.]]> E-junkie Discussions; AnitaDeFrank http://www.e-junkie.com/bb/topic/4134/pg/1#post18596 http://www.e-junkie.com/bb/topic/4134/pg/1#post18596 Mon, 22 Mar 2010 19:05:27 GMT E-junkie Discussions; Catgirl http://www.e-junkie.com/bb/topic/4134/pg/1#post18596 http://www.e-junkie.com/bb/topic/4134/pg/1#post18596 Fri, 5 Mar 2010 18:30:58 GMT E-junkie Discussions; catman2