I found for me that the password monitoring software I am using works pretty good, and I have it set up in two stages
first stage works on a separate cgi which monitors the system as the users get into the first "splash" welcome to bal bla bla site members area
the second stage works on the main content area and checks the user again as they login to the content area
the other thing that you can do in this case is set the thresholds at different levels
so far so good
I have had some password traders, but the script is triggered at a pretty low threshold, and I usually keep the suspended users on file so even if they pay again ... their username is locked out
it's a bit of a headache for aol users with multiple ips but nothing too bad
There is a thing with ccbill not deleting old users sometimes, but this seems to be looked after with cleanup in most of the cases
Their tech support is pretty good as well, so I would suggest calling them, if you are getting expired users clinging on too much
another thing you can do is "ban" the password traders by emailing ccbill
or whatever ccprocessor you are using
I used to get tons of trial sign up password traders, they sign up for a trial and then post the username on their site... as if they hacked it
oh well lifes a bitch, back to the grind, have a nice day everyone ;)