How to Prevent Fraud and Fake Orders in WooCommerce
Do you want to prevent fraud and fake orders on your WooCommerce store?
Fraud and fake orders can cause serious losses for an online store. Luckily, there are effective tools to prevent spam and block fraudulent orders.
In this article, we’ll show you how to easily prevent fraud and fake orders in WooCommerce.
Why Do You need to Prevent Fraud and Fake Orders in WooCommerce?
Fraudulent and fake orders can cause serious financial losses to a business. This is why you need to monitor your online store and prevent fraud and fake orders.
Last year, online stores lost more than $20 billion in revenue due to fraudulent payments, chargebacks, and fake orders.
For some eCommerce stores, the total fraudulent order costs were higher than 4% of total revenue.
A large number of fake orders are usually spam that can be easily prevented. Some orders are more malicious and are placed just to annoy or harass an online business.
The rest of the fraudulent orders are scammers trying to make a few quick bucks.
That being said, let’s take a look at how to prevent fraud and fake orders in WooCommerce.
Here is a quick overview of all the tips we’ll cover in this guide.
- Use a WooCommerce Fraud Prevention Plugin
- Use Stripe Radar and 3D Secure to Automatically Block Fraud
- Using the Cash on Delivery Payment Option Carefully
- Sell in Specific Countries
- Require Users to Create an Account
- Use a Web Application Firewall and Custom Rules
- Require Customers to Verify Their Email Addresses
1. Use a WooCommerce Fraud Prevention Plugin
The easiest way to prevent fraudulent and fake orders in WooCommerce is by using an anti-fraud plugin.
Upon activation, you need to visit WooCommerce » Settings page and switch to the Anti-Fraud tab.
From here, you can set a minimum and high-risk threshold score.
Below that, you can change the order status based on the risk score. For instance, you can set the score when an order will be automatically canceled and set a score to put an order on hold.
Don’t forget to click on the ‘Save Changes’ button to store your settings.
Next, you need to switch to the Rules tab. From here, you can configure the rules and assign them a risk score.
For instance, you can set a 5-point score for a customer who is placing their first order.
You can set scores for suspicious IP addresses, emails, unsafe countries, matching IP addresses to geographic locations, and more.
Carefully review the rules and their assigned scores and make changes if necessary. If you are unsure, then default settings would work for most eCommerce websites.
If you are using PayPal as a payment option on your store, then you can switch to the PayPal tab. From here, you can require users to verify their PayPal email addresses.
The plugin also allows you to connect with third-party fraud detection service Maxmind.
This paid service uses a global database to collect data about suspicious payment details, emails, IP addresses, and more.
You can then add this score to your plugin risk score and choose what to do when this score is higher.
Once you are satisfied with your settings, don’t forget to click on the ‘Save Changes’ button to store them.
Viewing Fraud Detection Activity
The plugin comes with an easier dashboard where you can see plugin activity in an easy-to-understand format.
Simply click on the Anti Fraud menu item in your WordPress admin sidebar. From here, you can see statistics about all your orders.
The anti-fraud plugin will help you catch most of the fake and fraudulent orders on your WooCommerce store.
However, if you need more strict measures then continue reading for additional WooCommerce fraud prevention tips.
2. Use Stripe Radar and 3D Secure to Automatically Block Fraud
Stripe is the most popular online payment solution in the world. There is a WooCommerce Stripe gateway by FunnelKit that helps you properly connect WooCommerce with Stripe, so you can take advantage of SCA as well as 3D Secure payments option by default.
This method would require you to use Stripe as your main payment gateway in WooCommerce. First you’ll need to install and activate the Stripe for WooCommerce plugin by FunnelKit. Once that’s configured, it will guide you to set up Apple Pay, Google Pay, and other settings to help you protect against fraud transactions.
Aside from that, Stripe also offers a feature called Stripe Radar to help fight against fraudulent transactions. This is a powerful set of algorithm that reduces chargeback risks for your business.
Basically Stripe uses machine learning to block orders. Their machine learning is trained on data across millions of companies worldwide that use Stripe.
We use Stripe Radar on our own eCommerce websites to help reduce fake and fraudulent orders.
Aside from their machine learning algorithm, you can also set custom rules with allow and block lists, and more.
Unfortunately not all WooCommerce gateways have these robust features. If you’re looking to switch to Stripe, then we recommend talking with FunnelKit team as they’re WooCommerce experts who can help.
3. Using the Cash on Delivery Payment Option Carefully
In many countries, ‘Cash on Delivery’ is a popular payment option. However, these stores find themselves more vulnerable to fake and fraudulent orders.
Users are able to place an order with a fake address, refuse to accept the order, or cancel an order that is already shipped.
Once you have shipped an order, you will pay out of pocket for shipping and return of that package.
We recommend not using the ‘Cash on Delivery’ option when possible, as that can lower the number of fake orders you may get.
Try to offer alternate payment options for users to pay before you can ship the order.
4. Sell in Specific Countries
WooCommerce allows you to easily restrict orders from specific countries. This helps you prevent fake orders from countries where you don’t sell or ship to.
Simply go to the WooCommerce » Settings page and select the countries you want to sell / ship to under the General tab.
You can also restrict certain WooCommerce products to specific countries in WooCommerce as well.
Note: Geographical restrictions may reduce fake orders but users can simply use VPN to change their location and provide fake information to place an order.
5. Require Users to Create an Account
Another useful trick to slow down and prevent fake orders is by requiring users to create an account before they can checkout.
Simply go to WooCommerce » Settings page and switch to the Account and Privacy tab. From here, you need to uncheck the box next to the ‘Allow customers to place orders without an account’ option.
Below that, you can check options that allow users to create an account during checkout or from the My Account page.
Asking users to create an account also allows you to easily block customers who placed fraudulent or fake orders.
6. Use a Web Application Firewall and Custom Rules
Many scammers use disposable email addresses, fake IP addresses, and dummy data to place spam or fake orders.
A WordPress firewall helps you block this before it even reaches your website.
We recommend using either Sucuri or Cloudflare, both are among the best WordPress firewall plugin on the market. They comes with powerful security features, CDN servers, and a malware removal service.
In Cloudflare, you can also setup custom page rules to trigger CAPTCHA, or even automatically block users with suspicious activity. We use Cloudflare enterprise on our larger eCommerce stores which comes with all bots anomaly detection and threat response.
If you’re running a large eCommerce store, then it’s worthwhile exploring Cloudflare Enterprise tools.
7. Require Customers to Verify Their Email Addresses
Another way to reduce fake orders and fraudulent activity is by requiring new customers to create an account and then require them to verify their email addresses.
Upon activation, you need to visit the WooCommerce » Settings page and switch to the Email Verification tab.
From here, you can configure the plugin settings to your own requirements.
For instance, you can switch to the Email tab and delay the default WooCommerce new user email until the user verifies their account.
Don’t forget to click on the ‘Save Changes’ button to store your settings.
The plugin will now send a verification email to new WooCommerce customers to verify their email addresses.
It’s important to make sure that if you’re setting up email verification that your WooCommerce store actually have reliable email deliverability. Otherwise this can block real customers from purchasing your products.
There’s also a free version of WP Mail SMTP that you can use as well.
We hope this article helped you prevent fraud and fake orders in WooCommerce. You may also want to see our complete WordPress security guide to make your online store more secure or take a look at our expert pick of the best WooCommerce plugins to grow your store.