At a minimum you could turn off checkout as guest. At least temporarily. That would at least make it harder to post the transactions unless they create an account and login to it. You'd have an easier time identifying them in that situation.
The captcha solution requires some programming to get into place.
Malicious Authorize.Net script being run to process transaction
- 59
- 361
- 10/8/2010
- United States
I believe they are referring to the Authorize.net fraud protection. You'll need to go to your Authorize.net account and look at the options for fraud protection. Some basic things are free of charge. More advanced features have additional charges. You can get more info from their help links in your account.
- 162
- 1203
- 3/20/2011
- United States
Yes. It was Authorize.Net fraud protection. We enabled features there and it dramatically stopped fraud attempts. For instance we only ship to USA, Canada and USA territories so within AN you can set a filter to only accept credit cards from issued from banks in those areas. Most if not all of the fraud attempts against our Authorize.Net account were from cards issued outside the US and Canada. They also have an acceleration filter which stops processing attempts from cards being used in rapid succession from the same IP Address which is what was happening to us. It was like someone was using a program, external from the website, to submit transactions to our AN account one after the other. The acceleration filter killed those and now it's like whomever was doing it has just given up. If you use Authorize.Net make it a priority to set up the fraud protection. Just the free stuff works great.