Dummy orders being placed on website

[MikeCC]

We have a strange problem with the website. Every now and then, we get a flurry of incomplete orders, all using the same name, address and email. However, the IP address geo-locates to Google in Mountain View. I realise this could be spoofed and will see what our hosting provider has on their logs.

Has anyone else experienced the same thing and how did you deal with it? Any other insights?

 

[WebDesires]

Actually, there isnt any way to "spoof" and ip address or ip geo location, not unless you are routing requests through that physical IP server.

And Google being Google, I would doubt they are compromised in any way...

So GoogleBot is probably the culprit, it must be managing to add items to cart AND get through checkout process. I cant imagine how this might be possible.

However you say there is user-data provided, which makes it very weird in deed. With what you said right there I would maybe suggest its Google Cloud Hosting, and someone has wrote a bot to hammer your site, for what purpose I do not know...

 

[thetiger2015]

We get them a few times a month. Usually a persons name, George George, then the google address etc. Ours comes from Google Shopping ads, they test the checkout to ensure compliance with merchant policies. Usually happens at 2 in the morning, gets all the way through and drops out when payment screen is reached.

When we had a checkout popup, with a timer encouraging someone to buy, we got suspended from Google Shopping. They could only have seen the timer by going through the checkout. It was a breach of Merchant Centre rules.

 

[WebDesires]

ive never heard of Google Merchant center testing checkout... are you sure? we have quite a few clients using it and never had anyone's store tested in this way?

 

[UrbanRetail]

Can also confirm we’ve had Google reps go through the checkout page and dropping off at payment. Although this was after our account was flagged for an infringement.

 

[WaveJumper]

Nothing to do with what I was reading about this morning I hope

Log4shell: US demands Christmas Eve deadline for hack fix

Federal agencies must protect themselves against a widespread security flaw by 24 December.

www.bbc.co.uk

 

[MikeCC]

Thanks for the input so far - interesting that others have had similar. This is John Smith with a dummy address of Buckingham Palace Road. It never changes.

 

[Alan]

Buckingham Palace Road.

Google's London office

 

[Small Business Ltd]

It's worth reading "IP address geo-locates to Google in Mountain View" (when searching via Chrome) and the info about why this may happen (IP address become a Google IP address). You are no doubt already using something like reCAPCHA. I don’t find V3 very good and to aid further for email submissions (I don't use shopping carts), I add an additional drop down box (Please select drop down box and select one option before submitting - I confirm the information I am giving is true - that sort of question - have two and do not allow submission of the form before they select one) to request human interaction before a person may submit the form. Have you / can you try that to see if it helps? It may help if the fields are being auto populated by a scripty / code and the form would not be sent until real human interaction is made via the drop down box option? All the best......

 

[14Steve14]

In the last week or so we have had nearly 30 customers create an account with google as the business name but every other bit of required customer information is rubbish, just a series of any old number and letter.

We have recaptcha on the create account page but still they get through. We have now added a maths question and the false accounts have stopped so far.

Luckily no false orders placed to date.

 

[thetiger2015]

ive never heard of Google Merchant center testing checkout... are you sure? we have quite a few clients using it and never had anyone's store tested in this way?

We have 3 websites and all have the same random sign ups. Always a John Smith or a generic london address. Creates an account in the middle of the night, adds 1 item to basket, drops out when reaching the payment page.

If we're not running Google Ads/Shopping, we only get the odd India/China sign-up. Either a bot or a person trying to work out if they can use a dodgy credit/debit card.

 

[Elliott Coleman]

We used to get them too but wrote some code to filter them out. Google can do what it wants to do but the dummy orders are never added to the database.

 

[Paul FilmMaker]

I'm B2B and had that! I had some weird emails coming through including a blatant scammer and when we traced their IP, it went to Mountain View as well. We just shrugged and moved on.

 

[lesliedocherty]

ive never heard of Google Merchant center testing checkout... are you sure? we have quite a few clients using it and never had anyone's store tested in this way?

Yes, we get it aswell

 

[AW-UK]

I wonder if whoever is doing the false orders are using Google One, as that includes a VPN and it might use Googles IP range for that? Just a thought.

 

[Graham Wharton]

Good Ads do check that your checkout is compliant, including displaying terms and conditions, contact information, and other compliance checks in accordance with Googles T&C's