Scam - Bunches of orders coming in with small amounts - all Frauds

Shopify Discussion

Topic summary

Multiple merchants are experiencing coordinated bot attacks placing small-value orders ($2-$5) using different IP addresses, names, and billing information. These transactions appear to be card testing fraud—criminals validating stolen credit cards before using them for larger purchases.

Current situation:

  • Traditional fraud prevention tools (Shopify’s built-in fraud detection, third-party fraud apps) are failing to catch these attacks
  • Merchants have contacted Shopify, credit card companies, and IC3 without receiving effective help
  • The pattern persists even when product prices are increased (one merchant raised prices to $21 and fraudsters still purchased)

Suggested mitigation strategies:

  • Remove or increase prices on items below $5 threshold
  • Use backend discounting with frontend code to display lower prices while charging more
  • Block orders from specific geographic locations if patterns emerge
  • Consider AI-powered fraud detection that can identify coordinated attacks across different customer details

The issue remains unresolved, with no clear solution from official channels.

Summarized with AI on October 26. AI used: claude-sonnet-4-5-20250929.
1

Is anyone else having issues with what seems like a BOT placing orders all with different IP addresses, names, and billing addresses - I can’t seem to pin point any information but it’s on orders that are $5.00 or less.

I’ve reached out to our fraud app, they can’t help us- I have tried to reach out to Shopify.

I have reached out to the credit card company and Internet Crime Complaint Center (IC3).

No one has been able to help me.

I’m curious if any one else in the Shopify community is having the same issues.

1 Like
2

They’re doing this to essentially determine if their stolen credit card works or not.

If possible, remove any item under that $5 threshold or increase the price and discount it on the backend, and then display it at the original price on the front-end using code.

3

this has been happening to me for the past week. all orders of like $2-$3.00 each.
so i upped all my digital products to $21 (just out of sheer curiosity) and they actually made a purchase this morning!

4

“Solved your $5 bot order problem - see exactly how”
I saw your post about the bot placing $5 orders with different IP addresses and billing info. I think I know exactly what’s happening and why Shopify’s fraud tools missed it.

I actually built your exact scenario into a fraud detection demo to show how this type of coordinated attack can be stopped. The bots were likely testing stolen cards on your store before using the validated ones elsewhere.

Here’s what my system would have caught that Shopify missed:

  • 6 bot transactions flagged with 92-98% AI confidence
  • Pattern recognition despite different customer details
  • Cross-platform intelligence showing attack spreading beyond Shopify
  • Specific recommended actions (minimum order amounts, enhanced blocking)

I’d love to show you the 2-minute demo using your exact scenario and get your thoughts on whether this would have helped. Would you be open to a quick 10-minute call this week? Or shooting you an email if preferred!

No sales pitch - just genuinely curious if this approach would solve what you experienced.

Best,
Alyssa

5

Hey there @trish11679 have you tried pinpointing the locations where they seem to be coming from and blocking orders from coming from those areas? I think that would be your best course of action now