A WooCommerce email notifications pops up – yet another new order, money, revenue, happiness. However, hold on a second – money is not technically in your bank account until you’re forced to give a refund. Even worse, until you realize not only you had to give a refund, but also getting the item back costs you a fortune. And who knows how many times this is going to happen, mostly when you ship physical products.
Fortunately, there are ways in WooCommerce to blacklist customers, deny purchasing from specific countries, block certain IP addresses and do whatever you can to save money.
In the era of Amazon and online shopping we constantly hear of scams and frauds, so this is definitely a topic that shouldn’t be underestimated. A small plugin investment or a few lines of code could actually make a big difference.
Besides, choosing the correct online payment methods (which should give you some sort of anti-fraud out of the box) and avoiding offline payments (bank transfer, cash on delivery, check) are important measures you should already have in place.
So, moving beyond the actual online payments, there is something else we could do to stop scammers placing an order (yes, even before paying or trying to pay). Prevention is better (and more affordable) than cure, right?
I’ve put together a list of WooCommerce plugins and settings you should look into from today on. And sooner rather than later. Enjoy 🙂
1. Blacklist Countries
I already talked about payment gateways, but once again that’s too late in your ecommerce funnel to stop scammers. You should try to completely deny placing an order.
The easiest anti-fraud system, probably, is to limit the “countries you sell to” and the “countries you ship to”. I understand fraud doesn’t usually depend on the billing country, but based on your personal experience with past orders you could create a blacklist made of countries.
So, just go to WordPress Dashboard > WooCommerce > Settings and select “Sell to all countries, except…” and “Ship to all countries you sell to” (see screenshot – nothing wrong with the Aland Islands, Antarctica and Aruba – this is only an example). In this way you can immediately exclude orders from those billing/shipping countries.
2. Blacklist Specific Addresses
You might want to disable shipping or even selling to “PO Box” addresses i.e. the post office boxes, as opposed to a physical home/business address. This is a good example to explain what I mean by “blacklisting certain addresses”.
Of course there is a snippet for that on this website: https://businessbloomer.com/woocommerce-disallow-shipping-to-po-box/ – this checks if the shipping address fields contain “pobox” and if yes it denies checkout and show an error message.
3. Blacklist Specific Content in the Checkout Fields and Blacklist IP addresses
In the same way you can check if an address contains “pobox” (with the snippet above), you could re-adapt and customize the code to blacklist certain content inside other checkout fields.
For example, you could deny checkout to:
- certain zip code ranges
- email addresses that contain “hotmail“
- phone numbers that start with “0039” (sorry, Italy)
- …or whatever is entered inside a checkout field, as that is what the PO Box snippet does
This is if you have coding skills of course. If not, thankfully there’s a plugin for that.
The Blacklister for WooCommerce plugin is developed and supported by Aelia, that you’d probably know thanks to their flagship WooCommerce multi-currency plugin. This plugin allows you to blacklist names, addresses, phone numbers and email addresses using exact matches or regular expressions. And together with offering great support, this also allows you to blacklist IP addresses, using exact matches or IP ranges.
4. WooCommerce Anti-Fraud
And then there is another way to avoid frauds. This time, some sort of intelligence assigns a “coefficient of risk” to each order, and if this is above your threshold it immediately blocks the order and puts it on hold.
It would be too complex to achieve this with a short snippet, so I’m here introducing you to YITH WooCommerce Anti-Fraud plugin. You know I’m a YITH customer, so of course I’m not promoting products that I don’t use or support teams that I believe are not skilled.
So, there you go – here’s all you can do out of the box with a little investment:
- Set risky conditions e.g. first order, blacklisted IP address, failed address verification, suspicious email domains, specific countries, weird order frequency, unmatched address history, invalid PayPal accounts, unusual order totals, and so on
- Set the weight of each risky condition (low, medium, high) and define a “risk value”
- Automatically put on hold high-risk orders
If you’re experiencing any of these problems, then this plugin is the right choice.