Proxy detection lookup tools and Tor connections are valuable tools for internet users to mask their online identity. However, fraudsters can use them to commit costly and sophisticated abuse such as chargebacks, fake accounts, or click fraud. Fortunately, CHEQ’s proxy detection lookup tool can help businesses detect these connections and take proactive action to prevent fraud by blocking or redirecting the user.
The most obvious sign of a proxy connection is when an IP address matches multiple different locations. But other indicators such as the timezone of the browser vs. the IP timezone comparison, if the IP is using an open port (especially 22 or 3128), or if Chrome is configured to use WebRTC – all of which can be found in header HTTP requests – can also indicate proxy usage. In addition, well-known proxies will leave open ports which can be detected through DNS lookups and by observing traffic patterns.
How to Stop Fake Users from Registering on Your Website
The best way to catch users behind a proxy is to integrate an API that does real-time IP reputation lookups upon user actions like submitting a form, transaction, or click. This API can enrich any IP address with risk data that can identify residential proxies, private VPN networks, Tor nodes, and other malicious or high risk activity. Using this data in conjunction with other detection techniques such as OS, browser, and connection type, companies can catch the majority of fraudulent activity that could otherwise be missed.