Fight registration fraud and high risk transactions.

Using Zapier, it is easy to integrate E-HAWK lead analysis and scoring into your Hubspot CRM and lead capture pages.

Just follow this simple guide and automate lead scoring in Hubspot.

March 29th, 2019

Posted In: General News, Plug-ins

Today’s 4.25 release has new tests and analysis focused on email and, name, and IP. Additional testing includes:

  • email (moving periods, two first names, accept all and role based email addresses)
  • name (suspect and junk names, two first names)
  • IP: Fast Flux Networks

Also added are Activity Unique testing for Email <-> Name combinations.

Let us know if you have any questions.

January 17th, 2018

Posted In: General News, Releases and Updates


We just launched a Zap!

Zapier connects the E-HAWK vetting service to hundreds of other online services such as Google Sheets, Salesforce, MailChimp, Slack, Wufoo, and more. Using the E-HAWK Zapier Connector, you can automate all kinds of workflow including:

  • vetting each new lead added to a Google Sheet
  • checking Wufoo form entries for verification or fraudsters
  • getting lead ranking scores for Salesforce and CRM web leads

The E-HAWK Zap is currently available via invite only, so send an email to support@e-hawk.net to get access.


March 24th, 2016

Posted In: General News, Plug-ins, Vetting-API

Happy to announce that version 2.25 is released. This major release adds: risk reasons to the vet response and portal results, ability to ‘hold’ activity incidents, community fingerprint scoring, and more. Read below to learn about the new features and how to use them to optimize performance.

Version 2.25 – New Features

Risk Details Returned Within the JSON Response
Subscription customers can now get risk hit information as part of the JSON response. The new details area lists all major issues such as anonymous proxy, bots, spam blacklists, disposable emails, parked domains, geo issues, activity hits, fingerprint risks, and community reasons like fraud and phishing… empowering your organization to quickly identify specific risks and take immediate action.

As an example, if the IP score is -180, you can now see that it is linked to a bot, proxy, and on a spam blacklist:

"details": {
 "ip": {
 "score_details": [
 "Spam Blacklist"

Risk Details and Advanced Search in Portal
The Vet tab in the portal now supports searching for any input value such as IP, email, domain, phone, fingerprint, etc.

After a search, clicking on any row will show an information block listing all the areas, values, scores, and risk reasons. In the example below, the email is disposable, the phone fake, the IP is very high risk, and the geo-location data-points do not match up (IP from Asia and location from NY).


Clicking on a key value in this block, such as IP, will re-run the search for all vets using that IP, giving you instant insight to others who are accessing your system from the same IP. If you drop the last digits from the IP you can search for all vets with a specific IP block too.

This powerful search can be used to quickly find users with similar IPs, fingerprints, domains, email domains, and other input data.

If you would like to call the portal results page from your web app, just setup a link to: https://portal.e-hawk.net/vet/search?search_keyword=XXXX

Read the new Portal Help Guide.

Adding to Community and Feedback

Within the portal, it is now easy to provide user data to the community database. Just click on the Vet tab, enter search data such as an IP, email, domain, or fingerprint. Then click on a row of the result set to view details.

To the right of the vet information, select a reason under Add to Community and the data will immediately impact your following vets.


Fingerprint Community Scoring
Fingerprints that are part of the community database will now be scored for vets with matching device fingerprints under the Community scoring area. This is in addition to the standard fingerprint scoring. If you have a known fingerprint of a phisher, add it to the community using Feed-API calls and tag all future vets.

IP Geo Details Within JSON Response
As part of the new details area of the JSON, we now return city, country, and time zone of the IP, making it easy for you to modify workflow based on location and country risks.

"city": "Delhi",
"country": "India",
"timezone": "Asia",

Activity Incidents – New ‘Hold’ Status

The Activity Report lists all incidents tagged by our activity monitor during the last ten days. To the right of each incident are buttons: Correct to verify the incident as a bad actor, False to mark as incorrect (remove from scoring), and Hold to not score until marked correct or false. This report should be checked often because many times the first items in the incident are marked as low risk (no bad pattern yet), and the later ones are marked as high risk. If the incident is Correct, then make sure to take action on all items in the incident. Read the new Portal Help Guide.

Updated Materials and Guides
API Support Guide
FEED-API Support Guide
Portal Help Guide

November 13th, 2014

Posted In: General News, Releases and Updates

We have added over 1 million proxy servers to our internal database as well as incorporated some 3rd party proxy detection listings for both anonymous and transparent proxy detection. In addition, private IPs as well as IPs with no geo information will be marked as having some risk.

Our live feeds keep our information fresh and this should improve our proxy detection and fraud analysis.

November 8th, 2014

Posted In: General News, Vetting-API


We have always believed that leveraging community information on known spam offenders, bots, phishers, and cyber criminals gives our customers the best chance for rapid identification and stopping bad actors from being able to inflict damage on multiple organizations.  We built our service with enhanced data sharing with the goal of providing significant improvement of detection for all involved. And in a strong and successful community, it is important to give some and hopefully get more in return.

The data so far is very exciting and illustrates the power of shared intel on bad actors.

Screen Shot 2014-05-15 at 8.55.26 AM


The results so far:

  • 38% of hits come from data that was submitted by the same company, i.e. company A submits information on a bad IP and later that IP tried to sign-up again with company A.
  • 61% of hits come from other companies, i.e. Company A submits information on a bad IP and later that IP tried to sign-up again with company B, C, or D. This means that for every 1 data item a company adds to the pooled data, they get 2x in return from the others in the community.
  • 85% of hits are incremental, meaning that 85% of the registrations tagged as very high risk are from community data only. The IP is clean, not listed on any blacklists, the email has no other bad history, etc.

Overall these results are very promising and show the power of community. By sharing intel anonymously and securely, we are making it harder for bad actors to inflict damage on multiple organizations.

May 15th, 2014

Posted In: Community, Feed-API, General News


Leave a Comment

Online identity fraud impacts revenue and customer growth, and can seriously damage reputation, brand image, and halt expansion into new markets. Download the free White Paper and see what you can do to help combat fraudulent transactions, registrations, and account hijacking.

April 16th, 2014

Posted In: General News

Leave a Comment

The first version of the Vetting API is released to customers!

We are very excited to announce the release of V1 of the Vetting API. Our journey is just beginning.

May 1st, 2013

Posted In: General News, Releases and Updates

© Copyright 2013 - 2019 E-HAWK. All Rights Reserved.