New on LowEndTalk? Please Register and read our Community Rules.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
How can I contact to FraudRecords?
Hello everyone,
From query,I found I have 2 reports in FraudRecords,One called"DDoS attack",another one called"staff abuse",but I've never do that,so I tried to contact FR to explain something,but as time went by,no any reply from FR.And I can't contact the provider who reported it to FR,because the provider already ran away.
How can I do to try to remove the "Fraud Reports"?
Regards.
Comments
Two reports from two different providers?
You can't. They are there for a reason. Like what criminal records are for real life.
threaten to sue the provider(s) who marked them if the report is not accurate.
Yes.One is GV*,another one is Intronet(a Indian VPS Provider,already ran away).And now because of "fraud reports",I can't order VPS from some providers which using FR.For example,I can't order VPS from you,because you use FR.
If the report was only from GVH when I would believe you are innocent. But two reports from two different providers... Unlikely they are both making stuff up.
That said you seem to have crap luck with the worst providers. LOL.
If two different providers reported you for two different reasons I doubt you'll get the reports removed. The likelyhood of reports being wrong drops significantly as the number of independent providers who submit reports against you increases.
FraudRecord has a method in place to dispute reports but disputing all reports against you from different providers will likely result in ignored requests.
Another one "Intronet"you can search it,they sold"$12/year 16GB RAM VPS",it is a cheat.When they ran out,I want to chargeback,but as i said they already ran out,I can't contact them,so I have no choice,I only do PayPal dispute to "chargeback",and then they reported to FR and the reason"DDoS attack",but I never do that.WTF.
Harzem doesn't seem too bothered about fr, I know i submitted company name change over 1-2 years ago which still seems isn't complete from stormvz
So one report from GVH (not a reputable host exactly) and other from a very dubious Indian company which apparently scammed him.
OP doesn't seem to be great at choosing providers, but the history isn't crazy, he could be saying the truth...
How can "staff abuse" even be an offense on fraudrecord?
He never saw a judge for his fraudrecord entries, how could you possibly compare it to criminal records??
Since the users of the service are hosting providers, would they really want to accept a customer who is rude, and abusing their staff? No, they don't.
Seems to be Turkey based so you might have a chance to legally force them to clear wrong info.
Good for you. If it were usa based you'd be lost because their consumer protection seems to be little more than a thinly veiled show. Moreover they are known to care batsh-t about non usa citizens.
At the same time I can very well understand providers wanting FraudProtection because there are many weird and bad customers out there.
big deal someone is rude. Happens to me every time I am on the plane or in the cinama. And I don't get money for that.
This is exactly what is wrong with a system that is one-sided and has no oversight or dispute process.
Rude is simply one example. Companies have the ability to choose their customers just as customers have the ability to choose the companies they signup with. I have dealt with some awesome customers, and I have also dealt with some of the worst. People that will insult your staff, refuse to work with you, and deny everything. Sometimes they even attack your website or services. That is an abusive customer and one that no person should ever accept to signup. It simply isn't worth it. When 10% of your customers are causing 90% of your support load, simply drop those 10% of customers. Your load then drops 90%. The goal is the prevent that from even happening, "staff abuse" is just one of the ways that can be prevented.
But imagine you were my customer and I gave you a bad record because I was having a bad day.
A support rep having a bad day has nothing to do with writing a record about a customer being abusive towards the rep.
If a customer can't maintain a certain level of education and show some level respect to other people, I wouldn't want him either.
Sounds like a perfect entry for BadAttitudeRecord, not so much for FraudRecord.
It seems I was mistaken when I thought this was about Fraud Protection.
I'm shocked to learn that this for some really is more of a self-comfort service and an extremely un-balanced at that.
Not even bringing up the point that some angry customers might actually have good reason to be pi--ed and unfriendly, what some here say strikes me as extremely unfair, egomanical, unreflected, and ignorant attitude.
On top of that it is outright stupid because it comes down to some provider deciding for others what's an acceptable customer.
How about some EgotisticalRetards Protection for damaged customers?
Pardon me, but this is the 21st century and we can, if we are very very picky and sensitive, have some software check-reading tickets first for, gosh, unpleasant words. Or how about: "Dear client, no matter the content and the possibly justified complaint, we will delete and not respond to any further communication by you that is grossly unpolite or even vulgar. Should you chose to continue that behaviour we might have to resort to terminating the contract - Please, calm down a moment and put your issue forward in an acceptable fashion. Be sure that we are interested in our customers being happy and satisfied"?
Fraud Protection yes. Ignorant, arrogant "fuck you, I'll just put you on the black list und you can't even fight against that" based on bad behaviour in tickets - No!
You do know that fraud record is just one tool out of many that providers use to screen orders right? Being on FR isn't an instant order deny, it is up to the host to decide if that use that information to deny an order.
I don't care about an specific tool but about the attitude of some here.
Fraud protection tools are OK as it's perfectly legitimate for providers to protect themselves from fraudsters.
But that "he behaved badly (or unpolite or swearing or ...) so I put him on XYZ black list" ist just disgusting.
I'm fairly certain that the report about outbound DDOS attacks holds a lot more weight than "he cursed at me". That being said, we have specific terms in our TOS about clients behaving rudely because there is usually a direct correlation between rude clients and loss of income through abuse, chargebacks, or spending hours explaining to a client how to click a button. While we wouldn't reject a client based solely on reports of them being abusive towards staff (unless there are enough reports from different providers), we simply do not have the resources to deal with such clients who are prone to cause trouble.
As a provider who uses FraudRecord, I can say that you have to take every report on there with a grain of salt. Heck, there are some providers that whenever I see reports from them on there I completely ignore them. This is my choice as a free thinking business owner. Some people may weigh different providers equally but that is the beauty of this system. It's not as simple as "Yes" or "No" when it comes to reading reports, so it can't really be seen as a blacklist like you said. People have been asking since day one for the WHMCS plugin to automatically reject clients based on reports and this would be a huge mistake because, as you said, it's completely subjective and providers are free to submit any reports they like. Luckily there are a lot of legitimate reports and if a client has 10+ companies saying "spammer" then you can bet your last dollar that person is a spammer.
FraudRecord doesn't say "you have to report all clients who do this, this, and this", instead they give providers the option to report information that they think is relevant and other providers should know about. Heck, FraudRecord is 100x less damaging than Maxmind and you can report e-mail address and IPs to Maxmind for free with a click of a button and they are instantly blocked by every provider who uses Maxmind, you don't even need to submit a reason. On top of that, if an e-mail or IP is reported to Maxmind, they will e-mail every provider that client signed up with in the past 7 days (or maybe it's 72 hours) and tell them to reject the order that previously passed their fraud check.
No fraud protection tool is perfect and some legitimate clients will always get flagged just like some fraudsters will slip through the net. The best we (providers) can do is to use our best judgement and hope that the systems we do have in place are enough to keep us out of court rooms and allow us to remain in business another day.
@harzem
They are not even close to criminal records. You can't get an entry in criminal record simply because someone filled out a "report form" about you. Furthermore the reporting side is involved in the problem - this doesn't make it a neutral report. A criminal record entry is neutral and well verified information.
@KuJoe
Thanks for writing that well elaborated explanation. I see your point.
You see, I couldn't care less personally because I'm not a troublemaker. No spamming, no seeding, no ... Just plain and boring dns,http, etc. The worst to happen might be an explosion of anger, if someone is very respectless or lies - and even then I'd stay polite.
It's about principle and about attitude. With someone like you I trust, he won't just comfortably hit the "kill" button without proper reflection.
But there have also been answers here that strongly suggest that those guys don't think a lot (before pushing the button) and that their complaint is more mom-like ("Oh, oh, we do not like that word, do we!") and personal comfort oriented and not well justified. And I guess that these guys will not differentiate. Someones is some blacklist, bye bye.
Oh well, maybe they destroy someones little business, so what. If only their support people are happy and cozy.
And btw., while I can't prove it, I'd bet that people like you run a better hosting/provider service than those sensitive,comfort quick shots.
@bsdguy I see your point and I was really hoping that FR would implement a feature that looks like it's been coded into since the beginning but has yet to be used. On all FR reports there is a value called "Reliability" which I was assuming would change based on the provider reporting it (i.e. a trust provider that's been making reports for 1+ years is more reliable than a host that signed up today to report 50 people). It would be really nice if other providers could weigh in on reports and affect the reliability of providers, especially if it's for current clients.
Even better yet, it would be 100x better if FraudRecord had a small group of individuals that reviewed both reports from providers AND disputes from people reported. Honestly I think a lot of providers don't enter enough detail to substantiate their reports (like when a providers reports somebody as a Spammer and for the description they just put "sent spam mail", something like "sent 100k e-mails and their IP was listed on X blacklists" with a copy and paste of the blacklist details would be much harder for the person to dispute).
The other side of the argument though is that if it's too much work for the provider or FR starts to doubt provider input it will cause providers to stop filing reports and if just one legitimate report gets tossed out, odds are that provider will stop using it all together because why trust a system where legitimate reports are possibly removed?
I really like the system in place, but there's definitely room for improvement (as with any system) and it looks like Harzem had some ideas that haven't been fully implemented (like the reliability field).
Full disclosure: Secure Dragon is a sponsor for FraudRecord, both financially and we provide DDOS protection free of cost for them. I forgot to mention this before but I wanted to make sure it was known in case people think we're in bed with FR because their domain resolves to one of our IPs (we provide a reverse proxy which is completely encrypted over SSL end to end so we don't have access to their database and we can't view any data transmitted to or from them).
@KuJoe
Thank you. It's pleasant to see that it's perfectly well possible for people with (at least in part) different points of view to nevertheless engage in polite and, even better, constructive discussion. That by itself makes it worthwhile and shines a good light on you.
As for the matter itself, I perfectly well understand the need for fraud protection and the providers desire for it. Moreover they are right; there are lots of weirdos out there in the internet and providers have a legitimate need to protect their business and resources, their customers, and their reputation.
Besides technical issues, which I consider being minor, I think you hit the nail by mentioning the quality and staff issue. For such a system to have any meaning and worth the watchers have to be watched, too (the famous "Quis custodiet ipsos custodes" issue). But let me guess ... the comfort quick hitters are the ones who want the service for free ...
I think that a FP system must, as a minimum, also have a marking system for providers, too. Something that shows whether a given provider usually send in well based cases along with proof or whether he's is quick hitter with little proof.
And I'd strongly suggest grouping. Groups like "criminal or quasi criminal patterns, grave resource abuse, etc", "payment trouble, fraud, etc.", and finally "vulgarity, swearing, social abuse, etc".
Finally there should be a built-in lifetime for records depending on the originating providers reputation, the offense group, and how grave a complaint is.
Lifetime for both, a serial Credit Card fraudster and someone who was reported by some less reputable provider for social abuse in tickets is just unjust and, frankly, ridiculous.
@bsdguy I think that there's a little confusion on how FraudRecord is setup since it's not readily visible to non-providers so I'll post some screenshots to give everybody who doesn't use it some insight on how it's setup and hopefully it will make more sense.
Here's the first screen if you want to make a report to FraudRecord, pretty self explanatory:
http://n3rd.info/upl/screen1.png
Here's the drop down of the types of reports that can be submitted (i.e. categories or groups, like you suggested):
http://n3rd.info/upl/screen2.png
Here's the drop down with the "value", this is subjective but I usually use "1" for informational (basically if the client does something that isn't illegal but does cost us to lose money but might not be a repeat offender) and "10" for something serious and is very likely to repeat this activity in the future (spamming, DOSing, attempting to hack our systems or other clients, etc...):
http://n3rd.info/upl/screen3.png
Here's the first thing that is seen when you run a check on a user. As you can see there is a reliability value but if you check the next screen all providers have a value of 1 (not sure how it got 9.4 out of all 1's):
http://n3rd.info/upl/screen4.png
Here's the detailed report showing the different types, values, and descriptions (I removed the provider info and any names but under the "Reported By" column it has the provider name, their website, and the date and time the report was made):
http://n3rd.info/upl/screen5.png
After further review, I found this describing FR's reliability field:
It looks like it could be really useful but at this time all providers have a reliability of "1" regardless of how long they have been a member.
@KuJoe
Thanks once more. Very helpful post to better understand the issue at hand.
Problem: I just discovered that I must be a serious highly criminal offender. Oops.
"fraud" (grave, 10 points) different order and paypal name.
Well, I do this regularly. Simple reason. E.g. my wife wants to buy something. But she pays using my paypal (or CC, for that matter) or vice versa. Which is perfectly OK but considered grave (10 points) fraud.
"spammer" (grave, 10 points) ordered VPSs and immediately asked rDNS.
Well, not only do I do this regularly, but I'm even feeling perfectly entitled and alright demanding rDNS (if it was part of the deal - and it usually is)
So, according to FR I should be a really evil, highly criminal guy. Problem is that I'm not at all criminal. I NEVER did any spamming or seeding or CPU abuse or (insert bad behaviour). I'm, in fact, about as boring and nice a client as you may find. Very few tickets, too (I usually don't need help, besides some start up questions with a new provider, usually due to the fact that their KB is lacking).
Yet according to the way FR works I might well be badly RED flagged with FR as being (supposedly) almost a net terrorist just because I ask for standard service that is part of the deal (rDNS) and because my wife uses my CC or PP? That, Sir, is plain ridiculous and I wouldn't hesitate to sue the hell out of FR if they ever dared to paint me evil.
Again and once more, I do understand the need of providers for protection. But kindly also understand that there are evidently brainless providers out there machine gunning at completely innocent people for ... no fu--ing reason at all (other than them lacking a working brain and some human quality).
Unless your wife has a different last name and address it shouldn't be a problem. The problem begins when Mr. Smith from Atlanta, GA pays using Mr. Patel's Paypal in India or Anne Nonimus in Turkey pays using a Paypal that has a name, address, and phone number for an 83 year old woman in Nebraska.
The rDNS thing is a stretch and thus why more details should have been provided (maybe the rDNS were for mail.superspammer.com or fake like mail.google.com). In my experience, since we have a custom control panel that people aren't used to, spammers will open a ticket immediately asking for rDNS instead of spending the 30 seconds looking for how to update it themselves so that's usually a red flag for us but not something we would terminate or report them for without any actual spam activity.
Either way it shows that providers need to provide better details sometimes (although in this case, with 28 reports I wouldn't bother reading all of them anyways so 75% of them could simply say "spam" and I'd be fine with it) and use common sense all of the times.
This thread has driven me to start working on something to hopefully improve FraudRecord for both users and providers. I'll start by writing some tutorials for providers on how to better review reports and file reports since it's evident that this is not being explained well enough. Then I'll take the WHMCS plugin and revamp it to hopefully explain things better and submit it to Harzem. Lastly, I'm going to engage Harzem in a forming some sort of group to review report disputes and to review reports (not client details).
I've always said that FraudRecord is only as good as the community who uses it so hopefully we can take this community aspect and build it into something greater than the "dumb" (dumb as in basically on auto pilot, not as in stupid) system it is now (which works, but leaves a lot of room for improvement).