Category: TECH

Residential Proxy Fraud DetectionResidential Proxy Fraud Detection


Residential proxies are used by fraudsters to commit a wide variety of offenses such as chargebacks, click/ad fraud, free trial abuse, account creation/duplicates, and other fraudulent activities that negatively impact businesses across industries. These proxy IP addresses are often difficult to detect compared to data center or other fraudulent connections because they appear more legitimate. In fact, fraudsters have found a way to circumvent detection and ad verification systems that only use ASN inspection by collaborating with hosting providers willing to announce their residential proxy IP addresses directly on common residential networks, enabling them to appear more authentic.

How do residential IPs work?

Residential proxy fraud detection is a critical step in preventing fraud from occurring online. To successfully detect these nefarious IPs, a business needs to ensure its fraud detection system uses both ASN and device fingerprinting to effectively identify the threat. Additionally, a business should monitor the rate of false negatives (i.e., genuine residential IPs incorrectly classified as fraudulent) to understand how well its fraud detection solution is working.

Using stolen or fake credentials to access residential IP addresses is another common method of committing residential proxy fraud. Fraudsters acquire these addresses through phishing, cracking, or malware to gain access to the private network of a legitimate Internet user. From there, they can then use these forged credentials to bypass a website’s security measures or engage in other illegal activities.

Lastly, fraudsters can also use these forged credentials to manage multiple social media accounts and seller accounts on marketplaces like eBay and Amazon. To do so, they must connect to a backconnect server that hosts thousands or millions of IPs from various countries and ISPs. These spoofed IPs are much harder to detect than genuine residential IP addresses and are typically associated with ISPs such as Comcast, AT&T, or Verizon.