Howdy, Stranger!

It looks like you're new here. If you want to get involved, click one of these buttons!

Advertise on LowEndTalk.com

Is it moral to host people who commit fraud when you cant prove it?
New on LowEndTalk? Please read our 'Community Rules' by clicking on it in the right menu!

Is it moral to host people who commit fraud when you cant prove it?

Assuming that You are as a shared hosting provider sure that on your server are people who use the server in fraudulent activities, but you cant prove it. (example user send out email pretending to be someone else and trick someone to send him money)

Is it more moral to rather shut down server and stop providing public hosting service or to keep it running while serving as an essential medium for committing fraud?

InternetLifeForum.com - hosting, webmaster forum

Comments

  • Cancel and refund, it's not worth being caught up in something like that

  • DalCompDalComp Member
    edited November 2015

    nevermind. Insomnia, I should stop LET-ing.

    I'm here to collect your heart

  • If you can prove he sent the fraud mail, go for it. Those thrash has no rights.

    ...
    ...

  • But how do you know the people you're hosting are doing fraudulent activities ? You say that you can't prove it, so no proof and no complaints too. How did you suspect this ?

    You're worst than the suspected fraudster ... :)

    Thanked by 1NanoG6

    A dreb l7did ma7édou skhoun ! - Flan | تناكت، ليت راحت في تبي

  • jarjar Provider

    I'd be concerned as to how you know it's happening and can't prove it at the same time.

    MagicSpam blackmails providers into buying their software, and ServerHub is a professional spam organization.

  • Is this like the argument about going back in time to kill baby Hitler?

    How to clean up a questionable reputation: throw the kids some BF/CM offers.

  • i know based on experience & past abuse reports, but "how i know" is not why i created this topic

    InternetLifeForum.com - hosting, webmaster forum

  • jarjar Provider
    edited November 2015

    @postcd said:
    i know based on experience & past abuse reports, but "how i know" is not why i created this topic

    It's relevant. If you know, you can terminate. If you cannot prove it, I propose that either you do not know or do not want to expose how you know. If you do not know, it's hard to terminate, and if you're spying on things you don't want to admit to your client as proof, that's another story entirely.

    Repeat abuse reports from sources you trust should be adequate proof. You shouldn't be expected to capture the raw packets and offer undeniable proof of what they're doing. Then you just get accused of privacy violations.

    Just my personal opinion.

    Thanked by 1risharde

    MagicSpam blackmails providers into buying their software, and ServerHub is a professional spam organization.

  • If you want to get rid of the customer, then just send them an email and say that you will not be renewing their services next month and to migrate their data in time.

  • Moral or not, you don't want to host someone who you know is doing illegal things. It might complicate your own life. So better get rid of that customer. You shouldn't have accepted their order at all if you knew he is after illegal things.

    -

  • You shouldn't know the contents of e-mails being sent by your users.

    Knowing the contents of the e-mails creates a ton of moral (as well as legal) problems.

    Ignorance is bliss.

  • I say, even if you speculate someone is committing fraud, terminate them. Not worth the hassle, make sure your TOS indicates you can terminate without notice, or refund at your sole discretion.

    Thanked by 2postcd netomx
  • @Singsing but control panels like cpanel.. I think they give you access to emails etc. Now the question is, if you get a complaint for example, shouldnt a provider be allowed to investigate? Its sometimes a fine line between this privacy we speak of and plain ignorance on the part of a provider. Particularly so if the provider can be held accountable.

    BF/CM Grabs: 1-GeorgeDataCenter, 1-Netcup, 1-Avoro, 1-PHP-Friends, 1-Virtono, 1-AlphaVPS, 1-VirMach ($1/year!)
    Other VPS: 4-Virmachs

  • Next point is, not everyone has morals.... so... that is subjective. My opinion though is I wouldn't want to host anyone doing fraud simply for the moral stand point that I believe I should be the helping the world as opposed to making it worse (morals or my definition of it)

    Thanked by 1postcd

    BF/CM Grabs: 1-GeorgeDataCenter, 1-Netcup, 1-Avoro, 1-PHP-Friends, 1-Virtono, 1-AlphaVPS, 1-VirMach ($1/year!)
    Other VPS: 4-Virmachs

  • risharde said: Now the question is, if you get a complaint for example, shouldnt a provider be allowed to investigate?

    No. The provider should forward the complaint to the customer, and, depending on the severity and number of complaints, decide whether to terminate the customer (based on the data in the complaint alone).

    risharde said: Its sometimes a fine line between this privacy we speak of and plain ignorance on the part of a provider. Particularly so if the provider can be held accountable.

    A provider can be held accountable for willful blindness in some cases, but I do not think this would ever be considered to impose a duty to breach customer privacy.

    Of course, once a provider gets the sense of a fishy smell from an account (through complaints or from statistical data), the provider should simply tell the customer to move it along elsewhere, for the provider's protection.

    I can understand the financial motivation for a provider to want to investigate in order to retain customers that receive complaints on a case-by-case basis, but I can only see that being a massive source of liability.

  • FlamesRunnerFlamesRunner Member
    edited November 2015

    Just wait until you get a spammer.

    Here's what happens when you host a spammer:

    1. They use a stolen credit card/funds obtained through committing fraud

    2. They purchase a dedicated server with you, preferably the one which is the cheapest and with the most IPv4 addresses (generally /29 or a /24)

    3. They spam the crap out of the IPs

    (optional) 4. They charge back

    1. You get trapped paying for the IP scrubbing

    2. The spammers repeat step 1

    Edit: fine

    wget https://s.flamz.pw/dl/bench.sh && bash bench.sh

    curl https://s.flamz.pw/analytics/bench/stats.php

  • jarjar Provider
    edited November 2015

    FlamesRunner said: The spammers repeat step 1

    There's the flaw. Let me rewrite that... ;)

    7. You notice a pattern, adjust fraud detection to compensate.
    
    8. Play halo.
    Thanked by 2risharde netomx

    MagicSpam blackmails providers into buying their software, and ServerHub is a professional spam organization.

  • First question, is it moral to invade users privacy? If it is, then use @postcd 's hosting :D.

  • Everyone has moral its part of human being.

    I followed the presumption of innocence principle

    Thanked by 1postcd

    I'm Fanatical Lowendbox enthusiast

  • FlamesRunner said: They use a stolen credit card/funds obtained through committing fraud

    FlamesRunner said: They charge back

    Doesn't make sense. Why bother to charge back if it's not your card?

  • FlamesRunnerFlamesRunner Member
    edited November 2015

    So they can further abuse the funds ;)

    @jarland, different spammers, different patterns. I don't know why, but it seems like spammers somehow get a hold on residential IPs and beat through MaxMind :/

    The ironic part is that recently, MaxMind has been blocking more real clients then fraudsters :p

    Thanked by 2jar singsing

    wget https://s.flamz.pw/dl/bench.sh && bash bench.sh

    curl https://s.flamz.pw/analytics/bench/stats.php

  • @postcd Sometimes we encounter a tricky situation that we know bad things going on, but we cannot prove it without violating the law (in this case customer's privacy).

    For certain, it makes you worry, if the customer do more than just faking ID, but he/she also commits crime. In this case you might have to take blame of something you didn't do, that might involve loss of money. (From cleaning IP range to your hardware confiscation).

    My advise, improve fraud detection before they use your service, "See No Evil Hear No Evil" but be reactive to take precautions when you receive complains from others.

    Yes, sometimes something beneficial and practical, but immoral and mostly high risk.

    It is up to you now how far you would risk it.

    Thanked by 1postcd

    Happy to be alive and kicking!

  • The ironic part is that recently, MaxMind has been blocking more real clients then fraudsters :p

    For me, maxmind is a good example of tool to harm honests users (incompentence providers use as rule)

    Thanked by 2Ole_Juul Mark_R
  • KuJoeKuJoe Member, Provider

    Hell yes deny them service if they are or have done something illegal. I've blocked many orders from people who are active on certain forums or have used "stressers" in the past (protip: a lot of kids order hosting service with the same e-mail you use to DDOS people and most of the popular "stresser" databases are available in plain text these days).

    -Joe @ SecureDragon - LEB's Powered by Wyvern in FL, CO, CA, IL, NJ, GA, OR, TX, and AZ
    Need backup space? Check out BackupDragon
  • lucast said: maxmind is a good example of tool to harm honests users

    And thereby harms the reputation of honest vendors.

  • You can always have a short conversation with your client and ask why that is being done. Perhaps his/her account is hacked and client have what idea that something wrong is taking place within his account.
    If that would be confirmed in some way that is a good idea to find a formal reason and politely stop providing the service for such client and send refund.

  • @risharde said:
    Next point is, not everyone has morals.... so... that is subjective. My opinion though is I wouldn't want to host anyone doing fraud simply for the moral stand point that I believe I should be the helping the world as opposed to making it worse (morals or my definition of it)

    customers are not paying for your moral input.

  • risharderisharde Member
    edited November 2015

    @Mark_R said:

    Oh please, spare me the authoritative comment. While you might be right for the majority of customers that is not the case for everyone. Some people purchase from reputable providers because they are reputable (and that sometimes means having some standard - whether you call it quality... whether its based on morals etc).

    And another case in point is that some providers do not allow for example "adult/porn" websites even when their network allows it simply because they have taken some sort of stance against perhaps what they believe?... Explain that then as well...

    And on a totally different angle, some people prefer to not sell blood diamonds, they're 'providers' as well... explain that too...

    BF/CM Grabs: 1-GeorgeDataCenter, 1-Netcup, 1-Avoro, 1-PHP-Friends, 1-Virtono, 1-AlphaVPS, 1-VirMach ($1/year!)
    Other VPS: 4-Virmachs

  • @risharde said:
    Oh please, spare me the authoritative comment. While you might be right for the majority of customers that is not the case for everyone. Some people purchase from reputable providers because they are reputable (and that sometimes means having some standard - whether you call it quality... whether its based on morals etc).

    And another case in point is that some providers do not allow for example "adult/porn" websites even when their network allows it simply because they have taken some sort of stance against perhaps what they believe?... Explain that then as well...

    And on a totally different angle, some people prefer to not sell blood diamonds, they're 'providers' as well... explain that too...

    Customer buys, you deliver the paid-for service/product, that's it. I believe that providers should not involve themselves into the customer's business unless a ToS/Law violation has been brought up to their attention. If providers start applying their morals in front of business then you will get as result privacy issues, where draw the line right? lets not go there.

    Thanked by 1GM2015
  • probably if you can make good intense communication with your customer, i think your worries can be minimalized, actually there will be good if you have real contact about your customer like twitter or facebook or maybe phone cells number, or residential id , national id card or something kind like that which can be proof if they are real customer.
    You know i'd like be more interested with provider who doing like this.. know your customer and we know reputation of provider i rented.

  • jarjar Provider
    edited November 2015

    @lucast said:

    For me, maxmind is a good example of tool to harm honests users (incompentence providers use as rule)

    Sometimes you do what you have to do to protect your customers. Remember, an abusive customer is not always just a problem for the provider, it can also be a problem for other users and the stability of their services. You owe it to your customers to protect the service. Maxmind is one tool that can assist with filtering orders according to risk factor. It is not an all knowing, always correct thing, but that doesn't mean it is without value.

    Often fraud prevention is not a first thought, but implemented as a direct result of actual events. For me, maxmind integration helped me stop a PayPal phishing ring from repeatedly utilizing my service, its implementation was 100% a reaction to that event and it resolved it.

    Thanked by 1postcd

    MagicSpam blackmails providers into buying their software, and ServerHub is a professional spam organization.

  • @Mark_R said:

    I agree with your last comment @Mark_R, don't get me wrong. This is why it is extremely tricky and I don't see a true formula to solve this once and for all. I tend to think of it like how I think about freedom - where do we draw the line - if one were to be truly be free, then one could commit murder (understand the seriousness involved) - where do we draw the line, how do we all agree where the line should be (impossible for all to agree on this). Not to stray, I agree with @jarland's points as well "Sometimes you do what you have to do to protect your customers." which sounds like a dynamic approach where one solution doesn't fit all and being adaptive and responsive is the best approach.

    BF/CM Grabs: 1-GeorgeDataCenter, 1-Netcup, 1-Avoro, 1-PHP-Friends, 1-Virtono, 1-AlphaVPS, 1-VirMach ($1/year!)
    Other VPS: 4-Virmachs

  • lucastlucast Member
    edited November 2015

    @jarland said:
    Often fraud prevention is not a first thought, but implemented as a direct result of actual events. For me, maxmind integration helped me stop a PayPal phishing ring from repeatedly utilizing my service, its implementation was 100% a reaction to that event and it resolved it.

    Thank you jarland for your opinion.
    But you think is a good pratice use maxmind to rule registers?
    You can mark some user as 'maxmind failed' and monitore this user.
    Example: I'm not a spammer or nothing like this but maxmind block me because I use vpn (my internet provider do traffic shapping).

  • yes, proxy is not evil thing but from my experience most proxy users do bad things on hosting. Some hosting provider simply decide he will rather miss some good customers instead of being directly faced by loads of fraudsters having instant, automatic access to the server. PS: Maxmind WHMCS settings can be tweaked regarding proxies, then its about which antifraud system you use.

    Thanked by 1lucast

    InternetLifeForum.com - hosting, webmaster forum

  • Maxmind

    I've been on the wrong end of 'marked as fraud' a few times, mainly due to me being in a different country than signup details or similar.

    Still, for providers I'm sure they'd prefer a few innocents getting stuck in the net rather than getting stuck with fraud that may eventually harm their payment processing facilities.

    The anti-fraud tools are fairly rudimentary but really, it's common sense and the discretion of the provider.

  • doghouchdoghouch Member
    edited November 2015

    @linuxthefish said:
    Cancel and refund, it's not worth being caught up in something like that

    Where I work at, we don't even give refunds when you commit fraud. It is a direct violation of the legal terms, which also includes this wonderful sentence: "... furthermore, if the customer violates any law of the U.S.A (the " United States Of America," the service/product will be terminated immediately with no prior notification unless we specify otherwise." :)

  • doghouch: yes, but we are talking about case when provider do not have proof

    InternetLifeForum.com - hosting, webmaster forum

  • linuxthefishlinuxthefish Member
    edited November 2015

    @doghouch said:
    Where I work at, we don't even give refunds when you commit fraud. It is a direct violation of the legal terms, which also includes this wonderful sentence: "... furthermore, if the customer violates any law of the U.S.A (the " United States Of America," the service/product will be terminated immediately with no prior notification unless we specify otherwise." :)

    Even in cases where the guy is clearly a spammer or whatever (fraudrecord record, asks for rdns), I just refund to avoid any disputes down the line...

    Better safe than sorry, especially when I can't prove anything. Of course someone who sends DoS attacks or a ton of spam does not get a refund!

  • KuJoeKuJoe Member, Provider

    lucast said: I'm not a spammer or nothing like this but maxmind block me because I use vpn (my internet provider do traffic shapping).

    Ouch! Your ISP shapes your traffic so much that you can't access a website that's a few hundred KB at most? I feel bad for you but it's still not a legitimate reason to order with a VPN IMO (if it's snowing outside my bank still doesn't let me withdraw money with a ski mask on).

    Thanked by 1NexHost
    -Joe @ SecureDragon - LEB's Powered by Wyvern in FL, CO, CA, IL, NJ, GA, OR, TX, and AZ
    Need backup space? Check out BackupDragon
  • @KuJoe said:
    Ouch! Your ISP shapes your traffic so much that you can't access a website that's a few hundred KB at most? I feel bad for you but it's still not a legitimate reason to order with a VPN IMO (if it's snowing outside my bank still doesn't let me withdraw money with a ski mask on).

    They'd probably call for... SECURITY!

  • WilliamWilliam Member, Provider
    edited November 2015

    KuJoe said: Ouch! Your ISP shapes your traffic so much that you can't access a website that's a few hundred KB at most? I feel bad for you but it's still not a legitimate reason to order with a VPN IMO (if it's snowing outside my bank still doesn't let me withdraw money with a ski mask on).

    Your site, among others, does not work in most Chinese networks. It is also unreachable from Iran and Afghanistan (ITC does not even resolve the DNS).

  • @KuJoe said:
    Ouch! Your ISP shapes your traffic so much that you can't access a website that's a few hundred KB at most? I feel bad for you but it's still not a legitimate reason to order with a VPN IMO (if it's snowing outside my bank still doesn't let me withdraw money with a ski mask on).

    Yeah, you are right, i disable openvpn when I will order something (well, sometimes I forget).
    I can understand if you use maxmind.
    I do not agree to use to control/rule your accounts/orders.

  • ceibaNetceibaNet Member, Provider

    avoiding scammers is always great, but suspicion is not good enough to take action against them, at least in my opinion. Innocent until proven guilty is a better way of running things than assigning guilt on some suspicious activity, being weird or suspicious isn't a crime

    laceibanetsociety // 24/7 English/Spanish Support // VPS, Resellers, Dedicated Servers NJ and Honduras Locations available

  • doghouch said: furthermore, if the customer violates any law of the U.S.A (the " United States Of America," the service/product will be terminated immediately with no prior notification unless we specify otherwise." :)

    That could be a real money maker. I assume that would include parking tickets as well as really evil things like conspiracy to jaywalk.

Sign In or Register to comment.