Hacker News new | ask | show | jobs
by vanviegen 1418 days ago
For our dating site, which of course has to deal with many prinses, Nigerian or otherwise, when we manually verified an account to be a scammer, we reject logins with a message stating that the IP address has been blocked. Scammers will usually go through all of their VPNs/bots in order to try to login, allowing our system to flag them all.

We'll manually review all accounts that use (more than one of) those ip addresses. Works like a charm! :-)
5 comments
mrtksn 1418 days ago
> when we manually verified an account to be a scammer

This makes all the difference with other services that block out users only to let them guess why they were blocked.

If an automated system did that, I would have said it's evil. Yet, I hope you have a communication channel in case there was a human error.

link
jjoonathan 1418 days ago
Yes, although I would add an attention threshold too, as it's not entirely unknown for hired manual review to just spam the "guilty" button so they can get to lunch. In any case: your false positive rate needs to be massively low if you want to be a massive asshole to the people it flags -- or else you are just an asshole.

If you can afford to get the FPR down, sure, have fun, but if not, please have the decency to not pretend.

link
leshenka 1418 days ago
You can implement a jury trial system - have a pool of moderators, select a few at random and have them look at the account, only flagging it if there is a consensus that it’s a scam account
link
SQueeeeeL 1417 days ago
That scale doesn't really work for small startups
link
vanviegen 1418 days ago
Admittedly, there is the occasional false positive. For such cases, we display an email address right underneath the error message. Scammers rarely dare to complain, and when they do, they are usually not very convincing.
link
jjoonathan 1417 days ago
These humane touches make all the difference. Thanks for taking the time.
link
efitz 1418 days ago
That is truly evil. I love it!
link
bradknowles 1416 days ago
So, the problem I see here is when spammers abuse someone else's machine to conduct activity like this, and all those random people get their IP addresses blocked by your system.

And how would the legitimate owner of that IP address ever know how to contact you to get removed from your blacklist?

link
vanviegen 1414 days ago
No, the IP addresses won't be blocked, but the accounts will be reviewed.

Legitimate users would be able to contact us using the email address that is shown right underneath the error message.

link
Chilinot 1418 days ago
That's a really smart idea!
link
brightball 1418 days ago
That is genius
link