Velocity Attacks

How to prevent fraud orders and stop repeated fake orders being placed on your store?

1. Identify the ‘Attack Vector’ and understand how these orders are being placed. Most commonly this will be:
   • A specific payment gateway. Contact OPMC Support to confirm if your Payment Gateway vulnerable to Fraud Attacks.
   • Orders Placed via secondary checkout pages or API. Read below to understand how to use the OPMC ReCaptcha settings and API Filtering settings below.
     
     Use the “Card Testing” Section below to configure these settings and understand how to ensure your store is correctly protected against repeated fraud orders.
2. Identify and Isolate the commonalities between the various fraud orders. Fraud orders will typically have signs or shared details which indicate the order is not legitimate. Using the Antifraud plugin you can ensure multiple layers of filtering and protection to ensure only your real customer orders get through.
   • Enabled ReCaptcha. Ensure your ReCaptcha V2 is enabled and configured correctly in the Antifraud settings. There are other plugins which offer ReCaptcha, the Antifraud plugin has been specifically designed and tested to secure WooCommerce checkout pages. Ensure you are using the Antifraud Recaptcha settings and ensure you disable any other ReCaptcha also present on the chekcout page to avoid ReCaptcha conflicts.
   • Check for common IPs, and Block IPs used to place Fraud orders using the “IP Blacklist”
   • Check for common emails and email sequences used in fraud orders. Block common emails and email sequences using the “Email Blacklist”. (Email sequences can be blocked using wildcards, for example ‘fraudster*@gmail.com’ will block all emails with this pattern including, ‘fraudster111@gmail.com’, ‘fraudster123@gmail.com’, ‘fraudster12345@gmail.com’)
   • Noticing orders from Order Attribution, ‘Origin’ = ‘Unknown”? Speak to OPMC about how you can add advanced filtering to ensure all orders are correctly attributed and filter out fraudulent orders.

Antifraud Version 6+ now comes with advanced security against velocity attacks credit card fraud. This includes:

1. Card Testing Protection via API: This feature directly addresses the growing concern of fraudulent activities, specifically card testing attacks. Card testing is when fraudsters use bots to test stolen credit card numbers by making small purchases. By leveraging the API, this update implements protective measures, ensuring that your store remains secure and compliant with payment processing regulations.

2. Velocity Attack Prevention, ReCAPTCHA and improved compatibility with WordPress Blocks: Prevent card testing before it occurs with advanced integration with Googles ReCaptcha to protect your website from fraud and abuse without creating friction.

Additionally we have updated support for WooCommerce Checkout Blocks and improved the implementation of the ReCAPTCHA feature. This ensures a seamless and secure checkout experience while providing enhanced protection against automated bot attacks.

3. Order Processing Delay Setting: Velocity Attack Order Processing Delay introduces dynamic real-time fraud detection and prevention on your checkout page. This setting empowers store owners to configure delays in order processing when suspicious or high-volume activities are detected. The delay helps mitigate potential velocity attacks where fraudsters attempt to flood the system with fraudulent orders, offering an additional layer of protection for your store.

If you are WooCommerce store owner dealing with the following challenges we encourage you to look at the following settings to ensure your store if proactively preventing fraud.

1. Fraudulent Card Testing Attacks: If you’re concerned about fraudulent transactions, particularly card testing, where bots use stolen card details to make small purchases, this update introduces API-based protection. With this in place, your store is better equipped to block unauthorized transactions and maintain compliance with payment regulations.

2. High-Volume, Automated Order Attempts (Velocity Attacks): Have you ever noticed a sudden flood of orders, many of which may be fraudulent? Our new “Velocity Attack Order Processing Delay” feature allows you to configure a delay in order processing during suspicious activity, helping to prevent your system from being overwhelmed and ensuring that fraudulent orders don’t slip through the cracks.

How to Access the Card Settings Page?

Navigate to WooCommerce > Settings > Antifraud > Card Attacks.

1. Enable Checkout Protection: This section heading outlines the steps to configure reCAPTCHA. It also indicates if your checkout has reCAPTCHA enabled and it is active on your checkout.
2. Order Attempts: The order attempts section can be used to limit number of orders per user within the time span. This will also indicate if this section is active at present.
3. Payment Attempts: Similar to Order Attempts, the Payment Attempts section provides options limit the attempts between each payment within the same order.
4. Order Between Times: This Order Between Times allows you to limit the number of orders between specified times. This settings is helpful to target time zones where your store operates and filter out traffic outside your store’s usual ours of business.

Enable Checkout Protection:

This section heading outlines the steps to configure reCAPTCHA.

• Create a reCAPTCHA account using the link.
• Configure your reCAPTCHA account in the settings page with two simple steps.

The order attempts section can be used to limit number of orders per user within the time span.

• Too Many Order Attempts: Enabling this rule allows you to limit number of orders per user within a particular time span.
• Checkout Timer Delay: The checkout timer delay gradually increases with each unsuccessful payment attempt, adding more time before the customer can place another order.

1. The plugin is not stopping Velocity Attacks! What to do if the plugin is configured correctly and still having issues?

The plugin is highly effective at stopping velocity attacks—unless another issue on your site is preventing it from working properly. Here’s an analogy: imagine you’ve installed a strong deadlock on your front door to improve home security. However, when you leave the house, you forget to close the back door. While the front door is secure, your home is only as safe as its weakest point. The same principle applies to your website’s security.

To sum this up, when reCAPTCHA has been set up within our plugin and the issue persists, it indicates one or more of the following:

-Your site has a general security vulnerability – such as non-secure hosting.
-A plugin on your website has a security vulnerability.
-Your website has been hacked and is infected with malware.

Where this is the case, the plugin will not work effectively and you will continue to experience problems.

2. Need further help with help with Velocity Attacks – Next Steps:

OPMC collaborates with non-technical e-commerce store owners as well as developers and agency partners who may not specialise in security. We are highly experienced in addressing a wide range of issues efficiently and cost-effectively.

For prompt expert advice, please reach out to us via WooCommerce.com Support. Simply select this plugin when submitting your enquiry, and we’ll assist you in resolving the matter quickly.