undefined | Better HN

0 pointsmasklinn3y ago0 comments

The question is one of ratio, and false positives versus false negatives.

If 90% of tutanota-orginated emails are fraudulent, tutanota is an excellent fraud indicator, even though it will block legitimate emails.

If 10% of gmail-originated emails are fraudulent, gmail is a terrible fraud indicator, even though it will let fraudulent emails pass through, possibly more than the count of fraudulent emails coming from tutanota.

0 comments

newaccount743y ago

But if you block Tutanota the fraudsters will just switch to Gmail, and all you accomplished is that you inconvenienced legit Tutanota users.

I wonder why so many companies drag their feet when implementing actually useful anti-fraud measures (like supporting Verified-by-Visa) and instead block random email providers.

schappim3y ago

> drag their feet when implementing actually useful anti-fraud measures (like supporting Verified-by-Visa)

Most ecommerce merchants are non-technical, and utilise 3rd party platforms (Shopify, Bigcommerce etc) that in combination with their Payment Gateway don't support these systems.

I can safely say that every order my business has received with a Tutanota address has turned out to be fraud. It is a really strong indicator for a fraudulent transaction.

There are many other signals, but for some reason this is a really strong one.

We see a similar trend with Aleeas, and Simplelogin.

We still get fraud from Gmail and Outlook addresses, but it is picked up using other indicators, IP, IP owner, Shipping Address, phone number reachability, carrier, Payment Methods, name, useragent, "for lease" or "for sale" status of the delivery address etc etc...

masklinnOP3y ago

> But if you block Tutanota the fraudsters will just switch to Gmail

Yet for some reason they're not already using gmail, meaning as far as frausters are concerned there is a benefit to using tutanota.

> and all you accomplished is that you inconvenienced legit Tutanota users.

No what you've accomplished is reduce tutanota fraud to 0, and inconvenienced frausters.

newaccount743y ago

> reduce tutanota fraud to 0

But that is hardly relevant.

The question is, does blocking Tutanota reduce total fraud, or does it just make fraudsters to move to a different email hoster and you end up with the same total fraud?

1 more reply

j / k navigate · click thread line to collapse

0 comments

newaccount743y ago

But if you block Tutanota the fraudsters will just switch to Gmail, and all you accomplished is that you inconvenienced legit Tutanota users.

I wonder why so many companies drag their feet when implementing actually useful anti-fraud measures (like supporting Verified-by-Visa) and instead block random email providers.

schappim3y ago

> drag their feet when implementing actually useful anti-fraud measures (like supporting Verified-by-Visa)

Most ecommerce merchants are non-technical, and utilise 3rd party platforms (Shopify, Bigcommerce etc) that in combination with their Payment Gateway don't support these systems.

I can safely say that every order my business has received with a Tutanota address has turned out to be fraud. It is a really strong indicator for a fraudulent transaction.

There are many other signals, but for some reason this is a really strong one.

We see a similar trend with Aleeas, and Simplelogin.

masklinnOP3y ago

> But if you block Tutanota the fraudsters will just switch to Gmail

Yet for some reason they're not already using gmail, meaning as far as frausters are concerned there is a benefit to using tutanota.

> and all you accomplished is that you inconvenienced legit Tutanota users.

No what you've accomplished is reduce tutanota fraud to 0, and inconvenienced frausters.

newaccount743y ago

> reduce tutanota fraud to 0

But that is hardly relevant.

The question is, does blocking Tutanota reduce total fraud, or does it just make fraudsters to move to a different email hoster and you end up with the same total fraud?

1 more reply

j / k navigate · click thread line to collapse