#jaked-trial-fraud

Hello 👋
hmm interesting question
let me think

Here is an examle customer: cus_LchDfFwh93bUpH

So this customer did not get caught by the setup intent failing... they were able to successfully create an account.. used our system to send scam messages and once we identified them we of course cancelled their subscription but that doesn't inform radar to get better

We have been adding some additional rules to radar today to try and curb the amount of scammers signing up... but not sure what else to add to reduce the signups

still thinking

I don't know tbh
Let me ask a colleague

thx... ive added more rules today but not sure how to best create some coverage here

Hi there 👋 taking over for @crisp terrace . Give me a few minutes to get caught up

Can I ask: how are they scamming? Do you know if it's one person or multiple? Are all the requests coming from the same IP address?

hey sry.. was away

not sure how to find IP on trial.. usually i see that on payment

The difficulty seems to be that the fraud is occurring with little-to-no interaction with Stripe. I would take a look at all the accounts in aggregate and look for commonalities. Are they all using the same cards to create the subscriptions? Do they appear to be created programmatically or manually? If programmatically, are you implementing a RECAPTCHA and/or other security measures during your account registration flow?

yeah we have recaptcha

yeah they are doing it manually

If it's really bad, you could consider implementing a $1.00 charge on new trials, so that you can check the IP address and add it to the Radar blocklist

yeah i need to dig in more i guess.. thx for the ideas