Hundreds of credit card test/bot orders in the past three days

Hi Brian,

I’m sorry to hear about the issues you’re facing with the credit card test/bot orders. Could you please let me know if you’re using any express checkout options? We can’t control express checkout processes.

If you’re not using express checkout, could you please forward a few of the failed submissions to my email at [email protected]? This will help me investigate the issue further.

Thank you for your patience and understanding.

Best regards, Dinesh

Hi Dinesh,

No, we don’t have express checkout enabled. I’ll email you some transactions to take a look at.

Hi Dinesh, we purchased the extended version of the plugin to prevent card testing/bot orders via WooCommerce and we’re experiencing the same issue. We are seeing failed orders, each with a unique IP address, name, phone number and email. We don’t use Express Checkout. Our website checkout can be found here: https://www.dtcrafts.co.uk/checkout/ – Thanks!

Hi @debbietomkies ,

I am checking your site and there will be some fake order under my name or Kalin Denis. Sorry for the inconvenience.

Thanks

great! Please add “TEST” somewhere in your first last name to help our team out.

Hi Dinesh, thanks for getting back to me so quickly. The fake order has been received. Does that mean the issue should be fixed or is there still work to be done?

Hi Dinesh, I’m still getting failed orders. Are you able to provide an update at all? Many thanks, Debbie

I am still working in that case. Thank as you replied as i had few questions.

What is that payment method you were using ?

At first we had the issue with debit/credit cards via the Stripe payment gateway. We switched off this gateway in case that was the issue.

Unfortunately this just moved the problem to the direct payment debit/credit card gateway offered by paypal. So now it is the debit/credit card via the paypal gateway that is being affected.

At the moment payments via paypal account seem to be the only channel that isn’t affected.

Please let me know if you need anything further. Many thanks, Debbie

Hi Dinesh,
I have also discovered I’m having issues with bots (putting data in every few seconds) doing credit card testing by injecting unique names, addresses and credit card payment details into my woocommerc-checkout process, all without ordering a product.

Though it’s very strange as we don’t have actual approved or failed woocommerce product orders like others do, but personal data and credit card information is being sent through woocommerce _checkout through my website API connection to my contact manager where the payment details are then being validated.

1. I am not using express checkout.

2. As we have the extended protection, I’ve looked in the spam submissions – “Data tried to Submit” tab for woocommerce_checkout submissions and had 10 come through yesterday from Czechia – 2 different IPs. Even though the Spam Submissions form says “tried to submit” – the data was actually successfully pushed into my contact manager to validate.

3. The 2 IPs’ were apparently blocked at 5 submissions each so I updated my WPArmour blocking to 2 submissions to try and curb this – I’ve now found this has been happening the last 6 weeks. But since there have been no actual product orders, it wasn’t easy to find in my contact manager.

4. Our payment method is through Keap/Infusionsoft merchant account tied to Authorize.net, but the payments are not getting sent to Authorize.net, just Keap is validating the card.

I’ve never seen anything like this and hope your system can start blocking these ASAP.

These are the fields being filled out (minus actual real personal information) that’s showing in the Spam Submissions “Data tried to Submit”

billing_first_name :
billing_last_name :
billing_company :
billing_country : US
billing_address_1 :
billing_address_2 :
billing_city :
billing_state :
billing_postcode :
billing_phone :
billing_email :
order_comments :
payment_method : infusionsoft_cc
infusionsoft_cc-card-number : xxxxxx (has full card #)
infusionsoft_cc-card-expiry : xxxx
infusionsoft_cc-card-cvc : xxxx
woocommerce-process-checkout-nonce : xxxxxxx
_wp_http_referer : /?wc-ajax=update_order_review

Can your plugin can block this kind of behavior? Please let me know if I can provide you any other details!

Hi Dinesh

We cotinue to experience failed transactions with unique customer name/email/phone and ip addresses. The ones we can see come are in blocks of up to 10 at a time but now we have some that are actually completing the order process so this is costing us paypal fees to refund the fraudulent transactions. Do you have any update? Many thanks, Debbie

Hi @mlmoore,

I am working on this issue but it is taking longer and the block is not that effective so far. Can you share me your site url where i can check the checkout page ?

Thanks

Hi Dinesh

Thanks for getting back to me. The checkout page is at https://www.dtcrafts.co.uk/checkout/

(You may have to add something to the cart to get to the checkout if you are testing as a ‘customer’).

Best wishes, Debbie

@debbietomkies ,

Since you are using this payment plugin https://woocommerce.com/products/woocommerce-paypal-payments/, i have already added extra check and this should fix the spam issue. I am testing it currently, need to make sure no real customers are blocked.

However, in @mlmoore ‘s case, i think there is different payment plugin involved. So wanted to check the website.

Thanks

Hi Dinesh,

Thanks for your reply. Yes, I am using a different payment plugin. My website is https://www.embracehealthnaturals.com.

I’m using InfusedWoo plugin to transfer my customer data to Keap for validation/authorization (using an API). Keap validates my payment and Keap also runs it through Authorize.net for authorization.

I also emailed you information on Saturday, in case that is also helpful.

Let me know if there’s any other info I can provide or email you.

Thanks!