abbuzz.com SPAM orders AGAIN on woocommerce shops

  • Resolved catdec

    (@catdec)


    3 years, 11 months ago

    hello,

    Today the old problem with abbuzz.com fake orders is back on 3 of my shops.

    What about you ?

    Thanks.

Viewing 9 replies - 1 through 9 (of 9 total)
  • Plugin Support Gabriel – a11n

    (@gabrielfuentes)

    Hi there! ??

    I want to let you know that the Spam Order is a known vulnerability on WooCommerce versions prior to 4.6.2. This issue should be solved by updating your WooCommerce to the latest version V 4.8.0.

    By any chance, are you using an older version of WooCommerce? If not, could you please share a copy of your site’s System Status? You can find it via WooCommerce > Status. Select “Get system report” and then “Copy for support”.? Once you’ve done that, paste it here in your response.

    Also, I would like to recommend you to check this link to know more about this: https://developer.woocommerce.com/2020/11/05/developer-advisory-spam-orders-and-accounts-from-bots/

    Please keep us posted. We will be more than happy to help moving forward. ??

    • This reply was modified 3 years, 11 months ago by t-p.
    • This reply was modified 3 years, 11 months ago by Gabriel - a11n.
    Steve

    (@sirenzsoundz)

    Hi
    Same here using version 4.8
    database 5.5 so updating that now to 5.7
    below are also flagged red in the status.

    coinbase Commerce – 1.1.4 – Installed version not tested with active version of WooCommerce 4.0

    WC Duplicate Order by Jamie Gill – 1.7 – Installed version not tested with active version of WooCommerce 4.0
    Thank you

    • This reply was modified 3 years, 10 months ago by Steve.
    Thread Starter catdec

    (@catdec)

    @gabrielfuentes
    Thank you to let me know what I and everybody else here also clearly knows.
    But you didn’t fix anything and fake orders are still here with latest version.
    Only the special plugin stops the fake orders.

    Plugin Support Gabriel – a11n

    (@gabrielfuentes)

    Could you please confirm that the “Allow customers to create an account during checkout” is disabled? You can find this setting by going to Dashboard > WooCommerce > Setting > Accounts & Privacy > Account creation

    However, I want to let you know that there is a recent bug report open for this issue (meaning it will get addressed), and we’d prefer to keep everything in one topic. Here is a link to this report:

    https://github.com/woocommerce/woocommerce/issues/28711

    Please feel free to add any valuable comments there to help our developers fix it. ??

    Im with latest version of WC again spam orders and spam registrations from abbuzz.com. HELP

    There is a new problem! these failed WooCommerce orders allows the spam bot generate thousands of order notes. They attempt to use credit card numbers to pay for their order with the “Customer Payment page” after a failed order is generated.

    example payment page, after a failed payment may look like this: https://www.yourwoocommercepage.com/checkout/order-pay/12345/?pay_for_order=true&key=wc_order_abcdeFgHiJkX

    I don’t think turning off “guest orders” makes a difference here. Once the bot/script/malicious user creates an account, they can make a fake cc payment and the order will switch from Pending to Failed…then they go to the payment page and and try it again..and again and again..this can generate thousands of order notes with a failure message. I would assume there is a limit before something breaks…

    @ericgf i have this problem.
    I have orders with thousands of attempts.
    Do you have any solution?

    The solution has already been explained. Use the free plugin.

    @cacabe I’m lost, can you help me?
    What is the name of the free plugin that I should use?

Viewing 9 replies - 1 through 9 (of 9 total)
  • The topic ‘abbuzz.com SPAM orders AGAIN on woocommerce shops’ is closed to new replies.