Topic summary
A Shopify store owner is experiencing credit card testing attacks, with approximately 47 failed/abandoned checkouts in 24 hours. All attempts use the same fake name/address but different credit cards, targeting a single product.
Key Concerns:
- Whether the merchant is charged fees for declined transactions (consensus: no fees for failed payments)
- How to report the issue to Shopify (difficulty reaching human support)
- How to stop the attacks from cluttering abandoned checkout data
Suggested Solutions:
- Temporarily deactivate the targeted product or password-protect the site
- Use Shopify Flow with Check If or Run Code nodes to block suspicious patterns
- Install Cart Lock app to add friction for bots
- Report to IC3.gov (Internet Crime Complaint Center)
Current Status:
The merchant has made the targeted product inactive temporarily and is testing the Cart Lock app. Community members note this is a common problem, with hopes that Shopify’s new fraud detection model (launching September 26) will help. The discussion remains open as the merchant seeks direct Shopify support contact methods.
1 Like