Best Practices for Cleaning Fake Customers in Magento 1.9

customerdatabasemagento-1.9

What if a Magento 1 shop had a nasty bot attack. Thousands of fake customer account were created and subscribed to the newsletter. Some of the account are quite easy to find (fake domains for example), others have another pattern (Front name and last name are exactly the same) and some follow no pattern at all.

Now we are faced with the task of cleaning out these fake customers / subscribers, and we I am wondering what would be best practice? Write an SQL script that filters customers based on certain patterns? Or something else?

Best Answer

There is no perfect way to solve this issues as far i think.

But we can try to solve them one by one.

If your website authenticates new customer email ids, then its easy to figure out those customers whose email not verified.

If your store doesn't authenticate or send Verify link than you can delete the recent customer but there are chances that new real users have no order as well, in this case, you can send them an email verification link to verify the email.

OR

have a look at their I.P address if there is any common thing or all are generated from the same country you can take that hard decision to delete them. BUT before deleting those based on I.P please first check is there any order placed from the same I.P.

How to protect from now onwards?

  1. Everyone should start using simple tools such as CAPTCHA and enable them.
  2. Keep patch updated.
  3. We can use third party Bot Blocker extension to protect our store

How to enable default Magento 1.9 CAPTCHA?

inrsaurabh

Enable CAPTCHA for frontend
Magento has built-in captcha for Frontend, you can enable it by navigating to System > Configuration > Customers > Customer Configuration

REQUEST:` Whatever you tried please spend few minutes to update your question so that it helps others as well and keep the community easy to find the right solution.

Update: Magento have website scan functionality which scans our websites and provide brief details about the health and issues of our Magento stores it is available for all version and easy to integrate.

To activate just visit Unable scan and follow easy steps.

Update 2 Recently one of the website on which i am working flodded with spam emails like below

  1. 2842182340@qq.com
Related Topic