How to block fraud customers by suspicious email addresses in WooCommerce?

By Nimesh Patel 12 min Read

Table of Contents

    WooCommerce fraud isn’t a new thing. Spammers and hackers are all over the web, looking to intrude the private space. As a WooCommerce store owner, this is something that you must be aware of and even undertake measures to prevent and block fraud customers.

    But how?

    Before getting into the how part of the discussion, let’s understand what WooCommerce fraud is.

    A majority of website managers consider WooCommerce fraud to be relative to website security. However, reality has a different tale to tell. Not only does it is not related to the security protocols but it is totally opposite. So, what does that mean??

    Challenges with WooCommerce Fraud

    Website security is primarily related to hackers entering the online store and accessing the data. On the other hand, WooCommerce could be anything from placing a fake order to canceling orders just before delivery. WooCommerce fraud includes fraudulent transactions, but it isn’t limited to this.

    Not sure how this works?

    Let’s understand this through an example.

    Consider that you have a WooCommerce store that sells aesthetic items and antiques to customers worldwide. You have certain limitations on the area and add an extra shipping fee for delivery to places outside your country.

    Recently, a new customer placed an order worth $5k. A huge one and you are excited about the delivery of the same. You get your team working on the packaging and shipment of the product. Since it is a wooden product, you need to take extra care and have the handle with care label attached.

    Delivery package

    It takes around two days to ship the product. All necessary precautions have been taken, and the product has arrived at the customer’s city. Surprisingly, you are one day ahead of the delivery date. Considering that you will delight your new customers faster, the product is ready to be delivered.

    As soon as the delivery executive reaches the address given, he tries to call the customer. And the voice reads:

    The number you are calling is switched off.

    The delivery executive then knocks on the door, asking for Mr. Robin, but a lady comes out and denies anyone named Robin staying at the location. The executive tries to tell her that an order has been placed but she stays on her word.

    After a few hours, you learn about the situation and ask your team to connect with the customer. Still, the number isn’t reachable. The product is back at your warehouse.

    So where’s the loss?

    Even though you were not charged for the product, you spent a significant share of money on packaging, shipment, and delivery. Not to forget the time and effort spent on getting the product ready to be shipped.

    This is one case and might not matter much. But imagine facing a similar situation every now and then. Considering the popularity of WooCommerce stores and the number of orders witnessed in a day, these fake orders might cost you high. And this is why you need to be vigilant and take steps to avoid the situation from repeating in the future.

    Wondering how to block orders?

    WooCommerce Fraud Prevention

    Equip your store with our feature-rich fraud prevention plugin to reduce risk and safeguard your profits.

    WooCommerce Fraud Prevention Banner 1

    Solution: The WooCommerce Fraud Prevention Plugin

    The WooCommerce Fraud Prevention Plugin is designed to help you block fraudulent customers by identifying suspicious email addresses and other parameters.

    This feature-rich plugin version offers a variety of methods to prevent fraudulent actions, such as enabling parameters to block users during user registration, at checkout, and even via domain names associated with fraudulent activities.

    WooCommerce Fraud Prevention Plugin 1
    Figure 1 – WooCommerce Fraud Prevention Plugin by DotStore

    Moreover, the plugin provides solutions to block users based on their first and last names, IP addresses, email IDs, domain extensions, mobile phone numbers, and web browsers.

    For a geographical-focused approach, you can block users from specific states, ZIP codes, and shipping zones. You can even block users based on their user role, whether they are wholesale buyers, admins, store managers, etc.

    To balance the rigid rules, the plugin allows you to whitelist specific emails and payment methods to bypass the fraud checks. And if there’s a chance of false positives, you can manually review the blacklisted users to ensure no genuine customer is wronged.

    Features of the WooCommerce Fraud Prevention Plugin

    Here are a few useful features of this plugin for preventing fraudulent orders and activity.

    01 1024x528 1

    1. Set rules to detect false orders

    With this anti-fraud plugin, store managers can easily set up rules and conditions that help differentiate between fraud orders and legitimate ones. The rules can be based on the city, the customer type, the order, or the products. The WooCommerce Anti-fraud plugin is 100% customizable and can be used per business needs.

    2. Block customers based on the shipping address

    Whether it is the country or the city, the state, or a particular shipping zone, the WooCommerce Anti-fraud plugin offers the flexibility to create rules based on all of the above and prevent customers from those regions from placing an order.

    3. Block customers at the registration/checkout page

    The plugin has an option where you can select when to blacklist a customer. It could be either at the time of user registration or when a customer is placing an order. Depending upon the rule created, blocking customers at the registration or the checkout page is pretty easy.

    4. Block user based on the name

    Found someone with a particular name faking orders? Don’t worry, the plugin has an option where you can block a person by his name, preventing the same to place an order. Note: not all customers with a name would be a fraud. The plugin allows you to set custom messages to notify the blocked customers on the next step/process.

    5. Block user based on their user role

    Found your editor spamming the store with fake orders? The WooCommerce Anti-fraud plugin has the provision where you can block users by their role, prohibiting them to make an order. The plugin has different roles listed ranging between the editor to the subscriber, the manager, etc.

    6. Set custom messages

    Another feature that makes this plugin an excellent choice for blocking customers is the ease of adding custom-fit messages for each of the blocked categories. You can have separate messages for each of the fields. For instance, blocking a customer at the time of registration could have a message like:

    Sorry, this email address has been blocked. Connect #0123-2555222 to connect with our customer support team and resolve the issue.

    How To Set up the WooCommerce Anti-fraud Plugin?

    Wondering how to use the plugin?

    Setting up the WooCommerce Anti-fraud plugin is easy and doesn’t require you to have any technical knowledge. To begin with:

    • Visit the WordPress admin dashboard
    • Login and go to Plugins
    • Click on Add new and enter WooCommerce Anti-fraud plugin in the search bar
    • Click on Install
    • Once installed, Activate the plugin

    Once you have activated the plugin, you can use it to block fraud customers and prevent them from placing an order.

    Here’s a quick walkthrough of how the WooCommerce block email address plugin works with plugin settings such as the payment gateway, risk score, order page, order status, billing address and automatic blacklisting…

    To help you understand how to block a customer based on the email address, let us walk down a hypothetical scenario.

    Use Case: Blocking a Customer Based on Email Address

    Suppose that a customer with the e-mail address is trying to place an order. Earlier the same email address has been used but the product went undelivered. Since it was the first time that a fraud transaction took place, you avoided the same.

    Now Robin places an order and opts for cash on delivery. Three days later the product is out for delivery but the address appears to be wrong. There doesn’t exist any such block as listed in the address of the customer. You recognize the last incident and now you want to take steps to avoid such a situation from happening again.

    The WooCommerce fraud orders prevention plugin helps you do the same.


    1. Click on the plugin in the dashboard and select the name of the plugin.
    2. The page that opens will have multiple fields to be entered. Since we are blocking the customer based on the email address, we will scroll down to the tab that says email address. The field allows you to enter more than one email address at the same time. Separate each of them from a comma or you can upload a file with the list of email addresses that need to be blocked.
    3. Make sure you have selected the type. You can either select the registration checkbox or the checkout page. You can also select both of them to prevent the already registered users from placing an order with the said email address.
    4. Scroll down and add a custom-fit message that would be displayed at the time of blocking. Meaning that after blocking a customer, the plug-in would display a message notifying the customer about why has he/she been debarred from placing an order. For instance: Sorry, the said e-mail address has been blocked. Connect with the admin to know more about the issue and complete the process.
    5. Make sure you save the changes made before exiting the plugin page.

    Following a similar method, you can block fraudulent customers from placing an order based on name, address, city, zip code, etc. Also, add a customized message for the same.

    In addition to using the WooCommerce Fraud Prevention Plugin, there are several other actions you can take to further enhance the security of your WooCommerce store.

    Enhance WooCommerce Store Security 1

    1. Perform Regular Backups: Regularly backup your website data. In case of any cyberattack or data loss, backups ensure that you minimize your downtime and can recover your data quickly.
    2. Regularly Update Plugins and Themes: Outdated plugins and themes can leave your website vulnerable to attacks. To maintain optimal security, ensure you update these regularly and promptly install patches when released by the developers.
    3. Use a Secure Hosting Provider: Select a reputable hosting provider that offers server-level security features, such as firewall protection, regular backups, and daily malware scans. A secure hosting provider can prevent hacking attempts and ensure the safety of your WooCommerce store.
    4. Enable Two-factor Authentication (2FA): 2FA adds an extra layer of security to your WooCommerce store by requiring users to prove their identity through a second method, such as receiving a code via text message or approving access via an authentication app. Enable 2FA for administrative accounts to minimize the risks posed by stolen passwords.
    5. Limit User Access: Restrict access privileges only to team members who require it, avoiding granting complete administrative rights to multiple users. Assign specific roles based on the scope of their responsibilities, minimizing possible damage that could stem from unauthorized access or malicious insiders.
    6. Monitor Website Activity: Keep a close watch on your website’s activity. Unusual patterns or abrupt changes could suggest possible cyber threats. Using a security plugin can help automate this process by sending alerts for any suspicious activities.

    Taking these additional steps will ensure a safer shopping environment for your customers and provide further protection for your eCommerce business. 

    Remember that online security should be a top priority and an ongoing effort. Regularly assess and update your security measures to stay ahead of ever-evolving cyber threats and maintain a secure WooCommerce store.


    In conclusion, preventing fraud is a significant part of running a successful WooCommerce online store. No business can afford the loss of time, effort, and resources that come with fake orders, and security measures need to be in place to bring those issues down to the absolute minimum.

    Our WooCommerce Fraud Prevention plugin empowers shop owners with a robust and flexible defense system targeted especially against fraudulent transactions. Allowing you to block potentially fraudulent users based on various parameters like suspicious email addresses, geographical location or even specific user roles.

    The world of e-commerce is constantly evolving, and online fraudsters are getting more sophisticated. Therefore, adopting such protective measures won’t just give you peace of mind, but also significantly improve your business’s bottom line.

    If you’d like to learn more on how to on hold a fraud order on WooCommerce or set up fraud protection in WooCommerce, do feel free to explore our detailed guides. The safety of your store, customers, and your peace of mind is our primary concern. Together, let’s make your online store a safer place for genuine customers.


    How do I block email addresses in WooCommerce?

    To block email addresses in WooCommerce, you can utilize the WooCommerce Fraud Prevention Plugin from DotStore. With this plugin, you can block all unwanted spammy customers with filters such as Email, IP Address, State, and Zipcode.

    What is the best anti-fraud in WooCommerce?

    The WooCommerce Fraud Prevention Plugin from DotStore is a comprehensive solution for preventing fraudulent activities on your WooCommerce online store. The plugin offers features like setting up rules to detect false orders, blocking customers based on their shipping address, user role or name, and customized messages for all blacklisted users.

    How do I block bad users on WooCommerce?

    To block bad users, navigate to WooCommerce > Settings > Email, and then scroll down to the anti fraud tab and Email Blocking section. In this area, you will find a list of email addresses that WooCommerce has already blocked. To block a new email address, simply add it to this list and click the “Save Changes” button.

    Can I blacklist a customer in WooCommerce?

    Yes, you can blacklist a customer in WooCommerce using the WooCommerce Fraud Prevention Plugin from DotStore. The plugin allows you to effectively block or blacklist customers based on various block conditions like name, email address, user role, and shipping address.

    WooCommerce Fraud Prevention

    Equip your store with our feature-rich fraud prevention plugin to reduce risk and safeguard your profits.

    WooCommerce Fraud Prevention Banner 1
    Author Image

    Nimesh Patel

    Nimesh Patel is the Product Manager and Growth Hacker at Dotstore. For the past 10 years, Nimesh has been a prolific marketer and product builder in the WordPress and e-commerce industry.

    Protect your store & users from online attacks

    Protect your store & users from online attacks
    0 Shares facebook twitter linkedin
    Author Pic

    Written by Nimesh Patel

    I am a Product Marketer and Growth hacker with expertise in Digital marketing, Search engine optimization (SEO), Email Marketing, Paid Campaigns on Facebook and Twitter, Content development strategies, and Competitive Research & Analysis. Nimesh is Product Manager at