Spam Orders From Emma Rose

Hi there,

That’s likely an automated bot that’s just randomly created orders on websites. It might be worth considering adding a captcha on the account creation page?

RK,

No accounts are being created. Just orders being made.
We already have anti-spam plugins on the site too.

-Reece

Howdy Reece,

Seems perhaps the anti-spam plugins aren’t doing their job then. Perhaps you would like to look into other options there or you could block this i.p. via htacess or something like that.

I am having the same thing happen to multiple clients. Spam orders from a customer named Emma Rose.

“She” seems to be targeting WooCommerce sites with the “Cash On Delivery” payment method enabled. I have one client who has 10k worth of orders from “her” in the last week alone. Constantly changing IP address and email so no traditional methods of blocking this “person”.

@firstclasscode @sundaydriverxxx You may want to try something like this:
https://www.ads-software.com/plugins/woo-blocker-lite-prevent-fake-orders-and-blacklist-fraud-customers/

Thank you for the suggestion.

Would be nice if we could combine her name + zipcode as blocking rules.
Seems pretty steep to have to block an entire zipcode from ordering on the site to rid one person.

However, it’s something of a step in the right direction. Much appreciated.

Thank you for the suggestion. I don’t think any of those parameters will work for blocking her. It needs to be by name, address, or combination of things.

Even without COD enabled, she creates paypal orders which fail, cheque, or too many abandoned carts.

What could be the reason somebody would do this? Seems like a waste of time to everybody.

She seems to have moved on for now. None of the big ecommerce clients were effected. Seems to be targeting the newly installed woocommerce sites that I have almost forgotten about.

Yeah I just noticed it’s not limited to COD either. Another client with PayPal just complained of a few orders like that coming in.

I am baffled at what they are trying to achieve too but it is super annoying at this point.

If I make any headway I’ll update this thread.

I am baffled at what they are trying to achieve…

What could be the reason somebody would do this?

In my experience, I have encountered many merchants (especially newer merchants) who have not built their own understanding of what an order status means. I have spoken with merchants who have fulfilled orders because they exist with no regard for the order status or payment status. My assumption is that what they are trying to achieve is to get free merchandise.

Seems like a waste of time to everybody.

Another assumption on my part, but in all likelihood, this is an automated script and I would further assume that it has paid off or they are counting on it paying off so I’m not so sure that it is a waste of time on their part.

If my assumption is correct, I think a solid course of action would be to add a bot check captcha at checkout. This may prove useful for that purpose: https://www.ads-software.com/plugins/no-captcha-recaptcha-for-woocommerce/

Kind regards,

Excellent explanation wbrubaker, thank you for that! I think you are correct.

Great solution also!

I’ve gotten 4 orders from “emma” so far, once every month + one day. No order includes a real address where I could even send a product if I didn’t notice it was fake.

It seems the best solution here is to prevent the orders altogether with something like this:
https://www.ads-software.com/plugins/no-captcha-recaptcha-for-woocommerce/

I’ve noticed a similar issue on multiple dates/products but attempting via credit cards. Wondering if it’s testing stolen details or something? I don’t want to post potentially personal details however anyone investigating the orders in their store is likely to find lots of complaints online related to the supplied details so this is a recurring, seemingly ecommerce targeted, and likely automated problem that goes far beyond the comments in this thread.

• This reply was modified 6 years, 4 months ago by Daniel McClure.

Hi @danielmcclure, thanks for the additional comments and feedback! Its hard to know whether the cards being used are test credit card numbers or real.

Installing https://www.ads-software.com/plugins/no-captcha-recaptcha-for-woocommerce/ should help with this issue.

At this point, looks like everyone is all set for now so I am going to mark this thread as Resolved. Feel free to connect with us again should you have any additional questions!