• Resolved mywebmaestro

    (@mywebmaestro)


    This morning I had several clients report they’ve been seeing “failed orders” in their stores, where the payment failed and the info was obviously fake. (See below.) I haven’t found any reference to this online yet, but wanted to know if there’s a way to determine if this is a general software spam attack against woocommerce stores overall, or something specific to sites on my server. Has anyone else here seen this? Or is there some way I can determine more information and/or protect against it?

    Order info:
    bbbbb bbbbb
    bbbbb
    74 xxxxxxx Rd
    xxxxxxx
    EX14 5HN
    United Kingdom (UK)
    xxx xxxx xxxx
    [email protected] (another one used [email protected])

Viewing 15 replies - 1 through 15 (of 159 total)
  • I have received an ‘order’ exactly like this on two websites I manage on a VPS that has been receiving severe bot attacks recently.

    This exact same thing happened to our site as well today. They tried to initiate a bank to bank transfer and provided the same fake information as yours.

    • This reply was modified 4 years, 1 month ago by mgdukes85.

    Same here. Got “pending” purchase with same address, user name, and slightly different email.

    Thread Starter mywebmaestro

    (@mywebmaestro)

    I was surprised to find there aren’t many options for locking down woocommerce orders. The one “official” one is, of course, a paid add on for an annual license. But this seems like it would be a thing that should be included in the core plugin.

    Jose

    (@josesanchez)

    We have also received two orders like that just last night.
    Can adding a captcha upon checkout help?

    Thread Starter mywebmaestro

    (@mywebmaestro)

    The only plugins I found for recaptcha and woocommerce were for the registration and login forms, but not checkout. Except the $29 one – https://woocommerce.com/products/recaptcha-for-woocommerce – I haven’t tried installing any of them as of yet. I was hoping to find some way that didn’t involve an additional annual fee.

    Received the same and looking for a solution as well… site got redirected hacked after that.

    I have also received this. Thanks for the post.

    CL

    (@conibijoux)

    I also received one order with the exact information.
    What is the next step to ensure our website is secured and safe?

    This has also happened to my website, have you found a solution yet?

    Same here.

    Got 2 orders on one store with third party payment gateway – both cancelled due to “Unpaid order cancelled – time limit reached. Order status changed from Pending payment to Cancelled.” Both are for the product we have added last.

    Another order on a different store Failed as “Stripe blocked a likely-fraudulent payment.”

    Same here on two sites I have. Any progress on a solution/fix?
    I’ve manually cancelled both orders as they went to ‘pending’
    K

    • This reply was modified 4 years, 1 month ago by kelvynjames.

    I’ve had 2 of these fake sales 12 hours ago – status “pending payment”. I’ve deleted them, then installed a plugin to avoid fake sales. Not sure just how effective it is, but I’ve also deleted the user in case they come back and unchecked “everyone can register” in the settings. I hope this secures it!
    Sorry your website got hacked @joopleberry – have you managed to recover it?

    @beingchosen1 – what plugin did you find for that please?

    I have also received this. 2 times.

Viewing 15 replies - 1 through 15 (of 159 total)
  • The topic ‘Failed Orders – Fake Information’ is closed to new replies.