Sunday, September 17, 2006

Operation Scarlet Letter

The only problem with having multiple projects as an ISV is that some of them will always get the short end of the stick in terms of your attention. Sometimes this is OK, it helps prevent feature bloat, and it lets you devote more time to new ventures. In my case, my oldest project Used Cars On-Line had been on my back burner. The last redesign was 3 years ago, and it still used old ASP. Despite the site having a significant POTENTIAL technology advantage over the competitors (since it's just me in the company!) the tech of the site had lagged behind the times. So I have began a major redesign that I will share over the coming month.

I looked at two of the biggest problems, 1) Usefulness of site to buyers and sellers. I'll get back to this point in another post, but the main point of today's post is the #2 problem. Scamsters.

If you put up a classified ad anywhere on the Internet, you will get bombarded by scams, especially with used cars. You would think the scams are obvious enough that most people are aware of them now, but my audience consists of a very diverse group of people who may not be that tech savvy. I was constantly getting angry emails from people that had been scammed or were wasting their time interacting with scamsters.

A couple of years ago, my solution was to log every IP address, watch for patterns, and then block the IP range at the firewall. I noticed trends like anything from Nigeria was usually a scam, so I blocked entire parts of Africa and Asia. After all, my site is targeted only to US customers. Unfortunately, this STILL didn't solve the problem. The scamsters began using AOL IP's or USA based proxies or satellite providers... so they still got through. And later I found that parts of Australia and Japan have been blocked too!

So now everything is unblocked. But how to stop the scams? My solution is what I call the "Scarlet Letter" approach. Every initial email to a customer must now go through my system. When that happens, an IP and email used are logged. The header of the email to the customer contains a link to report the buyer as a scammer. If a report is filed, that IP and email are flagged. If either is detected sending an email again, a cookie is set on the scamsters computer, and a warning attaches all emails he sends alerting the customer to be especially careful of a scam. So to get around this scam detection now, a scamster must change their email, their IP, AND clear their cookies between each contact. I think this will be enough to prevent most scamsters from circumventing the system. I'm also going to copy myself on most emails for the time being to see if I can detect enough trends to perhaps add a bayesian filter to help the process. I'll also be flagging scamsters myself.

Anyone see any problems with this approach that I may be missing?


Post a Comment

<< Home