Most, if not all, merchants watch out for payment-related scams and warn their employees about them in an effort to prevent their operation from falling prey. However, merchants should also be in the know when it comes to spotting and handle payment-related scams that are most commonly perpetrated against consumers. They can then share this information with their customers through printed collateral (e.g., handouts, bill inserts, messages printed on receipts, etc.) and online (e.g., on their website and via social media).
Business/Service Provider Impersonation Scams
In one common version of this scenario, consumers receive a telephone call, text, or recorded message posing as their cable, TV, Internet, mobile phone, or even utility provider, stating that they can lower their monthly bill if they make a “prepayment” to qualify for the offer. Potential victims are instructed to remit the “prepayment” using gift cards because they are partnering with a company for a promotion, and to contact them with the gift card number(s) and PINs. When victims comply, the scammers collect not only this information but other personal information—such as Social Security and/or bank account numbers, to name a few—as well.
Similarly, the Federal Trade Commission recently reported that scammers have begun impersonating utility companies and demanding that consumers make an immediate payment in order to keep their electricity on. In many cases, payments are to be made via gift card. However, in what the FTC calls the newest utility payment scam twist, Bitcoin (or another cryptocurrency) is the “required” method of payment. Consumers receive a phone call about the “overdue” charges, followed by a text message that includes the “company’s” logo and a QR code to be scanned at a Bitcoin ATM to make a payment and avoid imminent service disconnection.
A related scam is perpetrated by individuals impersonating a well-known business, such as Microsoft or more recently, Geek Squad according to the FTC. Here, consumers get a text message or email informing them that they were or will be charged hundreds of dollars to renew their user subscription or membership, unless they call a phone number within the next 24 hours to cancel it or dispute the charge.
Consumers who comply with the instructions may be asked for remote access to their computer, which in turn enables criminals to install spyware programs on victims’ computers, steal their online banking credentials, and drain money from their bank accounts. Some scammers may also ask for bank account information to “refund” consumers’ money, fake a transaction so it appears that the “refund” exceeds the amount of the original payment, and tell victims repay the “difference” by purchasing gift cards whose numbers and PINs must be shared with them.
Government Agency Impersonation Scams
Here, individuals impersonate a staff member from a government agency to trick people into sending them money or sharing personal information, such as a bank account number. Often, imposters pretend to be agents seeking “back tax payments” on behalf of the Internal Revenue Service (IRS), or employees of the Social Security Administration, informing consumers that their Social Security payments are about to “expire” or be “suspended” unless a payment is made.
The newest version of a government agency scam, according to the FTC, is one in which imposters pose as agents and officers from U.S. Customs and Border Protection (CBP). They send recorded messages telling victims that illegal items have been shipped in their name and have been intercepted, or that a warrant is out for their arrest. To “get more information” and resolve the issue, victims are told to remit payment using cryptocurrency, gift cards, or wire transfers or, alternatively, to share their bank account or Social Security number.
Fighting Back Against Scams and Scammers
As for what consumers can do to spot payment scams and safeguard themselves from becoming victims, merchants can share these tips:
- Understand that no legitimate entity contacts consumers out of the blue, demanding money or information. Hang up the phone, disregard any prompts to press a number to hear more information, ignore the text, etc.
- Do not trust caller ID. Scammers have learned how to spoof caller ID so it looks like a real phone number. Even if it has a real name, do not use it or call back. If in doubt, Google or consult old documents (such as utility bills) and initiate contact with the company (utility provider, etc.) from scratch.
- Never pay anyone who demands payment by wire transfer, gift card, or cryptocurrency, because only scammers ask for such payments. Hang up if it is a call. If contact is made via email, text, or social media, do not click on any links.
- If a “business” offers to send a check for payment (e.g., for a supposed work-at-home job) and sends instructions to deposit the check, then claims an overpayment must be returned to them, decline—or rip up any check that arrives in the mail.
- Ignore any phone calls about
- Never share personal information, such as bank account numbers and Social Security numbers, unless you know beyond a doubt that it is a legitimate entity.
- Report any scams to the FTC at ftc.gov.