Search the Community
Showing results for tags 'fraud'.
Blesta Account Takeover Fraud Solution: Web hosting platforms are a treasure found for hackers and fraudsters because Blesta holds consumer’s sensitive data. Blesta manages web hosting control panel credentials, and customer personal billing data is a treasure for fraudsters. From Dark Web portals, fraudsters procure breached databases to perform the credential stuffing attack on Blesta. The accounts can also send authentic-seeming spam and phishing messages to consumers via the Blesta portal, and attackers gain access to different configured platforms such as cPanel, Direct Admin Panel, sensitive support tickets information, etc. AuthSafe talked with multiple web hosting company executives globally and what we found was in some ways expected but also surprising. At the same time, most of the web hosting business was not solving the problem of ATOs. Many were underestimating the amount and total cost of ATOs targeting their users. It is critical for executives of the Blesta to work together to suppress the threat of account takeover attacks. To solve this problem, we have released Blesta plugin to stop the account takeover frauds. AuthSafe Cognitive Engine Helps End-users, Protecting from Online Fraud Attacks. The cognitive engine’s model gets trained from end-users, separates good users & bad users, and provides real-time solutions to detect and prevent online fraud attacks. Blesta Credential stuffing detection: Most account takeovers today stem from credential stuffing, where an attacker rotates through lists of leaked credentials, probing for ones that work. AuthSafe identifies the source signature of an attack in real-time, blocking malicious login attempts even when the credentials were valid Blesta Rate Limits: We have implemented rate limits on authentication based on the velocity of requests. Bruteforce attack : A brute-force attack comprises any hacker submitting en number of credentials hoping to eventually gain access to the user account. AuthSafe restricts the number of attempts making it hard for the hacker to gain the account credentials. Fast Travel detection: This recognition detects two client activities during single or multiple sessions starting from geologically far-off areas within a select time frame more limited than the time it would have taken the client to go from the primary area to the second, showing that an alternate client or different person is utilizing the same credentials. Suspicious Behaviour : Every user has specific virtual behavior. Monitoring the user’s behavior is the key—any astounding blend of activities that haven’t been seen previously. AuthSafe instantly recognizes any suspicious or skeptical user activity such as flow constraint or multiple login attempts. This impedes any subsequent pursuits. IP Address Threat Profile: Before providing access to the users, IP threat profiling features ensure IP addresses do not pose high-risk IP addresses. AuthSafe detects TOR, Bad VPN, Bad ISPs, and datacenter IP addresses. More information can be found at AuthSafe. For Free installation support you can open ticket at email@example.com
FraudRecord Query Query client validity and trust via FraudRecord inside of Blesta. --------------------------------------- Links: More Info, Gallery & Readme: https://code-cats.com/blesta/fraudrecord/ Purchase: https://my.code-cats.com/order/config/index/blesta_plugins/?group_id=16&pricing_id=230 Download (After purchase, requires login): https://my.code-cats.com/plugin/download_manager/client_main/index/13/ --------------------------------------- Install the Plugin 1. Upload the source code to a /plugins/fraudrecord_query/ directory within your Blesta installation path. For example: /var/www/html/blesta/plugins/fraudrecord_query/ 3. Log in to your admin Blesta account and navigate to > Settings > Plugins 4. Find the FraudRecord Query plugin and click the "Install" button to install it 5. You're done! --------------------------------------- Images:
Hi, I notice that from version 4.2 there is no additional data about payment report. As you can see from this picture http://prntscr.com/i69phc there is no additional info about this client. I tried to use fraudlabs and maxmind and they have the same issue. How I can change the code and get old report page. Sometimes is important that I can check values from clients instantly instead log in and searching for that client inside frauldlabs or maxmind. I don't see a reason why this info disappears from fraud report. Any hint or clue how I can fix it will help me
From what I hear it's a good product, there was a user trying to make their own with a developer but I don't believe that happened: More information: https://siftscience.com/products/payment-fraud#features Integration API: https://siftscience.com/resources/guides