Recommender systems can effectively alleviate the problem of information overload caused by the rapid development of the Internet. However, the occurrence of shilling attacks restricts the healthy development of recommender systems. Therefore, how to detect shilling attacks accurately and efficiently is an important problem in the field of recommender systems security. The existing detection methods usually design hand-crafted detection features based on expert knowledge or automatically learn features from a single perspective using deep learning, then the attack users are identified according to the extracted features by hard classification, resulting in the poor detection performance. By automatically learning features from multiple perspectives and introducing a hesitant fuzzy decision, a novel detection method based on CNN and hesitant fuzzy set was proposed and named CNN-HFS. Firstly, for each user, three behavior matrices were extracted from the perspectives of rating, preference and rating time, respectively. To reduce the influence of data sparse, these matrices were scaled by bicubic interpolation to correspondingly obtain a dense rating matrix, a dense preference matrix and a dense time matrix. Next, each scaling matrix of users was regarded as an image, and three different CNN classifiers were trained based on these scaling matrices in three different views respectively. For each user, three membership degrees to the classifier of attack users were calculated. Finally, a fuzzy hesitant set was introduced to make a comprehensive decision, and the attack users were identified according to the decision results. To validate the effectiveness of the proposed CNN-HFS, the extensive experiments were conducted on the MovieLens 1M and Amazon datasets. The evaluation metrics of precision, recall and F1-measure were used to compare the proposed method with SVM-TIA, CoDetector, CNN-SAD, SDAEs-PCA, CNN-R, CNN-P and CNN-T. The experimental results showed that the proposed method is superior to seven baseline methods in terms of three detection metrics and achieves an excellent detection performance under various attacks.