The anti-fraud playbook — stop bleeding 3% of revenue to scammers

(1) Card testers: bots try 50-500 stolen cards via small $5 deposits to find live ones — your gateway eats the auth fees. (2) Refund abusers: legitimate-looking buyers order, claim non-delivery, demand refund while keeping the delivered followers. (3) Chargeback rings: coordinated buyers deposit $200+ via stolen cards, withdraw to a child panel or via service orders, then issue chargebacks 30-90 days later. Combined, these eat 2-4% of unprotected GMV.

Enable in PerfectPanel admin: 3DS-mandatory on cards, $5 deposit minimum (kills 80% of card testers), $200 cap on first-week deposits, country blocklist for top-5 fraud origins (varies — check Stripe Radar's monthly report), 24-hour cooldown between first deposit and first service order, IP velocity limit (max 3 accounts per IP per 24h), email domain blocklist (disposable email services), BIN blocker for known-fraudulent issuing banks.

Card testing has a signature: many low-value attempts in a short window. Set: max 5 deposit attempts per email per hour, max 3 failed attempts per IP per hour, auto-flag accounts that try 3+ different cards in 24h for manual review. PerfectPanel exposes all of these in admin → Security → Velocity. Combined drop in card-test attempts: typically 95%+.

Refund abusers exploit refill claims. Defense: require screenshot evidence of any 'didn't deliver' claim, auto-deny refill requests on services older than the service's stated refill window (PerfectPanel handles this), and never refund cash — only credit. Cash refunds are the chargeback prelude; credit refunds keep buyers in your ecosystem and break the fraud cycle.

Coordinated chargebacks are the worst because they hit 30-90 days after deposit and Stripe's chargeback fee ($15) often exceeds the deposit. Defense: 24-hour first-withdrawal hold (gives you time to detect patterns), monthly chargeback report review (look for clusters by IP, email pattern, or referrer), and proactive evidence collection — log every IP, user agent, and order with screenshots. When you fight a chargeback with 8 pieces of evidence, you win 60%+. Without evidence, you win <10%.

A 3-day fraud spike usually means you've been added to a fraudster forum. Response: temporarily raise minimum deposit to $20 (kills $5 testing economics), enable manual review for all deposits over $100 from new accounts, switch from auto-approval to 2-hour delay on services with high refund-claim rates. Revert in 5-7 days once the forum traffic dies.