How to stop credit card scammers?

  • Resolved wernso

    (@wernso)


    11 months ago

    Since I have been running Wordfence I have had far less issues, but I recently started getting a credit card scammer testing out stolen credit card details on my site. They do batches of 5-10 at a time with clearly fake details and then I have my orders filling up with failed orders. They even managed to get one that worked, which I now have to figure out what to do.
    The IP addresses are all over the place, so blocking IP addresses or even ranges of IP addresses doesn’t seem to be a solution.

    Please help.

    Werner

Viewing 2 replies - 1 through 2 (of 2 total)
  • magefix

    (@magefix)

    11 months ago

    Hi Werner,

    You need to check the raw access logs & see how the injection occurs. It’s possible to block the malicious payment attempts using a function.php code. I can’t believe this type of attack is still happening today.

    /** disable wc_endpoint to stop carding attacks **/
    function disable_wc_endpoint() {
        $current_url = $_SERVER['REQUEST_URI'];
        if (strpos($current_url, '/wp-json/wc/store/checkout') !== false) {
            wp_redirect(home_url('/404.php'));
            exit;
        }
    }
    add_action('rest_api_init', 'disable_wc_endpoint');

    or the following

    /** disable wc_endpoint to stop carding attacks **/
    function disable_wc_endpoint_v1() {
        $current_url = $_SERVER['REQUEST_URI'];
        if (strpos($current_url, '/wp-json/wc/store/v1/checkout') !== false) {
            wp_redirect(home_url('/404.php'));
            exit;
        }
    }
    add_action('rest_api_init', 'disable_wc_endpoint_v1');

    It depends on how the POST requests are made. Based on the logs, you may adjust the code.

    Best of luck.

    Adrian

    Plugin Support wfmargaret

    (@wfmargaret)

    11 months ago

    Hey Werner,

    You can use reCAPTCHA to help prevent false/spam registrations and logins if your site requires a customer record before making a purchase. You can do this through Wordfence by ensuring you have Wordfence > Login Security > Settings > Enable WooCommerce Integration checked. This will also require reCAPTCHA credentials in the “Enable reCAPTCHA on the login and user registration pages” section.

    With regards to carding attacks to test stolen credit cards, when a human or a bot places a fake or fraudulent order then there isn’t anything for Wordfence to automatically block as no malicious requests are being sent to your website in an attempt to compromise your WordPress file system or database.

    This is something that you can ask WooCommerce or your e-commerce plugin provider about as they likely have plugins to help with preventing bots from placing fake or fraudulent orders. You can also ask WooCommerce and any payment gateways that you use about implementing AVS and CVV matching. The Address Verification System (AVS) checks the billing address that buyers provide at checkout against the address that the credit card company has on file for them. The credit card company sends a response immediately to let you know if the billing address matches.

    Thanks,
    Margaret

Viewing 2 replies - 1 through 2 (of 2 total)

The topic ‘How to stop credit card scammers?’ is closed to new replies.