Using Michael Tokarev's proxycheck program, you can check the IP address of a shopper on your e-commerce site to see if they are using a open proxy server to hide their true IP address.

Using a real time proxy checker such as proxycheck complements our credit card fraud detection service, since it detects new open proxies that haven't been added to our open proxy data feeds yet. The MaxMind minFraud service reports proxies that the proxycheck doesn't detect, since proxycheck doesn't check all possible ports. Note that the MaxMind minFraud service does not use this proxycheck program.

Download Proxycheck
Proxycheck runs in Unix and Linux, and is open source. [Download]

Example code
Here's an example of checking 5 IP addresses for open proxies on common socks ports:

./proxycheck \ -ps4:1080,3380,3800,4232,14321,14441,15551,17771 \ -ps4:18844,19991,28882,29992,31121,38883,38884 \ -ps5:1080,3380,3800,4232,14321,14441,15551,17771 \ -ps5:18844,19991,28882,29992,31121,38883,38884 \ -vvvv -d proxycheck.maxmind.com:10000 -c chat:"proxycheck":"Welcome" \ 68.41.47.187 66.108.148.70 66.56.92.212 67.112.218.225 69.142.234.227

We offer a service hosted at proxycheck.maxmind.com on port 10000 that can be used to test an IP address for a proxy server. The advantage of using a different port number over a SMTP server is that many ISP's block outbound connections on port 25, so hijacked computers on these networks would not be detected by open proxy checkers if you use a SMTP service to test.

For a more comprehensive check, run a port scan with nmap, then run proxycheck against the ports nmap found. The nmap and proxycheck programs should be run right after the order is placed, since the computer may be turned off if you wait.

For legal reasons, you should get permission to run nmap and proxycheck against a customer's IP address.