We have someone who has decided we are a good place to spam fraudulent credit card attempts. They are using a VPN, so their IP address changes regularly.

Any ideas of alternative ways to help mitigate this if IP address isn't going to work as a reliable identifier? Anybody seen success with any other options?

- Graham Slaughter

Are they by chance using the same email or phone number each time? If so, I have a trick that works but you have to modify the inccart.asp file.

Marshall
CENLYT Productions - ms designs
Affordable Web Design
Custom Ecommerce Designs
Responsive Websites
Cenlyt.com

I wish. It's extremely diverse. I studied it for a while and the only way to tell they are related is that they'll all hit with a BUNCH of unauthorized orders in the same 20 minutes or so so you see them grouped. There will be some similarities in the cart contents for a few orders before even that changes up. It's rather frustrating.

- Graham Slaughter

Graham,
I am having exactly the same problem with Moneris. I have enabled AVS which seems to have slowed them down however it is not good for business as the syntax requirement for AVS is so rigid that it can't even get my own address straight. I had 17,500 attacks over a 12 hour period last month.
Michael

That's painful. Like... crazy painful. I would imagine the process is automated in order to run that many attacks. If you aren't already on Cloudflare, routing through there gives you some options for combating that kind of automated traffic. We are on the cheapest non-free tier of Cloudflare and I can tell you that it is an incredible value at that tiny cost for SO many reasons. This might be your reason!

Graham,
What are the options from Cloudfare which allow you regulate the hackers?

There are firewall options that are specifically designed to mitigate bot traffic and options you can set for how to handle that.

The far greater benefit is how it can cache and speed up your site which is what brought us there in the first place. I think we pay $20/month.

Cloudflare is a easy to setup. Basically you point your DNS to their servers so that all traffic goes THROUGH their servers first which allows them to see and negate that traffic before it even hits your server.

If you haven't ever looked at it, you absolutely should.