How to Protect Your Business from Common Online Payment Scams | Heartland

Saturday, January 30, 2016

As security technology evolves, so do common business scams. Updated payment processing software and the latest security offerings can help, but to protect your business, you must get back to the basics of how to detect scams: awareness and information.


According to the Federal Trade Commission (FTC), scammers are masters at manipulation tactics that trick even the most competent business owners. Bad actors will often pretend to be someone or a business you know and create a sense of urgency, fear, or intimidation. They ask to use untraceable payment methods. Wire transfers, reloadable cards, gift cards are almost impossible to reverse or track. Or, they use payment scams online that are hard to detect until it’s too late.

The Association of Certified Fraud Examiners says that businesses lose 5% of their total revenue to fraud. Small businesses are at significantly higher risk for payment, billing, and payroll fraud than larger organizations.

To protect your business, learn to identify the most common online business scams.

Card-Not-Present fraud

Card-not-present (CNP) transactions don’t require a physical credit card for a purchase to be processed. They mostly happen on e-commerce sites or via mobile and in-app payments but can also occur with transactions handled over the phone. Criminals will use stolen credit card information to make purchases, and the merchant may not become aware of the fraud until the true owner of the card reports it to the credit card company. A Juniper Research analysis predicts that card-not-present fraud will end up costing retailers more than $130B between 2018 and 2023.

How to protect your business from card-not-present fraud: Red flags should go up when you see the following signs: very large and costly online orders, different shipping and billing addresses, details that don’t match, like the name on the credit card and the name on the email address, different country codes on contact and billing information, email addresses that look spammy. Add extra steps when a purchase is made — delay shipment on large orders by a day or two. Criminals like to do quick transactions, which helps them escape detection. It’s also helpful to require that customers register on your site and provide personal information.

Credit card overcharge scam

In this scheme, someone reaches out via email or on your website to make a large purchase or engage your business for a project, and they want to pay you with a credit card. They also give a convincing reason why they need you to add an extra amount to their charge and then wire that money to them or another person. Perhaps they tell you to take a fee off the top for doing so. It all sounds innocuous. They’re paying for it, right? Days later, you get a notification that the cardholder denies having authorized the transaction — it was a stolen credit card number, and now your business has to refund the entire amount.

How to protect your business from credit card overcharge scams: Only charge a customer’s credit card the amount of their purchase. Make sure your employees know this policy. You’ll also want to have credit card verification steps in place.

Chargeback scams

Another type of credit card fraud uses chargebacks. In this scheme, rather than properly returning a purchase according to your return policy, a customer will make a claim to their credit card company that the product they purchased from you was defective or they never received it. Because of consumer protection guarantees, the vendor has to refund the purchase amount and pay a chargeback fee to the credit card company.

How to protect your business from chargeback scams: To reduce the risk of a customer taking this route, make your return policy uncomplicated and hassle-free. When someone asks to return something, even if your standard window for doing so has passed, try to work things out. Offer an exchange or in-store credit. Train your staff well on how to handle returns.

There’s no way to prevent criminals from trying to defraud your business. Still, you can reduce their ability to succeed by being vigilant and training your staff to do the same. If you become a victim of fraud or identify an attempt, report it immediately to the proper authorities, including the FTC. You can find helpful and current information on their site about fraud and scam trends. Information is your best weapon to avoid becoming a victim of fraud.


Heartland is the point of sale, payments and payroll solution of choice for entrepreneurs that need human-centered technology to sell more, keep customers coming back and spend less time in the back office. Nearly 1,000,000 businesses trust us to guide them through market changes and technology challenges, so they can stay competitive and focus on building remarkable businesses instead of managing the daily grind. Learn more at