You might be familiar with the term “proxy”. From bad actors reselling proxy servers in forums to shady users buying them for illegal purposes, there’s much more to proxies than the need to stay anonymous while browsing online.
In this article, we talk about the good and the bad proxy network side, including notorious proxy crimes, malicious proxy examples, illegal underground proxy markets, reselling forums, web scraping, and of course, the role of identity verification.
What is a Proxy Server?
A proxy server is a gateway between a user and the internet. It acts as an intermediary and separates end users from the websites they visit.
When using a proxy, the traffic goes through the proxy server to the user’s requested address. That’s why the request returns to the same proxy, forwarding it and the data received to the user.
- Modern proxy servers provide a high level of functionality and do much more than forwarding users’ web requests.
- Good proxy servers provide not only much-needed privacy but also protection, preventing users from getting tangled in malicious cybercriminals’ traps.
A Brief History of Proxies
The concept of proxies goes back to the 1970s when internet networks were first introduced to the public. In the primary proxy days, internet users used them to cache frequently requested web pages and speed the access to content. But hey, the internet evolved, and so did proxies.
Here’s a quick timeline showing the evolution of proxies.
1990s: Internet users choose proxies as a way to control access to content in educational and corporate contexts. This helps restrict access to certain content and monitor internet activity.
2000s: People now recognize proxy servers as a new tool to protect their privacy. Anonymous proxy servers help users hide their IPs and encrypt internet traffic, making it hard to track their activities.
Present day: Users can now enjoy a wide range of proxy services, including as a way to protect themselves from cyber-attacks, content filtering, load balancing, or anonymizing internet activity.
So what’s with all the fuss around bad proxies, and why would a hacker use a proxy server?
Historically, hackers often used proxy networks built on malicious code. Victims would then be tricked into downloading the malware families on their PCs. Malware would then often lead to infected machine networks, known as botnets.
Once a user had been compromised, their computer would be used to infect others. Their IP address would be used as an additional tool in malicious proxy network activity. This cyberattack model has been around for years. Despite that, its success was affected by various security solutions, such as antivirus software.
Malicious Proxy Network Examples
Even though security experts have updated their knowledge of this type of service, attackers have advanced their techniques, expanding their range of fraudulent activities. Just check out the following examples of malicious proxy networks.
The VIP72 Case
One of the classic examples of now a no longer existing proxy network is VIP72. Its owner, a Russian-speaking hacker, was also notorious for creating an extremely dangerous trojan, Haxdoor, which was widely used by millions of cybercriminals.
VIP72 originally claimed to provide proxy network service, offering high-speed, anonymous proxies. However, the network has been associated with illegal activities and has been labeled as a “criminal proxy server”. The proxies provided by VIP72 were used to facilitate various forms of online crime, including fraud and identity theft.
Strategy: Once VIP72 obtained a critical number of victim computers, the proxy network was promoted in forums as a proxy service, where criminals started to share their intel on how to utilize the IP address service.
Outcome: The company sold access to its proxy network to criminal organizations, allowing them to carry out illegal activities. The company was linked to several botnets, which were used to launch distributed denial-of-service (DDoS) attacks to spread malware.
The Resnet Case
Resnet came into the proxy market in 2019, first positioning itself as a “bulletproof residential VPN service” network. Months later, news broke down about Resnet buying 70,000 IPv4 addresses. But there’s a twist. Apparently, more than 7000 of the purchased IP addresses belonged to AT&T Mobility.
Strategy: Simply put, Resnet illegally accessed IP address blocks from a host of mobile phone companies and used fraudulent tactics to flip the addresses, later upgrading to a wider service offering, including so-called sneakerbots. Using this proxy service helped customers purchase sneakers and pivot easier in the competitive trendy shoe market.
Outcome: After US law enforcement got involved in investigating Resnet’s shady activities, the business was shut down, closing the door on opportunities to fool people. At this point, AT&T was also in the wrong due to not doing their part on proper due diligence.
Illegal Proxy Resellers
Despite the previously mentioned proxy company fiascos, the modern proxy market is thriving, doubling as a safe haven for cybercriminals looking for tools to commit crimes. Some of these proxy networks are being utilized for illegal purposes.
Reselling has been a huge part of online forums where users buy proxy services from shady resellers. To this day, forums like Black Hat World (BHW), a hub for discussions on “black hat” techniques, are stuffed with never-ending ads for proxy networks.
Tips for Safer Proxy Purchases
Buying proxies on forums isn’t a crime, but it’s essential to be cautious before making a purchase. Users need to do their research if they want to stay away from fake or illegal proxy resellers:
- Look for reputable sellers. Some forums may be filled with reputable sellers who offer high-quality proxy servers, while others may have online criminals who sell low-quality or stolen proxy servers.
- Check reviews. It’s always a smart idea to check the feedback from other buyers before making a proxy purchase. Don’t forget to use a secure payment method as well.
For more details, check our guide on spotting fake companies and fraudulent websites.
Proxies and Web Scraping
Proxy servers are a huge part of web scraping because they help users mask their IP address while scraping data from various websites. Web scraping helps a wide variety of companies that depend on data harvesting.
Some popular examples include search engine bots that are designed to analyze a website’s content for ranking or deploying bots to fetch product prices on price comparison sites. Web scraping is often referred to as content scraping or data scraping.
There are other interesting proxy and web scraping use cases:
1. Web Scraping for Humanitarian Reasons
Believe it or not, proxies affect digital freedom, either by helping it or harming it. At least forty countries in the world have created special online censorship. That means people in such areas are denied access to foreign content.
Recently, WhatsApp, a popular messaging app, launched a new proxy support feature allowing its users to bypass online restrictions by enabling the app to use proxies as a way to access it for those countries where the app was previously banned.
Activists and sometimes those who want to escape propaganda use proxy networks or VPNs to escape these restrictions.
Non-profit organizations or journalists also use web scraping for research. They use proxy servers to enhance security, stay anonymous, and unfold important cases, such as the infamous story of America’s underground market for children.
Keep in mind: Repressive governments use proxies to reverse the cards, meaning they can reroute people’s internet traffic through a dedicated proxy server to censor content once again.
2. Web Scraping for Scamming Reasons
Scraped data is dangerous because it comes from legitimate resources. Paired with proxy servers, dangerous web scraping techniques help online criminals commit fraud since proxies help them hide their true identity and location.
Stolen information like this can easily fool the human eye and is dangerous for some entry-level AI algorithms.
When it comes to identities, one of the most popular fraudulent web scraping examples involves bots. They are used to scrape images and social media texts to create pseudo-authentic synthetic identities.
Keep in mind: Fraud related to proxies and web scraping often happens after the criminal reroutes communications to make them appear to be from other countries or locations, whereas scraped data comes from legitimate sources, at first glance, making fake accounts appear to be legitimate.
What Benefits Do Proxy Servers Provide for Companies?
Proxies minimize the chances of data breaches and other malicious activities that can negatively impact any organization. Consequently, using proxies helps businesses manage reputational risks easier.
How’s that possible? For example, if a bad actor is trying to breach a network, the proxy server will act as a defense, making the company less vulnerable
But enhanced security is not the only benefit that proxies bring to the business landscape:
Faster Speeds and Bandwidth Savings
Despite the popular misconception that proxy servers slow down the internet, in most cases, it’s quite the opposite. Proxy servers can save on bandwidth and increase internet speeds.
This is possible because proxies compress internet traffic, block ads, and cache websites accessed by multiple internet users. Since proxies help free up bandwidth, employees can browse the internet more efficiently.
Anonymous Web Presence
One of the most helpful proxy advantages is anonymity. For example, security officers or reporters use proxies to protect everything about their identities: clients, company data, and sources.
Proxy servers are perfect for shielding sensitive information, such as necessary company research. Using a proxy server will stop any potential spies who want to track employees and their activity.
Why Do Proxy Service Providers Need to Verify Your Identity?
If you’re asked to verify your identity before registering to a proxy site, take it as a good sign. Given the negative history around proxy networks, new, legitimate proxy businesses must ensure security and compliance with Know Your Customer (KYC) regulations.
That means each new customer must complete identity verification and prove that they aren’t using stolen credentials to access proxies and use them for criminal purposes.
There are three main reasons why proxy service providers use KYC:
Easier customer onboarding. Creating an account and accessing proxy services with identity verification typically takes a minute. Afterward, the personal details stay safe with the business, meaning that in case users forget their passwords, they can quickly authenticate their identity again and access the services.
Better fraud prevention. Identity verification ensures that the proxy company is protected and their customers’ data is safeguarded against account theft or identity theft. Additionally, digital, AI-powered ID verification methods spot malicious actors in real-time, eliminating the chances of fraud.
Zero legal issues. As an entity with money flow, proxy service providers must meet certain regulatory requirements to operate safely and transparently. By adding identity verification to the company’s security package, proxy providers ensure KYC compliance without worrying about hefty fines.
Identity Verification Tips for Proxy Networks
Like other businesses that sell legitimate services, illegal proxy service providers want to appeal to their audience, who show a strong interest in cybercriminal elements. Identity verification helps detect stolen proxies and bad actors who use this service to commit crimes.
But knowing that you need a robust identity verification solution is not enough. We added some tips to help you choose the right identity verification provider.
- Look for Custom-Tailored ID Verification
Personalizing your verification flow helps maximize security while reducing the chances of account takeover and chargeback fraud.
iDenfy’s solution: Depending on the risk level, iDenfy enables you to personalize the verification flow to restrict malicious proxies and block known bad actors who constantly try to pass the verification.
- Choose Fully-Automated ID verification
Effective risk management systems typically include AI-powered identity verification software. It’s efficient, helping proxy providers reduce human error and reduce customer onboarding time.
iDenfy’s solution: iDenfy’s end-to-end verification is backed up with human supervision, meaning that internal KYC experts double-check verification results to ensure complete accuracy and prevent stolen proxy resellers from onboarding.
- Go for Feature-Rich ID Verification
Identity verification can be paired with other fraud detection tools to help identify potentially malicious behavior. There are ways to track hackers who use proxy services to send viruses by scanning their IP reputation.
iDenfy’s solution: iDenfy’s single platform consists of multiple fraud prevention tools, including a security service that helps detect and block blacklisted spam IPs to protect proxy service providers from bad actors who can destroy their IP network’s reputation.
Malicious proxy networks are the go-to tools in the bad actors’ world. Cybercriminals use hijacked proxies to mask dangerous operations. To prevent them from taking advantage of proxy capabilities, proxy service providers can implement powerful identity verification and IP risk scoring services.
Read our case study to see how our ID verification can improve your proxy network’s security.
What’s the Difference Between a Proxy and a VPN?
Both proxy servers and virtual private networks (VPNs) help surf the internet securely, but people still tend to mix these terms.
Key don’ts to remember:
- Proxy servers don’t use encryption. Proxies use anonymous network IDs instead of customers’ IP addresses. They change the IP address, but they don’t encrypt the user’s online activities.
- VPNs don’t hide the IPs, except for some providers. Despite that, using encryption, VPNs hide the user’s overall web activity, including the website history.
Why Do You Need a Proxy Server?
Many internet users have heard of proxy servers, but some are still unaware of proxies and the real reasons behind their positive features. While you might think they’re only used to access geo-restricted resources, there’s much more to a single proxy server.
There are several reasons why users and businesses might need a proxy server:
1. To stop malware
Proxy servers are an essential part of cybersecurity and can be used to filter malware-hosting websites. Users can block spyware and malware when browsing online with proxies to avoid infecting their networks. In other words, a proxy can stop traffic that appears to come from malicious sources, which benefits businesses and individuals.
2. To monitor internet usage
Companies can use proxy servers to log all web requests to determine how much time their employees spend browsing. Additionally, proxies enable businesses to deny access to websites and restrain their employees from accessing specific information. Parents also use this method to safeguard their children from viewing adult-oriented content.
3. To access restricted resources
Proxy servers help users get access to websites despite government or business restrictions. Similar to VPNs, proxies make it look like you’re based in a certain area when you actually live elsewhere. That’s why even though some governments monitor internet activity, proxy servers remove the created censorship.
Get a free identity verification demo here.