As
the fraudsters are now becoming more sophisticated in bypassing the
Geo-location controls by using proxies (Anonymous IPs) to spoof their IP
address, it has become very much necessary to come up with a means for
detecting the proxies so that the authenticity of the users can be
verified. Using a proxy (web proxy) is the simplest and easiest way to
conceal the IP address of an Internet user and maintain the online
privacy. However proxies are more widely used by online fraudsters to
engage in cyber crimes since it is the easiest way to hide their
actual Geo-location such as city/country through a spoofed IP address.
Following are some of the examples where fraudsters use the proxies to
hide their actual IP.
1. Credit Card Frauds
For
example, say a Nigerian fraudster tries to purchase goods online with a
stolen credit card for which the billing address is associated with New
York. Most credit card merchants use Geo-location to block orders from
countries like Nigeria and other high risk countries. So in order to
bypass this restriction the credit card fraudster uses a proxy to spoof
his IP address so that it appears to have come from New York. The IP
address location appears to be legitimate since it is in the same city
as the billing address. A proxy check would be needed to flag this
order.
2. Bypass Website Country Restrictions
Some
website services are restricted to users form only a selected list of
countries. For example, a paid survey may be restricted only to
countries like United States and Canada. So a user from say China may
use a proxy so as to make his IP appear to have come from U.S. so that
he can earn from participating in the paid survey.
Proxy Detection Services
So in order to stop such online frauds, Proxy Detection has become
a critical component. Today most companies, credit card merchants and
websites that deal with e-commerce transactions make use of Proxy Detection Services like MaxMind andFraudLabs to detect the usage of proxy or spoofed IP from users participating online.
Proxy
Detection web services allow instant detection of anonymous IP
addresses. Even though the use of proxy address by users is not a direct
indication of fraudulent behaviour, it can often indicate the intention
of the user to hide his or her real IP. In fact, some of the most used
ISPs like AOL and MSN are forms of proxies and are used by both good and
bad consumers.
How Proxy Detection Works?
Proxy
detection services often rely on IP addresses to determine whether or
not the IP is a proxy. Merchants can obtain the IP address of the users
from the HTTP header on the order that comes into their website. This IP
address is sent to the proxy detecting service in real time to confirm
it’s authenticity.
The
proxy detection services on the other hand compare this IP against a
known list of flagged IPs that belong to proxy services. If the IP is
not on the list then it is authenticated and the confirmation is sent
back to the merchant. Otherwise it is reported to be a suspected proxy.
These proxy detection services work continuously to grab a list or range
of IPs that are commonly used for proxy services. With this it is
possible to tell whether or not a given IP address is a proxy or spoofed
IP.
How to Tell Whether a given IP is Real or a Proxy?
There are a few free sites that help you determine whether or not a given IP is a proxy. You can use free services like WhatisMyIPAddress to
detect proxy IPs. Just enter the suspected IP in the field and click on
“Lookup IP Address” button to check the IP address. If it is a
suspected proxy then you will see the results something as follows.
So
for all those who think that they can escape by using a spoofed IP,
this post is the answer. I hope this information helps. Pass your
comments.
No comments:
Post a Comment