Advisory: Increased Suspicious Card Activity Reported by PayPal

PayPal has recently informed us of increased suspicious card activity affecting merchants across the market.

This notice is to help WooCommerce stores understand the situation, take the appropriate security steps, and ensure that checkout flows remain protected.

WooCommerce stores using the PayPal Payments plugin may need to update their settings or upgrade to the latest plugin version to benefit from PayPal’s fraud-prevention features.

Your store’s security is our priority, and we recommend reviewing the information below.

What’s happening

↑ Back to top

PayPal has detected a rise in suspicious card activity occurring across the broader market. As part of PayPal’s recommended security practices, certain fraud-prevention tools within the PayPal Payments plugin can help reduce risk during checkout.

Depending on which version of the PayPal Payments plugin you are currently using, the steps you need to take may differ.

If you’re using PayPal Payments v3.3.0 or higher

↑ Back to top

You may see the following in-product notice:

PayPal detected increased suspicious card activity in market. Please enable fraud protection in your PayPal Payment settings by enabling CAPTCHA for PayPal Payments.

To help protect your store:

  • Enable fraud protection features by turning on CAPTCHA for PayPal Payments
  • Follow the setup instructions linked within the notice
  • Or go directly to your PayPal Payments settings page at:
    admin.php?page=wc-settings&tab=integration&section=ppcp-recaptcha

These features provide an additional layer of security for your checkout and are recommended by PayPal.

If you’re using an older version of the PayPal Payments plugin (below v3.3.0)

↑ Back to top

You will receive a notice after the next plugin update is released:

PayPal Payments v3.3.0+ includes important fraud management features. Please update your PayPal Payment plugin to the latest version to help keep your checkout secure.

We strongly recommend:

  • Updating to the latest version of PayPal Payments
  • Reviewing the changelog and update details here:
    plugin-install.php?tab=plugin-information&plugin=woocommerce-paypal-payments&section=changelog&TB_iframe=true&width=772&height=800

Upgrading ensures your store has access to the most current fraud-protection tools.

How to keep your checkout secure

↑ Back to top

Regardless of your version, here are the best practices for protecting your store:

  • Keep the PayPal Payments plugin updated to the latest version
  • Enable PayPal’s fraud protection settings (including CAPTCHA)
  • Use strong, unique passwords and two-factor authentication on your WordPress admin
  • Only install plugins from trusted sources, such as WooCommerce.com or WordPress.org
  • Monitor your store for unusual orders or sudden spikes in failed transactions

Need help?

↑ Back to top

If you have questions or encounter issues with PayPal Payments, please reach out to the support team.

For general WooCommerce security guidance, you can always contact our support team through your WooCommerce.com account.

Your security is our priority.