Tras los continuos ataques de usuarios fraude y quejas de operadores, os copio explicación de Ivan para evitarlos y que podéis usar para informar al OP.
THINGS TO CHECK IN ORDER TO AVOID FRAUD BOOKINGS:
CHECK USER REGISTRATIONS:
It is very recommendable to monitor the user registration from you back office OPERATIONS —->NOTIFICATIONS. Here you will see live user registrations. Pay close attention to:
1- Users registered with long strings of name including many numbers using gmail mainly:
2- Beware of emails registered with yandex.com domain
3- Pay attention in users with email created with temporary email address webs like https://temp-mail.org/en/change or https://www.1secmail.com/?login=1qfcn3dyho&domain=qiott.com
4- Pay special attention in users registered from IPS of countries that normallly do not belong to you target makets. Specially IPS from countries like United Stated, Russia, Mexico or Indonesia.
5- Other sign if fraud attack is that you see in minutes several users registered with similar patterns
WHAT TO DO IF WE DETECT A SUSPICIOUS USER:
We must open the user profile to check further data inserted:
1- Check the phone number (if inserted) to check if the country or area code matches de country or IP from where it was registered.
2- Check inf the country inserted matches the IP from where it was registered
If any of these 2 steps indicates discrepancies it increases the change of being a fraud user.
3- Check of google the supplied user data like the email address, phone number of names to see if there is a trace that could match and make veridic this user.
4- Chech what the user is trying to purchase, for this we can go to IDEAS & USERS —> IDEAS and in the filter option user the purchase attemps option
Here we can check to stored purchased attemps that the users of your microsite has been making. You can open the quotation and see what they where trying to buy. Normally fraud users will try to book services with immidiate check (same day or next day) and they will book 4 or 5 star hotels for one or 2 adult passengers. They can also book flighs for the same day or next day with the same patterns a normaly for routes in Indonesia or involving Mexican or Brazilian airports
SUSPICIONS CONFIRMED BEING A FRAUD USER, WHAT DO I DO:
We must deactivate the user. This will automatically unlog this user and no longer will be able to log in.
To do this open the users profile and deactivate it by clicking the bottom button BAN
Other feature is to block certain IP’s making these users enter inactivated. When a user registered from a blocked IP they will see a message that their user will require activation and they will receive an email once activated. You will receive an email informing about that user registration.
After verifying the information you can activate in form the user section of the back office. Please use the button SAVE AND SEND WELCOME EMAIL so the user received a notification of user being activated.
You can block IPS from our back office section MICROSITES —>DESTINATIONS under the MANUAL REGISTRATION OPTION.
The last feature that we have if to block certain services if the booking users is from a certain country of the user is booking services to or from a certain country.
If enabled, only flight bookings within any fraud risk country will not be booked with the providers. For the rest of the booking types, if all services are in a fraud risk country and the start of those services is within 21 day or less it will be considered fraud a none of the services of that booking will be made. Also, if contact person is from that country the booking will be considered fraud
These are the veryfications that we do with the microsites that we operate. We try to do this for all the microsites in the system, but in many occasions we do not know well the clients profile and market of each microsite, making these checks less accurate. It seems a lot of work, but with experienced agents it’s easu to stop fraud users from the notifications screen.