HackerTrans
トップ新着トレンドコメント過去質問紹介求人

caydenm

no profile record

投稿

Revolut Customers Are Temporary

upollo.ai
1 ポイント·投稿者 caydenm·昨年·0 コメント

Ask HN: Benchmarks for models other than LLMs

5 ポイント·投稿者 caydenm·2 年前·1 コメント

B2B Businesses are copying Netflix's tactics and it's paying off

upollo.ai
3 ポイント·投稿者 caydenm·2 年前·0 コメント

[untitled]

1 ポイント·投稿者 caydenm·2 年前·0 コメント

10 Second Teleportation

upollo.ai
117 ポイント·投稿者 caydenm·2 年前·66 コメント

Basics of Measuring Churn In $ – Grr, NRR and NDR

upollo.ai
1 ポイント·投稿者 caydenm·3 年前·0 コメント

Experts Guide to Lead Scoring

upollo.ai
1 ポイント·投稿者 caydenm·3 年前·0 コメント

Making product friends and influencing the roadmap

upollo.ai
3 ポイント·投稿者 caydenm·3 年前·1 コメント

Visualizing Account Sharing

upollo.ai
3 ポイント·投稿者 caydenm·3 年前·1 コメント

How companies like Linear and Miro design for team growth

upollo.ai
2 ポイント·投稿者 caydenm·3 年前·3 コメント

How we discovered and dealt with someone impersonating our company

upollo.ai
5 ポイント·投稿者 caydenm·3 年前·1 コメント

Show HN: Free Segment company data enrichment

upollo.ai
2 ポイント·投稿者 caydenm·3 年前·1 コメント

Ask HN: Why doesn't Stripe allow you to get BIN numbers?

1 ポイント·投稿者 caydenm·3 年前·3 コメント

How Dropbox grew their business tier by finding hidden B2B users

indiehackers.com
1 ポイント·投稿者 caydenm·3 年前·0 コメント

Terraform changes pricing model, updates plans

hashicorp.com
3 ポイント·投稿者 caydenm·3 年前·1 コメント

What we can learn about password sharing from Netflix's earnings

upollo.ai
2 ポイント·投稿者 caydenm·3 年前·6 コメント

What businesses can learn from Netflix’s account sharing plan

smartcompany.com.au
1 ポイント·投稿者 caydenm·3 年前·0 コメント

Falsehoods programmers believe about signup pages

upollo.ai
1 ポイント·投稿者 caydenm·4 年前·7 コメント

Ask HN: What do you wish you knew about your customers/users?

1 ポイント·投稿者 caydenm·4 年前·0 コメント

New car delivery times trending down, still over 150 days

pricemycar.com.au
5 ポイント·投稿者 caydenm·4 年前·0 コメント

コメント

caydenm
·昨年·議論
I was referring to generated or disposable card numbers rather than stolen. maybe that is the confusion?

An concrete examples of converting a user using these types of cards for free trial abuse is a user who signed up 8 week in a row using different emails, names, IPs and cards. Nudging of these users was enabled and on trying to sign up for their 9th trial they immediately switched back to their original account and converted at full price.
caydenm
·昨年·議論
100%! This was easy and now it is frustrating to get to the thing they want, the service, and the easiest route is to pay.
caydenm
·昨年·議論
There are obviously people who are doing free trial abuse for commercial gain eg. Signing up 1k accounts to get test credit cards or to resell accounts. They are not going to convert (although sometimes you can successfully convert them into affiliates)

We have seen individuals just trying to get free accounts week after week, who when nudged once pay immediately thousands of dollars even after using fake, stolen or empty cards.

These individuals think they are being cheeky and when they are 'caught' they revert to doing the right thing.
caydenm
·昨年·議論
Free tier and free trial abuse is a huge problem, but also a huge opportunity.

We have seen customers where free tier abusers created 80k+ accounts in a day and cost millions of dollars. We have also seen businesses, like Oddsjam add significant revenue by prompting abusers to pay.

The phycology of abuse is also quite interesting, where even what appears to be serious abusers (think fake credit cards, new email accounts etc.) will refuse a discount and pay full price if they feel they 'got caught'
caydenm
·2 年前·議論
OP here, I was trying to say that these pages were behind an authwall and loading with userids from a specific user but without any of their cookies to support that auth.

This led us to believe this page was MitM rather than crawled directly (as they would not be able to impersonate the user)
caydenm
·2 年前·議論
This looks exactly like it!! Nice find!
caydenm
·2 年前·議論
Josh on our team is so happy people discovered and liked his easter egg!
caydenm
·2 年前·議論
Browser extension is what we originally thought for exactly the same reasons you did. We started to see some requests show up from iOS devices which didn't support extensions so that made us think MitM corporate proxies.

The diversity of cloud networks looks to be due to these being deployed by individual institutions (eg. universities, corporations etc.) rather than only run from Palo Alto Network's data centers.

We also saw slightly different configurations with different browser versions, but with the same pattern of behaviour.
caydenm
·2 年前·議論
That was on my list of candidates as well! Those usually have a specific user agent making it clear what they are, they appear from a companies netblock (eg. Facebook, Microsoft) and cannot access authed pages (unless the key is in the url).

In this case these appeared to be all MitM'ed pages from a security device since the key wasn't in the url and it contained userids for a specific user.
caydenm
·2 年前·議論
Exactly! Our library is embedding in these pages and similar to Segment or other analytics tools will get told information about user events from that state. Sometimes that state is stored in the page that is sent over the wire (eg. userid) and as such we get a request saying a particular user is on the other side of the world.
caydenm
·2 年前·議論
It appears this is to find threats that might have no otherwise triggered or work out is particular sites are dangerous without monitoring a users machine.

It is scary that for people in a corporate environment this could be rendering banking, messaging or any other pages contents.
caydenm
·2 年前·議論
I thought I messed it up! I had no idea this was a thing.
caydenm
·3 年前·議論
The strength of a referral, the proximity and seniority of the referrer and role fit all come into play.

A strong referral by a knowledgeable person often skips that person to the front of interview queue. I have hired a number of people based on referrals from team members, VCs and previous coworkers.

Many referral systems have a how good do you think this personal really is field and often an option for "I don't know this person that well I am just referring them to say I did".

If you are asking for a referral, make it as easy as possible for the referer to make you look great. They probably don't remember all your awesome work like you do, so make sure you give them simple impactful points.
caydenm
·3 年前·議論
I have spent most of my career as a product person before becoming a founder and one of the things I saw was a disconnect between sales and product.

The right feedback wasn't getting to product, so the right problems weren't getting solved and sales and customer success teams weren't feeling heard or empowered to get things fixed.

I wrote this as a bit of a guide on how I have solved these problems in the past and hopefully it will help others do so too.

Found something that works well? I would love to hear about it
caydenm
·3 年前·議論
We are excited to share some rare behind the scenes from some of the tooling we use to evaluate account sharing.

Happy to answer any questions
caydenm
·3 年前·議論
https://www.datocms-assets.com/65181/1662686325-iconiq-analy...

Is the correct one. I will fix in the original, Thanks!
caydenm
·3 年前·議論
One thing this article doesn't mention is that if you start with a 'single-player' environment it can be hard to get people to change to 'multi-player'.

Not only because of habits, but also because people have set it up just for them and they feel they need to tidy it or make it good enough to share with others.

Having a very clear delimitation between what is a persons and what is a teams/organization is really important when moving from single -> multi.

I would love to hear what things people have found worked really well too!
caydenm
·3 年前·議論
Yesterday someone tried to impersonate my company, Upollo. They cloned our site, had an upollo.tld domain and had also signed up for services under our business name.

I wanted to share how we dealt with it as apparently this is happening to a lot of companies and there isn't a good guide on how to deal with it.
caydenm
·3 年前·議論
You can also see details on Segment here: https://segment.com/docs/connections/destinations/catalog/ac...
caydenm
·3 年前·議論
Thanks for the quick reply Sam! We use them for purposes outside of fraud. Happy to chat more about our use case if that helps.

I was hoping there was a private API to support access?