Major card testing fraud event

  • Resolved madideas

    (@madideas)


    2 years, 5 months ago

    Hi, over the last few days we’ve seen a massive number of card testing events occurring. The Google recaptcha is enabled and has stopped over 25,000 events however several thousand still went through to Stripe, which fortunately blocked almost all. This is for a ‘donate’ button.
    Changing the Stripe keys didn’t help, and it looks like the fraud attempt scrapes the payment code somehow and then goes direct to Stripe as for the few payments that were authorised we didn’t see the email from the site.
    Right now I’ve had to disable the plugin – I really need to find out urgently if there’s any way to protect against this sort of thing, or whether there’s a hole in the implementation that needs to be blocked.
    Cheers

Viewing 9 replies - 1 through 9 (of 9 total)
  • Plugin Support mbrsolution

    (@mbrsolution)

    Hi,

    Please read the following information in terms of how to use the plugin properly with captcha. This will protect you from bot attacks:
    https://s-plugins.com/protect-yourself-from-card-testing/

    Kind regards.

    Thread Starter madideas

    (@madideas)

    Thanks for your reply, but as per above, Google captcha is live on the site and prevented a large number of attempts, but also let a large number through despite being on its maximum protection setting.

    As almost all of the testing attempts that got through failed, I don’t think your rate checking limits did anything – these probably only work on valid results – ? Certainly I had over 600 ‘payment fail’ emails from the site over a 2-hour period – this itself ought to be able to trigger some reaction – ?

    Settings are Google recaptcha V2 enabled, visible ‘Im not a robot’
    Daily limit no captcha 25
    Daily limit with captcha 10

    Plugin Support mbrsolution

    (@mbrsolution)

    Hi, can you use the following contact form and make sure to include details of your setup so we can analyze it and provide help.

    https://s-plugins.com/contact-us/

    Kind regards.

    Thread Starter madideas

    (@madideas)

    Details sent as per your request. I have logs available both for Stripe payments debug and for the servers that show the nature of the attack.

    Plugin Support mbrsolution

    (@mbrsolution)

    Thank you. The developers will investigate further your issue.

    Kind regards.

    Plugin Author mra13

    (@mra13)

    Just giving an update. Thank you to @madideas for providing the additional info to us for investigation. We have made some changes to the plugin that should help with this bot card testing issue. We will continue to monitor this and provide further updates as necessary.

    Plugin Author mra13

    (@mra13)

    The update looks to have been positive so far. Please feel to reply to this post if there is an issue.

    Kind Regards

    Am following this thread closely to see if there are any latest updates to the plugin RE: the fight against card testing. I`ve had 162 000 card-testing events just in the past 72 hours.

    Google Captcha V3 enabled.
    Rate limiting set to just 10
    Wordfence IP block working overtime
    Cloudflare geofencing

    Still, some of the payments have gone through and we are struggling to keep up with the refunds. Your professional guidance in this matter will be much appreciated.

    Plugin Support mbrsolution

    (@mbrsolution)

    Hi @yadley, can you use the following contact form and make sure to include details of your setup so we can analyze it and provide help.

    https://s-plugins.com/contact-us/

    Kind regards.

Viewing 9 replies - 1 through 9 (of 9 total)
  • The topic ‘Major card testing fraud event’ is closed to new replies.

Tags