Online store owners face major challenges in combating fake purchase orders, as these orders pose a threat to their financial and organizational stability. These challenges can stem from multiple sources, from fake customers placing fake orders to manipulate inventory, to competitors engaging in unethical behavior to affect the stability of the online store.
In addition, malicious bot files are another source that can cause illegal purchases or repeat fake purchases automatically, thus disrupting the online store.
The WooCommerce platform provides a set of security measures that help you secure your online store against fraud. These measures can be enhanced using some other plugins, giving you access to a degree of protection that will help you limit fake purchase orders.
Below, we will present to you the most prominent security measures in the WooCommerce system, in addition to the most important WordPress add-ons that contribute to securing the payments page and reducing fake purchase orders, whether those made manually by competitors or those that rely on bots.
Some of these methods that we will advise you on may complicate the purchasing process for the customer, and therefore their negative impact on the user experience should be taken into account. Therefore, we recommend adopting these methods if you face a significant problem with fake requests. However, if the problem can be solved using only one or two of the methods that we will list, then it is not necessary to use the rest of the methods.
1- Customer login before completing the purchase process
WooCommerce offers a feature that allows you to require customers to create a new account or log in to their account before arriving at the checkout page. Thus, bots cannot create a new account during the fake purchase process.
In the default settings of WooCommerce, this feature is not enabled, but you can activate it by going to the “ WooCommerce ” option in the WordPress side menu, then choosing “ Settings .” After that, go to the “ Accounts and Privacy ” tab located in the top menu.
Then, deactivate the option “ Allow customers to order from the site without an account ” and then click “ Save changes ,” as shown in the following image:
2- Secure the payment completion page
In the next step, you should secure the checkout page on your store as well as increase customer reliability before completing the purchase. You can do this by requesting confirmation of the customer’s phone number or email before completing the payment. It is preferable to rely on the phone number confirmation option as it is more reliable to avoid fake email addresses.
To achieve this, you can rely on the OTP Verification By Miniorange plugin . It provides you with the ability to authenticate the customer’s phone number or email before being able to complete the payment, in addition to advanced options that help increase insurance. Such as preventing more than one customer from sharing the same phone number on your store.
Now, when a customer completes a new purchase on your store, a “ Verify phone number ” message appears to him before completing the payment process, thus greatly reducing fake purchase orders and increasing their reliability, as shown in the following image:
You can further secure your payments page by using reCAPTCHA within the payments page, which prevents bots from making fake purchases as well. To do this, you can rely on the free add-on reCAPTCHA for WooCommerce , where you install the add-on on your store in the traditional way, then add both the Site Key and Site Secret to your account in the Google Captcha platform, as we explained in the article on activating reCAPTCHA in WordPress .
After that, you must activate the “ WooCommerce Checkout ” option within the reCAPTCHA for WooCommerce plugin settings, which you can access from the side settings menu in the WordPress panel as shown in the following image:
The next step is to rely on the Honey Pot option. The Honey Pot option creates hidden fields in the payment completion form, so the real user is unable to see these fields and does not fill them out, while the bot files fill them out automatically. Then, the transaction is rejected completely if these fields are filled out, which helps prevent fake purchase orders from bot files.
To do this, you can add the Honey Pot option to the checkout form using the Contact Form 7 plugin. The same applies if you are using the Elementor Pro plugin, and you can also rely on this feature directly from the free WooCommerce Honey Pot Anti Spam plugin . This plugin works automatically without any customization required. In this way, the payments page is completely secured from bot files and fake purchase orders.
3- Use an advanced firewall
Fake IP addresses or spam email addresses are used to place fake purchase orders in online stores, so you should install a firewall on the store that helps stop and block customers from this category before they reach the payments page from the beginning.
You need to rely on an add-on that provides you with a more protective firewall, and in this case we advise you to rely on the Sucuri add-on , as that add-on provides a cloud firewall that helps sort store visits before reaching the server. Or you can rely on any other add-on that provides you with an advanced firewall
4- Automated filtering of fake requests
The WooCommerce Anti-Fraud plugin is reliable , which is based on machine learning algorithms. This add-on analyzes in-store transactions and identifies fraudulent activities based on multiple manageable criteria. For example, a risk score for customers making a purchase for the first time, a customer using VPN services while accessing your store, or a customer using more than one different shipping address for the same IP address can be determined through the extension settings:
When a specific severity score is reached, the WooCommerce Anti-Fraud plugin automatically blocks or suspends the transaction and submits it for manual inspection.
Thus, this addition helps you filter fake requests automatically according to the settings you have made.
5- Restricting the countries in which your store’s products are allowed to be sold
WooCommerce’s default store settings enable products to be sold worldwide, so you should specify which countries your store’s products are allowed to sell in, especially if your store is dedicated to serving a specific region. Thus, it automatically reduces fake purchase orders by a large percentage. To achieve this, go to the “ WooCommerce ” option from the WordPress side menu, then choose “ Settings ,” and you will be directed to the general store settings.
Go to the “ Countries of Sale ” option and choose “ Selling to Specific Countries ,” then select the countries in which you would like to allow the sale of your products and press “ Save Changes ,” as shown in the following image:
6- Motivating customers to pay online
The cash on delivery option is considered one of the common options for most online stores, but this option may cause several problems for store owners. For example, the customer may cancel the order after shipping due to lack of seriousness, or provide a fictitious or incorrect address. All of this can lead to financial losses resulting from returns and the cost of shipping and packaging.
Therefore, you can encourage customers to pay through electronic payment gateways to increase reliability, as a non-serious customer is not willing to pay money to complete the order. This can be achieved by adding discounts when paying in advance. However, you must provide convenient electronic payment options for customers. You can review an article about the most popular payment gateways for WooCommerce stores .
7- Manual inspection of purchase orders
The last step is to periodically review and check purchase orders on your online store. The previous steps help you reduce fake purchase orders by a significant percentage that may exceed 95% and completely eliminate malicious robot files. However, to fully secure your store from fake purchase orders, you should perform manual screening tests periodically, both on pending purchases from the WooCommerce Anti-Fraud plugin and on purchases in general.
You can review orders according to several criteria that vary from one store to another. For example, these criteria could include the following models:
- An unknown customer makes a large number of orders in a row, especially without paying the cost of the products in advance and relying on the payment option upon receipt.
- Customer data discrepancies, such as customer names not matching their email, whether the email supply is a known official extension from Gmail or Yahoo or temporary mail, whether the zip code matches the customer’s shipping address, etc.
- The presence of a large number of consecutively rejected requests for the same customer, which indicates that the customer is trying to do something illegal or that there is a technical problem that requires assistance.
It is always preferable to verify customer orders by contacting them directly at the number registered on the payment page form to confirm their order before shipping. This procedure may add additional costs, but this is better than suffering damage resulting from fake shipping orders. It is noted that trustworthy customers will confirm the order with accurate information regarding shipping and data, unlike fake orders whose owners may not initially respond to the phone call, and may not remember the product or shipping information correctly, since they are fake orders in the first place.
In this way, you can secure your WooCommerce store from fake purchase orders to the greatest extent possible. You will find that several options and improvements have been provided in the WooCommerce system to combat the multiple methods that unethical users rely on to carry out fake purchase orders from stores.
Share your experience with us in our discussion on the WordPress community regarding protecting your store from fake orders and overcoming the obstacles you face, in order to help others achieve maximum security and success in their online business experience, as well as to provide assistance to you if you encounter a problem in the previous steps.
Leave a Reply