There is this old trick whereby someone tries to modify the prices shown on a webpage by injecting queries into the form but this trick doesn't work on WP eStore.
WP eStore has post payment verification that checks the amount paid against the correct amount of the product stored in the database. So if someone dynamically changed the price on the webpage then the post payment verification of eStore will catch this and flag the transaction as a scam (no download links will be given to the customer for this payment).
More details on WP eStore's post payment verification can be found here:
http://www.tipsandtricks-hq.com/ecommerce/wordpress-ecommerce-knowledgebase-523#payment-verification
I am sure the scammer won't make a noise about it as they know that they were trying to steal, so you get to keep the money they paid too :)
So in summary, the post payment verification of eStore will fail if anyone tampers with the data and eStore won't update the database. WP eStore will automatically detect this tampering and send you (the admin) an email when this happens (with some details) so you can investigate this further.
