Fraud Card Testing Wihtout WC Orders

Hello DeveloperWil,

Thank you for contacting WooCommerce support.

I understand your concern regarding the fraudulent activity on your site.

It’s quite unusual for transactions to be processed through the WooCommerce Stripe Payment Gateway without generating WooCommerce Orders and without the associated product meta being recorded. I believe we should investigate this further to determine the cause and prevent a recurrence.

To help us get to the bottom of this issue, could you please provide screenshots or any other available details of these transactions? The visual evidence may give us clues about how these transactions are bypassing the standard checkout process.

Additionally, a copy of your site’s System Status would be valuable for our diagnosis. You can retrieve this information by navigating to WooCommerce > Status. Please click on Get system report and then on Copy for support.

Once you have that, kindly paste the text on https://gist.github.com. After you create the Gist, you can paste the link here in your reply. This report will help us understand your setup better and identify any potential conflicts or configurations that may be contributing to the issue.

We’ll do our best to help you secure your site against such fraudulent attempts. Looking forward to your response ??

Thanks for your response.

Here’s the WC System Status:
https://gist.github.com/DeveloperWil/7ca21814c5d843419aea13f497b798d0

Here’s a sample successful Stripe transaction from the logs:
https://gist.github.com/DeveloperWil/3ff0fd43ee94a9def9d288134f16e838

The price $36 is the correct price of one of my products but as you can see from the log, no product meta is transferred to the Stripe transaction and no saved WooCommerce order in the database.

There were over 10,000 transactions over 5 days with just over 200 successful ones which I’ve had to painfully refund.

I have 2FA Google Authenticator on my Stripe account for many years and Stripe also have not detected any strange dashbaord logins – they have advised my API secret has not been compromised.

Let me know if you need any additional information. You can reach out to me directly – my details are on my website at https://zeropointdevelopment.com

Thanks,

Wil.

• This reply was modified 10 months, 3 weeks ago by DeveloperWil.

Hello @developerwil,

Is it possible that there’s an old staging or a copied version of the site that you might have forgotten to delete? If so, please make sure to delete it as it could be using an outdated version of the plugin with security vulnerabilities.

Also, consider installing a captcha plugin, which in most cases can stop these attacks. If you keep seeing these transactions even with a captcha plugin, please open a new ticket about this via WooCommerce.com > MY profile > Support so we can investigate the issue further.

Make sure to include a link to this thread so we know what has been done already.

Let us know if you have any other questions!

Thanks for getting back to me. There is no staging site. You can see the IP address and URL in the Stripe logs are from the production server.

I have the Advanced Google reCAPTCHA plugin on the checkout, but this made no difference as the checkout is seemingly being bypassed – no WooCommerce Orders were stored in the database.

Currently I have my products in draft mode to prevent this from happening.

I also tried to ban several IP addresses that were appearing in the Stripe logs but that’s a pretty futile approach.

I don’t have a woocommerce.com account so happy to proceed here.

My main concern is that payments seem to be made directly through the gateway bypassing the checkout process.

Hi @developerwil,

Just curious, were you able to open a ticket with us? As this needs further investigations, please open a new ticket about this via?WooCommerce.com > MY profile > Support.

Also make sure to include a link to this thread so we know what has already been done.

Cheers!

@ckadenge I just created a ticket – thanks.

Hey @developerwil!

Thank you, I’ll be marking this as resolved as we will keep to assist you on the ticket.

Have a wonderful day!