Getting tons of cancelled orders in one hit from some sort of bot

Every so often, one of our clients is getting a ton of cancelled orders in their backend all under the same name (John Smith) with different random addresses etc.

At the checkout, you get redirected to the payment gateways server (Worldpay) to complete payment which is where it is possible to click a ‘Cancel’ link and get redirected back to the website.

It’s obviously a bot of some sort but I’m not entirely sure what they are trying to achieve.

There are failed transaction notifications from Worldpay being received so it looks like they clicking on our client’s products in Google Shopping, adding them to cart, going to checkout, auto-populating the checkout form, getting to payment form and cancelling the order.

The IP address of this user carrying this out is hidden so not possible to block them (only going by the information in the backend so far, I’ve not actually checked access logs etc).

It’s just becoming a bit of a nuisance for our client to have 50 orders all in one go from the same name, all cancelled in the backend of the website.

Anyone experienced anything like this before or have any ideas as to how we could prevent it in future?

submitted by /u/zigojacko2
[link] [comments]