Do you have an anti fraud plugin for your shopify, bigcommerce, woocommerce, or magento store? These anti fraud plugins supply signals, like a risk score. so you or your payment provider can make decisions about declining a payment, or perhaps asking for further information.
Your fraud plugin could pass the IP address that order on your website was coming from via an API to an IP reputation service, get back a score and make a decision. Until recently that was a solid way of calculating fraud risk.
There has been a seismic shift in fraud in recent years, away from VPNs and TOR to residential proxies. These same anti fraud services claim to be able to detect these residential proxies, but what if I told you that these services, which many businesses rely on, are falling woefully short?
We took 25 IP addresses which had just been used as residential proxies in an attack on one of our clients, and within 5 minutes of detection ran them through some of the most popular IP intelligence services. The results? Let's just say they're not going to make it into any marketing materials.