Card testing attack
-
I run the Stripe Payments plugin. Over the past 18 hours I have had 60,000 card testing attempts at making payments, around 300 of which have succeeded. Stripe support advised refunding these immediately, which I am doing.
But each attempt results in either a success email from WordPress, or an Error email from WordPress, so I have had 60,000 emails in the past 18 hours.
In the plugin settings I have reCaptcha enabled, and the box to have error emails sent to me is not checked. But all of these emails are still arriving.
All 60,000 attempts are for the same product, which does not exist, so this is clearly not going through the product form on my web site.
Can you advise urgently please?
- The topic ‘Card testing attack’ is closed to new replies.