Brightball

Articles about Fraud

The Time I Accidentally Ended Up Combatting Fraud for a Year

Rails | Security | Email | DMARC | - February 10, 2023 // Barry

Lately, I’ve been spending a lot of time enjoying the Darknet Diaries podcast and it’s compelled me to finally share the entire story of the most intense year of my 20 year professional career. I was the sole developer hired by a company going through a circus-like ownership transition while criminals actively worked to defraud the 300,000 users of this 14 year old, high end marketplace.

We experienced late nights, numerous technical challenges, worked with abuse response teams, learned a lot of lessons about phishing and fraud, high emotions, death threats and at least one person lost a business that depended on the site. Here’s the story from start to finish, including how to prevent many of these problems on your own site. Buckle up.

Protecting Users from Phishing and Fraud Presentation

Security | Email | DMARC | DNS | - April 2, 2015 // Barry @ Upstate PHP

This presentation covers my experiences combatting phishing and fraud using DMARC and assorted other techniques in a large eBay-like platform for a niche market...when the site previously did everything over direct user email...for over a decade. Good times.