Announcement

Collapse
No announcement yet.

Abandoned Basket Emails & Authorization Failures - Carding Attacks

Collapse
X
 
  • Filter
  • Time
  • Show
Clear All
new posts

    Abandoned Basket Emails & Authorization Failures - Carding Attacks

    I was wondering if there is a way to disable the abandoned basket emails from being triggered to send when there is an authorization failure?

    The site is intermittently going through carding attacks and they are using bogus emails (surprise surprise) so there are a ton of undeliverable emails bouncing back.

    The number of carding attempts varies. Sometimes its 25-50 attempts in a night. Sometimes its 100-150. Over the weekends it can be over 500.

    This leads me to a couple more questions:

    When is the order number assigned to a basket?

    How successful has anyone been in combating these types of attacks and what did you do to help alleviate the issue?

    Thanks

    #2
    RE: Prevention.

    Simplist thing might be a recaptcha on the OSEL to OPAY form. Though, be forewarned. Many of these BOT attempts are actually humans being paid 1 cent per attempt...
    Bruce Golub
    Phosphor Media - "Your Success is our Business"

    Improve Your Customer Service | Get MORE Customers | Edit CSS/Javascript/HTML Easily | Make Your Site Faster | Get Indexed by Google | Free Modules | Follow Us on Facebook
    phosphormedia.com

    Comment


      #3
      Bruce - PhosphorMedia

      Thanks Bruce that may be our only option at this point, and yeah unfortunately there's no defense for that.

      What is interesting is the attempts are usually within a minute of each other and each attempt has different order number, "customer" address, and credit card info, leading me to believe there is a bot script involved.

      It would be pretty impressive for a human to fill out the required product options, add it to the cart, go to BASK, OCST, OSEL, OPAY and submit within 1 minute. (4 separate times within 1 minute)

      Unless of course they have a whole team doing it all at the same time.

      Do you think your honeypot/bot detection method used for the product reviews form could be applied to the add to cart form on the PROD page?

      If so, that would be something I would be happy to pay for if its not too much trouble.

      Comment


        #4
        We were being attacked by a group in the Philippines doing exactly that. We block the country at the server. We only sell into North America, so no biggy. You should be able to see the source of the attacks in your server logs. May be a legit option.

        Comment


          #5
          nottheusual1 that's a great idea, but unfortunately the logs are telling me they are either in the US or using IP address masking.

          Comment


            #6
            Originally posted by SidFeyDesigns View Post
            Bruce - PhosphorMedia

            Thanks Bruce that may be our only option at this point, and yeah unfortunately there's no defense for that.

            What is interesting is the attempts are usually within a minute of each other and each attempt has different order number, "customer" address, and credit card info, leading me to believe there is a bot script involved.

            It would be pretty impressive for a human to fill out the required product options, add it to the cart, go to BASK, OCST, OSEL, OPAY and submit within 1 minute. (4 separate times within 1 minute)

            Unless of course they have a whole team doing it all at the same time.

            Do you think your honeypot/bot detection method used for the product reviews form could be applied to the add to cart form on the PROD page?

            If so, that would be something I would be happy to pay for if its not too much trouble.
            It probably is multiple people, however, they probably just create a form post page that automatically fills the basket I'd still lean towards just putting a block on the OSEL/OPAY transition.
            Bruce Golub
            Phosphor Media - "Your Success is our Business"

            Improve Your Customer Service | Get MORE Customers | Edit CSS/Javascript/HTML Easily | Make Your Site Faster | Get Indexed by Google | Free Modules | Follow Us on Facebook
            phosphormedia.com

            Comment


              #7
              Bruce - PhosphorMedia got it. Thanks for the suggestion. I'll give it a whirl.

              Comment


                #8
                Originally posted by SidFeyDesigns View Post
                nottheusual1 that's a great idea, but unfortunately the logs are telling me they are either in the US or using IP address masking.
                My condolences.....

                Comment


                  #9
                  It did just dawn on me how to fix the Abandoned Cart Email bounce backs for now.

                  About 99% of these carding attacks add the cheapest products to the cart. Usually the same product at $9.95 and sometimes another at $14.95.

                  So I set the Abandoned Basket Emails to only send if the subtotal is greater than $24.95 (incase they move to some other "low hanging fruit") and that has at least stopped all those emails from being triggered.

                  Comment

                  Working...
                  X