Magento – Fake orders in Magento

magento-1.7magento-1.8

Recently I've been getting fake orders. At first customer accounts get registered on website and then fake orders placed using credit cards. All done within 10 minutes.
Orders are made for the same type of products.
Whats most interestingly is that orders are placed using legit credit cards.

Are such orders placed by bots ?
How to stop them ?

Best Answer

You can perform the following checks.

Check the IP addresses of the orders as you have done, but take it a step further and identify the country from which they are from. Are they from you target market or something obscure. Also do the match the deliver address in your orders.
Check your access logs and try follow some of the transactions. You should be able to identify firstly the user agent though this can be easily spoofed. You can also check the referring. Something that most bots do not attach is a referrer.
Follow up with your payment gateway to confirm if the transactions are with stolen cards or not

With regards to preventing bots from creating orders are

Enable CAPTCHA on both checkout and registration through the magento backend
To protect yourself and you customers talk to your payment gateway about 3D secure, this is a technology that both Visa and MasterCard use to combat eCommerce fraud.
A drastic but possible approach depending on your target audience is block purchasing buy country. Or if it the IP are the same block just those specific IP's, though any fraudster will just use a different IP quite easily.

Best Answer

Related Solutions

Magento – ezmage migration tool for oscommerce to magento

Magento – Duplicate Orders

Related Topic