Fraudulent Credit Card Bot (URGENT)

Issue:
Fraudulent bots are testing credit card numbers on my e-commerce WordPress website.

After implementing Cloudflare PRO security about 8 hours ago the attacks had stopped but are now back.

What I’ve tried so far:

  • using the SuperBot Fighting mode to block all automated traffic.
  • blocked international traffic via custom firewall rule
  • blocked fraudulent IP addresses via custom firewall rule
  1. Enable Captcha on your payment gateway.
  2. Use a Gateway with anti-fraud. Stripe Radar is very good at this.
  3. Purchase bot protection. Cloudflare might be able to help, but it starts at ~$36k a year; reach out to sales if you are interested.
    If this is too pricey, consider looking for alternative protections that can be implemented with your CMS or within Cloudflare.
2 Likes

Is Browser Integrity Check enabled? It’s at Security > Settings.