Under Attack: Online Sellers Face Mounting Threat from Payment Scams

Business Insights

When it comes to online shopping, it’s not just customers who can fall victim to scams. Many scams target businesses and sellers, making it essential for anyone selling goods online to understand how to avoid these pitfalls and what steps to take if their business is affected.

Business Wire reported a 71% surge in payment fraud attempts on US businesses in 2023, underscoring the critical need for online sellers to stay vigilant against practices that could jeopardise their operations and lead to financial losses.

Keeping this in mind, Dennis Pederson, CEO of PayFasto, has outlined five prevalent payment scams that online sellers should be familiar with, along with strategies on how to respond if they encounter them.

Phishing scams 

Phishing scams are where criminals try to trick people into sharing their sensitive information, such as credit card details and passwords. They typically do this by sending fake texts or emails which direct to a third-party website that resembles a legitimate business. After clicking on the link, users are encouraged to enter their personal information. 

Phishing doesn’t just hurt customers; businesses are often targeted, which can compromise the privacy and security of consumers and stakeholders. They can cause financial and data losses and cause the public to lose trust in the company, leading to a damaged reputation and further monetary loss. 

To spot phishing scams, it’s important that sellers educate themselves on phishing red flags and regularly train their employees to spot them. These can include unexpected requests for personal information, spelling and grammar errors, unknown or suspicious senders, and a sense of threat or urgency in the correspondence. Recipients should avoid clicking any unfamiliar websites and downloading attachments they don’t trust. 

There are other measures that businesses and sellers can implement to reduce the risk of being hit by phishing scams, such as advanced email filtering tools and thorough assessment of third-party communication. It’s also a good idea to limit access to any sensitive data through multi-factor authentication and to always keep digital systems and software up to date. 

Chargeback fraud 

Chargeback fraud – also known as friendly fraud – is when a seemingly well-intended customer makes a purchase with their credit card and then disputes the legitimate charge with their bank. These people request a chargeback after receiving their order, typically claiming that they did not receive the item or that the payment was unauthorized in an attempt to receive a refund. 

This is different to true fraud, where a third-party bad actor makes a transaction using stolen personal information and the genuine cardholder files a chargeback for an unauthorized purchase – those who commit friendly fraud seem otherwise trustworthy. These scams can be destructive to internet vendors, who must pay much of the losses when a bank accepts the dispute.

Good communication is key to preventing friendly fraud. It’s important that online businesses put merchant names and transaction details in banking apps to avoid customer confusion and that email confirmations are sent promptly after purchases are made.

Sellers should enable package tracking and delivery updates to ensure that consumers receive their goods. Internet vendors should enforce good customer service and inform recipients of delays. As well as this, it’s ideal to enact two-factor authentication for payments and verify any suspicious-looking purchases (e.g. large orders) before shipping. 

Return fraud 

Return fraud is similar to chargeback fraud and occurs when a customer attempts to get a refund by manipulating the seller’s returns process. This might involve returning a different item, claiming the product arrived defective or exploiting the terms of the returns policy. They ask for a refund despite not being legally entitled to one. 

These scammers might use the items for a one-off event – for example, a high-end camera to take on holiday or an expensive dress to wear to a wedding. They might return these items claiming that they are unused, thereby flouting the terms and conditions of the returns policy by requesting a refund. 

To lower the chance of experiencing return fraud, sellers should develop and share clear, non-negotiable return policies and always follow them while processing returns. For example, items not returned in their original condition, without attached labels or that appear to be used should not be refunded.

Strict checks should be implemented to ensure that customers receive and return the correct item in perfect condition, and measures such as delivery tracking should be introduced to confirm that orders are not lost. It’s also recommended to monitor transactions for unusual activity and suspicious customer patterns. 

Merchant fraud 

Merchant fraud is defined as scammers posing as real businesses to deceive their customers and make illegal profits. They might create fake online stores that let consumers unwittingly make purchases, often at temptingly low prices. They may then send a counterfeit or low-quality product, or no product at all. While this directly targets consumers, businesses are hurt as a result. 

Merchant fraud can harm a company’s reputation and incur financial loss through chargebacks and other financial liabilities. They can be subject to legal consequences, such as lawsuits and fines if it’s determined that they neglected to maintain proper fraud prevention measures. If rates of merchant fraud in a particular industry are high, businesses can be impacted by higher payment processing fees due to the elevated risk. 

A major way that businesses and sellers can combat this is by ensuring that the company name, logo and transaction details appear on bank statements to distinguish legitimate purchases from fraudulent transactions at fake stores, preventing chargebacks. 

Implementing clear terms and conditions, secure payment methods and multi-factor authentication will also signal to consumers that the business remains trustworthy in the event of merchant fraud. On top of this, it’s good practice to stay aware of the best ways to prevent fraud and ensure that fraud prevention measures and software are being maintained.

Wire transfer fraud 

Wire transfer fraud involves a fraudster deceiving someone into sending money through a bank transfer. They may impersonate trusted individuals and organizations, such as suppliers or the CEO of the business. They create fake invoices urging the victim to send money, often playing on their emotions and exploiting the pressure they may be under. These scenarios can be very realistic and convincing, and the victims often send the money over in a rush to remedy the situation. 

This money is sent over instantly and it’s very hard for businesses to recover it. Sellers impacted will want to contact their bank as soon as possible to stop the transaction from completing. Naturally, it’s best to prevent this from happening altogether. As a rule, sellers should never send money in an unplanned, unexpected manner, and transactions should always be approved by multiple people.  

Businesses and employees should avoid sharing any private company information with third parties. Improving cybersecurity protocols, in general, is a good way to prevent wire transfer fraud; use strong passwords, guard company or seller banking details, and enforce multi-factor authentication when logging into the company’s network.  

Ultimately sellers and employees must constantly remind themselves to ignore any unexpected invoices for money – if in doubt, always get another opinion and confirm the validity of the request before fulfilling it.