How to Detect a Web Proxy
Using a web proxy (Anonymous IP) is the
simplest and easiest way to conceal the real IP address of an Internet
user and maintain the online privacy. However, proxies are more
widely used by online fraudsters to hide their
actual geolocation such as a city/country through a spoofed IP
address.
As the fraudsters are now becoming more sophisticated
in bypassing the geolocation controls by using a proxy server, it has become
very much necessary to come up with a means for detecting web proxies, so that the authenticity of the users can be verified.
Following are some of the examples where the fraudsters use a web proxy to
hide their actual IP address:
·
Credit
Card Frauds
For example, say a
Nigerian fraudster tries to purchase goods online with a stolen credit card for
which the billing address is associated with New York. Most credit card merchants
use geolocation to block orders from countries like Nigeria and other high
risk countries.
So, in order to bypass
this restriction, the credit card fraudster uses a proxy to spoof his IP
address so that, it appears to have come from New York. The IP address location
appears to be a legitimate one as it belongs to the the same city as that of
the billing address. In this case, a proxy check would be needed to flag this
order.
·
Bypass
Website Country Restrictions
Some website services
are restricted to users form only a selected list of countries. For example, a
paid survey may be restricted only to countries like United States and Canada.
So, a user from say China may use a proxy so as to make his IP appear to have
come from United States so that he/she can earn from participating in the paid
survey.
Proxy Detection
Services:
In order to stop such online frauds, Proxy
Detection has become
a critical component. Today, most of the companies, credit card merchants and
websites that deal with e-commerce transactions make use of Proxy
Detection Services like MaxMind and FraudLabs to detect the usage of proxy or spoofed IP
from users participating online.
Proxy Detection web services allow instant
detection of anonymous IP addresses. Even though the use of proxy address by
users is not a direct indication of fraudulent behaviour, it can often indicate
the intention of the user to hide his or her real IP. In fact, some of the most
used ISPs like AOL and MSN are forms of proxies and are used by both good and
bad consumers.
How Proxy Detection
Works?
Proxy detection services often rely on IP
addresses to determine whether or not the IP is a proxy. Merchants can obtain
the IP address of the users from the HTTP header on the order that comes into
their website. This IP address is sent to the proxy detecting service in real
time to confirm its authenticity.
The proxy detection services on the other hand
compare this IP against a known list of flagged IPs that belong to
proxy services. If the IP is not on the list then it is authenticated and the
confirmation is sent back to the merchant. Otherwise it is reported to be a
suspected proxy. These proxy detection services work continuously to grab a
list or range of IPs that are commonly used for proxy services. With this, it
would be possible to tell whether or not a given IP address is a proxy or
spoofed IP.
How to Check whether a
given IP is Real or a Proxy?
There are a few free sites that help you
determine whether or not a given IP is hiding behind a proxy. You can use free
services like WhatisMyIPAddress to detect IP addresses that are hiding behind
a proxy. Just enter the suspected IP in the field and click on “Lookup IP
Address” button to check the IP address. If it is a suspected proxy then you
will see the results something as follows.
