How to Prevent Fraud and Fake Orders in WooCommerce

Fraud and fake orders can hurt your WooCommerce store. They can lead to lost revenue and wasted time.

Fortunately, there are tools available to help stop these problems. We’ve reviewed some of the best tools to find one that’s easy to use and reliable to protect your store from scams.

In this article, we will guide you through how to prevent fraud on your WooCommerce store. You’ll learn simple steps to block fake orders and keep your business safe.

Why Do You Need to Prevent Fraud and Fake Orders in WooCommerce?

Fraudulent and fake orders can cause serious financial losses to a business. This is why you need to monitor your online store and prevent fraud and fake orders.

Last year, online stores lost more than $20 billion in revenue due to fraudulent payments, chargebacks, and fake orders. For some eCommerce stores, the total fraudulent order costs were higher than 4% of total revenue.

The good news is that a large number of fake orders are usually spam and can be easily prevented. However, some orders can be more malicious and are placed just to annoy or harass an online business.

To know what you’re up against, eCommerce fraud comes in many forms, such as:

• Payment fraud: Payment fraud occurs when scammers use stolen credit card details to make purchases. They may have obtained the credit card information through phishing or data breaches. The best WooCommerce payment gateways for WordPress are PCI-compliant, keep all customer details secure, and prevent hackers from accessing customer data in the future.
• Chargeback and refund fraud: Chargeback fraud occurs when customers buy from an online store only to later dispute the charge with their credit card provider. They’ll try to obtain a refund while still keeping their purchased item.
• Account takeover: Hackers may gain unauthorized access to customer accounts, allowing them to make purchases, steal personal information, or even change passwords. That’s why it’s important to force users to change passwords in WordPress, especially if you own a WooCommerce store or membership site.

With that in mind, we’ll show you how to prevent fraud and fake orders in WooCommerce.

Here is a quick overview of all the tips we will cover in this guide:

Ready? Let’s get started.

1. Use a WooCommerce Fraud Prevention Plugin

The easiest way to prevent fraudulent and fake orders in WooCommerce is by using an anti-fraud plugin.

First, you need to install and activate the WooCommerce Anti-Fraud plugin. For more details, see our step-by-step guide on how to install a WordPress plugin.

Upon activation, you need to visit the WooCommerce » Settings page and switch to the ‘Anti-Fraud’ tab.

From here, you can set a minimum and high-risk threshold score.

Below that, you can change the order status based on the risk score. For instance, you can set the score when an order will be automatically canceled and set a score to put an order on hold.

Don’t forget to click on the ‘Save Changes’ button to store your settings.

Next, you need to switch to the ‘Rules’ tab. From here, you can configure the rules and assign them a risk score.

For instance, you can set a 5-point score for a customer who is placing their first order.

You can set scores for suspicious IP addresses, emails, unsafe countries, matching IP addresses to geographic locations, and more.

You’ll want to carefully review the rules and their assigned scores and make changes if necessary. If you are unsure, then default settings would work for most eCommerce websites.

If you are using PayPal as a payment option on your store, then you can switch to the PayPal tab. From here, you can require users to verify their PayPal email addresses.

The plugin also allows you to connect with third-party fraud detection service Maxmind.

This paid service uses a global database to collect data about suspicious payment details, emails, IP addresses, and more.

You can then add this score to your plugin risk score and decide what to do when it is higher.

Once you are satisfied with your settings, don’t forget to click on the ‘Save Changes’ button to store them.

Viewing Fraud Detection Activity

The plugin comes with an easier dashboard where you can see plugin activity in an easy-to-understand format.

Simply click on the Anti Fraud menu item in your WordPress admin sidebar. From here, you can see statistics about all your orders.

The anti-fraud plugin will help you catch most of the fake and fraudulent orders on your WooCommerce store.

However, if you need more strict measures, then continue reading for additional WooCommerce fraud prevention tips.

2. Use Stripe Radar and 3D Secure to Automatically Block Fraud

Stripe is the most popular online payment solution in the world. There is a WooCommerce Stripe gateway by FunnelKit that helps you properly connect WooCommerce with Stripe, so you can take advantage of SCA as well as the 3D Secure payments option by default.

This method would require you to use Stripe as your main payment gateway in WooCommerce.

First, you’ll need to install and activate the Stripe for WooCommerce plugin by FunnelKit. Once that’s configured, it will guide you to set up Apple Pay, Google Pay, and other settings to help you protect against fraudulent transactions.

Aside from that, Stripe offers a feature called Stripe Radar to help fight against fraudulent transactions. This is a powerful set of algorithms that reduces chargeback risks for your business.

Basically, Stripe uses machine learning to block orders. Their machine learning is trained on data across millions of companies worldwide that use Stripe.

We use Stripe Radar on our own eCommerce websites to help reduce fake and fraudulent orders. In addition to their machine learning algorithm, you can set custom rules with allow and block lists and more.

Unfortunately, not all WooCommerce gateways have these robust features.

If you’re looking to switch to Stripe, we recommend talking with the FunnelKit team. They are WooCommerce experts who can help.

3. Using the Cash on Delivery Payment Option Carefully

In many countries, ‘Cash on Delivery’ is a popular payment option. However, these stores find themselves more vulnerable to fake and fraudulent orders.

Users can place an order with a fake address, refuse to accept the order, or cancel an order that has already been shipped.

Once you have shipped an order, you will pay out of pocket for shipping and return of that package.

We recommend not using the ‘Cash on Delivery’ option when possible, as that can lower the number of fake orders you may get. Then, try to offer alternate payment options for users to pay before you can ship the order.

4. Sell in Specific Countries

WooCommerce allows you to easily restrict orders from specific countries. This helps you prevent fake orders from countries where you don’t sell or ship to.

Simply go to the WooCommerce » Settings page and select the countries you want to sell or ship to under the ‘General’ tab.

You can also restrict certain WooCommerce products to specific countries in WooCommerce as well.

5. Require Users to Create an Account

Another useful trick to slow down and prevent fake orders is requiring users to create an account before they can checkout.

Simply go to the WooCommerce » Settings page and switch to the ‘Account and Privacy’ tab. From here, you’ll need to uncheck the box next to the ‘Allow customers to place orders without an account’ option.

Below that, you can check options that allow users to create an account during checkout or from the ‘My Account’ page.

Asking users to create an account also allows you to easily block customers who placed fraudulent or fake orders.

6. Use a Web Application Firewall and Custom Rules

Many scammers use disposable email addresses, fake IP addresses, and dummy data to place spam or fake orders.

A WordPress firewall helps you block this before it even reaches your website.

We recommend using Cloudflare, as it’s one of the best WordPress firewall plugins on the market. It comes with powerful security features, CDN servers, and a malware removal service.

In Cloudflare, you can also set up custom page rules to trigger CAPTCHA or even automatically block users with suspicious activity.

At WPBeginner, we use Cloudflare Enterprise in our larger eCommerce stores, which includes bot anomaly detection and threat response.

If you’re running a large eCommerce store, then it’s worthwhile exploring Cloudflare Enterprise tools.

7. Require Customers to Verify Their Email Addresses

Another way to reduce fake orders and fraudulent activity is to require new customers to create an account and verify their email addresses.

To do this, you can simply install and activate the Email Verification for WooCommerce plugin. For more details, please see our step-by-step guide on how to install a WordPress plugin.

Upon activation, you need to visit the WooCommerce » Settings page and switch to the ‘Email Verification’ tab.

From here, you can configure the plugin settings to your own requirements.

For instance, you can switch to the ‘Email’ tab and delay the default WooCommerce new user email until the user verifies their account.

Don’t forget to click on the ‘Save Changes’ button to store your settings.

The plugin will now send a verification email to new WooCommerce customers to verify their email addresses.

On top of all, you’ll need to make sure your WooCommerce store has reliable email delivery if you’re using email verification. Otherwise, real customers might not be able to buy your products.

We recommend using WP Mail SMTP along with SendLayer to improve your WooCommerce email delivery rates. Over 3 million websites use the WP Mail SMTP plugin to fix the WooCommerce not sending email issue.

There’s also a free version of WP Mail SMTP that you can use as well.

We hope this article helped you prevent fraud and fake orders in WooCommerce. You may also want to see our guide on eCommerce security tips to protect your online store or take a look at our expert pick of the best WooCommerce plugins to grow your store.

If you liked this article, then please subscribe to our YouTube Channel for WordPress video tutorials. You can also find us on Twitter and Facebook.