Falling victim to payment fraud is a nightmare scenario for any business. As well as creating financial consequences such as chargebacks, it can damage customer trust and affect your reputation, potentially limiting your future growth prospects.
So what can you do to understand and mitigate this risk? Education and awareness are essential, since the more you know about different types of payment fraud and their warning signs, the better prepared you'll be to tackle them.
6 common types of payment fraud
It's crucial that your company is able to accurately verify and process customer payments. Furthermore, employees responsible for managing your own accounts should be following rigorous processes to ensure every payment they authorize is secure and going to the right recipient.
A key step in educating customers and employees alike is making them aware of common fraudulent practices such as:
- Phishing: A common criminal tactic is sending seemingly legitimate emails or messages to recipients asking them to share private information such as credit card or bank account details. Nearly three-quarters (74%) of organizations in the US were victims of successful phishing attacks in 2020.
- Clean fraud: This type of fraud occurs when criminals are able to obtain all of the customer data required to make a purchase - such as a credit card number, expiration date and CVV number - and complete a transaction that appears entirely legitimate. This leaves the merchant liable for chargebacks and lost merchandise when the fraud is discovered.
- Friendly fraud: This practice involves customers making a purchase with their own credit card, then contacting their card issuer to initiate a chargeback, possibly by claiming the item wasn't delivered or was returned but they didn't receive a refund.
- Merchant identity fraud: Fraudsters often attempt to pose as legitimate merchants by opening a fake account so they can process transactions and steal the funds.
- Authorized push payment fraud: APP fraud involves the use of manipulative tactics to coerce either a consumer or a business employee into making a payment to the perpetrator's account. In the UK alone, APP scams led to losses of £583.2 million in 2021.
Knowing some of the most common types of payment fraud is just the first step in protecting your company and customers from illegal practices.
Equally important is the provision of education and information to help people spot the most common warning signs of fraud.
1. Messages requesting urgent action
A major warning sign of phishing that your customers and employees should be aware of is the sending of messages asking for an action to be taken as soon as possible. Fraudsters often use tactics such as requesting that people make an urgent payment or submit their details online to recover their account after a breach or loss of access. It's always best to view these messages with a healthy dose of skepticism and take independent action to verify the claims being made.
2. International orders
Orders from overseas aren't necessarily fraudulent, of course, but should involve additional checks and layers of security. This is because fraudsters know it's harder for them to be caught and prosecuted in foreign countries, so they're likely to focus their attention on international markets.
3. High numbers of transaction attempts and declines
If you detect an unusually high number of attempted card payments and declines - particularly linked to unvalidated accounts - it could be a sign of card testing. This is when criminals try to make purchases to check the validity of card information they have acquired illegally.
4. Unusually large purchases
Make sure you're collecting and analyzing data on normal customer buying patterns, so you can spot attempts to make unusually large purchases. Fraudsters who have obtained a customer's credit card details will want to make the most of it before the theft is discovered, so they often try to rush through big orders. It's the merchant's job to be vigilant to this sort of activity.
5. Logins from new IP addresses
If you notice that a seemingly legitimate customer has logged on from a new or unknown IP address, it could be a sign that a fraudster has gained access to their login details and taken over their account. It's also possible that the user is genuinely logging in from a different location, but you should use additional checks to verify their identity before approving a transaction.
6. Multiple payment cards
High-quantity orders with a single name and address but multiple payment cards should be viewed as a big red flag. This could be a sign of fraudsters attempting to take advantage of multiple sets of ill-gotten card details at once, so transactions meeting this criteria should be subject to stringent security checks.