The $1 auth charge pattern is really common for card testing attacks.

One thing that helps beyond Turnstile: Stripe Radar rules. You can block charges under $2 from IPs that haven't had a successful payment before, or flag accounts with multiple card attempts in short windows.

Not foolproof but adds a layer before the human review kicks in.