In It’s a fraud, fraud, fraud, fraud world, my ISP, DreamHost, gives a shocking statistic:
Nowadays, about 20% of our daily sign ups are with stolen credit cards (or stolen paypal accounts), and are for the express purpose of spamming, conning, storing ‘warez’, or cracking (our system or somebody else’s).
DreamHost is responding by using spamassassin-like techniques to weed out the bad guys; it claims under 1% false positives, and false negatives, and says another 2% fall into a gray area that get flagged for — error-prone — manual review.
20% of accounts are fraudsters; Fraudinator test is 99% accurate, with 2% grey area.
Well, we don’t know how many daily signups DreamHost gets, say 1000 (if I am wrong, substidute ‘hourly’ or ‘weekly’ for daily as appropriate). That works out to 800 legit signups and 200 fraudulent ones (I am ignoring the 2% grey area for now).
Which also means that every day (or hour or week, depending) DreamHost are rejecting 8 legit signups, and 198 fraudulent ones. Which means that just over 4% of those rejected are not fraudulent. Furhtermore, that amounts to 0.8% of all signups being falsely rejected (and perhaps more, depending on what DreamHost does when it detects a fraudulent attempted signup).
Quite high odds, I would have thought.