It's gonna re-occur, though maybe not with you.

Paul is struggling to exclude ecommerce fraud gangs, apparently from China and Bulgaria. Because he's running on a hosted app, rather than a shared server, the tools available to him are sort of blunt force. And, it's too late in the pool season for him to revise things this year.

I have a lot of sympathy: the cost of one fraudulent transaction can eat all the profits from 5 or 10 legitimate transactions. So at some level it makes sense for him to block internet sections where the ration of good to bad transactions is less than 20:1.

There's not a 'good' way to do this -- it's always a trade-off of cost, privacy, convenience and other values against security and transaction integrity, and even big companies aren't getting it right. AOL, Ebay, and Target have ALL had major security lapses in the last 9 months!