Carding attacks and making sure it does not happen again.

  • Resolved Paal Joachim Romdahl

    (@paaljoachim)


    5 months, 1 week ago

    Hi

    I customers WooCommerce site which also uses the Paypal Payments plugin has just experienced a Carding attack. I was able to add a minimum order and it seems that it is preventing the very small orders from coming in.

    There were 37 failed orders and I was able to I believe stop it yesterday. The failed orders are from 10-11 and the 12th of June.

    Is there any additional steps I should now do?
    Thank you.

Viewing 3 replies - 1 through 3 (of 3 total)
  • Plugin Support Krystian Syde

    (@inpsydekrystian)

    5 months, 1 week ago

    Hello @paaljoachim

    Thanks for reaching out to us, we’re here to help.

    We are aware of this problem. There are several actions you can take to help mitigate attempted fraud:

    • Enable 3D Secure: If you use Advanced Card Processing feature, you can require 3D Secure for transactions. This adds an extra layer of verification and makes it more difficult for unauthorized users to make transactions with stolen card information.
    • Activate FraudNet: In the plugin settings, specifically in the Connection tab, enable FraudNet. This is a service by PayPal designed to identify and prevent fraudulent activities using sophisticated fraud detection technology. For more detailed guidance, visit the documentation at WooCommerce PayPal Payments.
    • Set Payment Intent to Authorize: By changing the payment intent setting to “Authorize,” you can manually review transactions before they are finalized. This allows you to verify orders and void any that appear to be fraudulent before the funds are captured.
    • Adding the following rules to your .htaccess file can also help block specific automated requests, as long as you don’t rely on the legacy WooCommerce API to create orders:
    RewriteEngine On 

    RewriteCond %{REQUEST_URI} ^/wp-json/wc/store/products$ [NC] 
    RewriteCond %{QUERY_STRING} ^stock_status=instock&order=asc&orderby=price&min_price=1&max_price=5000&type=simple&page=1&per_page=100$ [NC] 
    RewriteRule ^ - [F,L]

    Beyond this, some users have shared a code snippet that helps prevent the use of automated APIs to create orders, and it to work for some. You can check out the snippet here: Blocking Card Testing Attacks in WooCommerce. We have tested it, and it doesn’t directly impact PayPal Payments, but it should temporarily help prevent the issue.

    We are still analyzing the situation further and working on a more permanent solution.

    Kind regards,
    Krystian

    captaincrank

    (@captaincrank)

    4 months, 3 weeks ago

    Install Checkout Rate Limiter https://github.com/brianhenryie/bh-wc-checkout-rate-limiter/ to severely throttle such attacks.

    Plugin Support Krystian Syde

    (@inpsydekrystian)

    4 months, 3 weeks ago

    Hello @paaljoachim

    Since we have not received any further communication from you, we are assuming that your issue has been resolved. Therefore, we mark this thread as resolved.

    If you have any further questions or encounter a new issue, feel free to open a new thread or submit a ticket through our service desk. Please include the URL of this thread in your ticket for reference.

    Kind regards,
    Krystian

Viewing 3 replies - 1 through 3 (of 3 total)

You must be logged in to reply to this topic.