Urgent Help Needed: Braintree Fraudulent Orders Bypassing Captcha on Magento 2 Site

Hello everyone,

I’m facing a critical issue with my Magento 2 website. Recently, we switched our payment processing from Authorize.net to Braintree and since the switch, we have experienced a significant increase in fraudulent orders.

Here’s a quick timeline of events:

  1. Switch to Braintree: Immediately after the switch, we saw a spike in fraudulent orders.
  2. Captcha Implementation: We implemented a simple captcha on the checkout page, which stopped the issue for a few weeks.
  3. Current Situation: This morning, these people/bots somehow bypassed the captcha and placed 118,000 orders, overwhelming our CRM and cart systems. We had to take credit card processing offline completely. Even a brief 15-second window of re-enabling credit card orders led to another 5 fraudulent orders.

Steps Taken So Far:

  1. Disabled credit card processing.
  2. Examined and refunded fraudulent orders.
  3. Created a ticket with Braintree support.

Does anyone have any Insights into why this might be happening / had any similar experiences? We plan on implementing a stronger captcha but are open to any other security measures to prevent these types of fraudulent orders in the future

Thank you!

Edit: here are the custom rules we just implemented

  • Gateway Reject when 2 or more Transactions with the same Billing Postal Code occur within 120 minutes of each other.
  • Gateway Reject when 2 or more Transactions with the same Customer Email occur within 120 minutes of each other.
  • Gateway Reject when 7 or more Verifications with the same Customer Email occur within 15 minutes of each other.
  • Gateway Reject when 5 or more Transactions with the same Unique Credit Card Numbers per Customer Id occur within 15 minutes of each other.
  • Gateway Reject when 3 or more Transactions with the same Credit Card Number occur within 15 minutes of each other.
  • Gateway Reject when 5 or more Transactions with the same Customer Email occur within 15 minutes of each other.

submitted by /u/Level_Place_2576
[link] [comments]