Getting orders with faked/false data

Question

Since about 2 weeks we're getting about 2-3 faked orders each day in one of our Magento stores (v1.5.1). Every order is placed following the same scheme:

• the user visits the storefront
• accesses 1 or 2 random products from the frontpage
• order is placed with faked data:
  • the addresses seem legit (street + zipcode/city do exist)
  • all addresses are in the same region/province
  • every order is using the same payment method (debit payment with valid bank code)
  • phone == fax with two leading zeros: 00...
  • email adresses look spammy: uedjloa@gmail.com qfjfe07@live.de ..

The order process from first visit until the order is placed always takes about 3 minutes. The IP addresses are always different (but not from foreign countries). The user agent is always Mozilla/5.0 (Windows NT 5.1; rv:21.0) Gecko/20100101 Firefox/21.0

At first this all looks to me like some automated testing, but then why are all orders placed from different IP addresses? Why is the address valid except the name?

Any help or thoughts on that?

Answer 1

Just in case somebody else stumbles upon a similar case. The question is now cleared: The fraud orders came from some affiliate site. Of course now it makes sense that they were not looking spammy at all except of the email address. So always be sure to check if the site is taking part in any kind of affiliate program.