• Developers
  • Reporting
  • Disputes
  • Contact us
  • Log in

Main Navigation

  • Account

      Account

        • Customer docs & pricing

          Find important documents such as our Terms of Service and Merchant Operating Instructions, as well as more information on things like Stored Credential Transactions and the Account Updater Service

        • Compliance & security

          For more information on Strong Customer Authentication, PCI Compliance, and fraud prevention best practices

        • Stationery ordering

          Order your tally rolls, card scheme logo stickers, and more

        • FAQs

          Our FAQs can help you with queries including pricing changes, cleaning and restarting your terminals, and Multi-Factor Authentication

  • Products

      Products

        • POS help
        • Ecommerce help
        • Bank Payment
  • Insights
  • Trending Articles
Sign up
Search

Main Navigation

  • Account
      Account

      Account

    • Customer docs & pricing
    • Compliance & security
    • Stationery ordering
    • FAQs
  • Products
      Products

      Products

    • POS help
    • Ecommerce help
    • Bank Payment
  • Insights
  • Trending Articles
    • Developers
    • Reporting
    • Disputes
    • Contact us
    • Log in
    Sign up /en-gb/sitecore/content/gpn/corporate/corporate/home/modals/signup-homepage

Sidebar Navigation

  • Account -
    • FAQs +
      • Pricing frequently asked questions +
      • PCI Frequently asked questions +
      • Best practice for cleaning your POS device(s) +
      • Terminal restart guide +
      • CNP FAQs - resubmitting declined transactions +
      • Multi-Factor Authentication for Global Payments Ecommerce Portal +
      • Ecommerce FAQs +
      • Bank Payment FAQs +
      • Your invoice explained +
      • How do I make a complaint +
    • Customer Docs & Pricing +
      • Terms of Service +
      • Merchant Operating Instructions +
      • Interchange fee update +
      • Recovered card form +
      • Mastercard and Visa Interchange rates +
      • Merchant Data Processing Notice +
      • Enhanced Authorisation Data Service merchant implementation guide +
      • Stored Credential Guide +
      • SCT Technical Implementation Guide +
      • SCT Decision Tree +
      • Account Updater Service +
      • Account Updater migration to UK Ensurebill +
    • Compliance & Security -
      • Ecommerce fraud management +
      • Know the risks +
      • Online Card Not Present Best Practices +
      • Fraud Hints and Tips Guide -
      • Reducing Risk of Fraud Guide +
      • Guide to Patching +
      • Know the risks +
      • What To Do If You're Compromised +
      • PCI Frequently asked questions +
      • SCA +
        • One-off payments without saving card details
        • One-click payments without saving card details
        • Card saved for recurring, automatic payments
        • Payment over the phone (MO/TO)
        • What Do I Need to Do to Be SCA Compliant?
        • PSD2 and SCA Technical Information Guide
        • Strong Customer Authentication Decision Tree
        • How to use the Strong Customer Authentication (SCA) Authentication Outage Indicator
    • Stationery ordering +
    • How do I understand my invoice? +
  • Products +
    • Point of Sale Help +
      • Quick Start Guide Miura M10 Device +
      • Quickstart Guide Miura M20 Device +
    • Ecommerce Help +
      • Transaction management +
      • Customer management +
      • Fraud Management +
      • Resetting your password +
      • Virtual Terminal +
      • Ecommerce portal navigation +
      • User Management +
      • Transaction reporting +
      • Ecommerce FAQs +
    • Bank Payment +
      • Bank Payment FAQs +
      • Bank Payment sales sheet +
  1. Home
  2. Account
  3. Compliance & Security
  4. Fraud Hints and Tips Guide
Last updated 01/25/2023
2 Min Read Time

Fraud Hints and Tips Guide

FRAUD PREVENTION 

Hints & Tips to help protect your business 

Fraudsters have many ways of targeting businesses, whether anonymously online, posing as a customer or in your employment. This guide aims to provide you with some popular hints and tips for identifying potential fraud to help you protect your business. 

1. Be sceptical 

If it sounds too good to be true, it probably is. Always approach deals/new business opportunities/transactions with an open, enquiring and questioning mind. 

2. Know your business inside out 

By having a thorough understanding of your business, it’ll ensure that you know: 

  • How it operates 
  • The staff you employ 
  • The products and services it provides 
  • Your target market and your business obligations, both legal and regulatory 

All this will help you detect when something isn’t right. 

3. Know your customers and suppliers 

Understanding who you do business with will help you identify occasions where a seemingly ordinary business request or transaction looks out of the ordinary for that customer or supplier and may be potentially fraudulent. It’s important that you conduct due diligence using a risk based approach – verify the legitimacy of the customer/supplier details you have stored on file/record as well as online searches. 

4. Identify areas where your business is vulnerable to fraud 

Take time to imagine how a fraudster may target your business, internally and externally, and consider testing the systems you’ve put in place to reduce your exposure to fraud/risk. Train your staff on those systems and review them on a regular basis. 

5. Develop a strategy and talk about fraud 

Consider a prevention strategy that details controls and procedures to prevent and detect fraud that’s adequate and appropriate for your business. Staff will look to you for guidance as to what behaviour is acceptable. Talk about fraud with your staff, suppliers and any other contacts. Your staff should understand the risks and impact of any losses on the business and to themselves. 

6. Take extra care with all things cyber 

With increasing threats from cybercrime, make sure that your business technology/website is adequately protected against attacks. Make sure that you backup your systems in case they go wrong. 

7. Understand your finances 

Understand how money leaves your business/bank account. For example, methods of payment, who has the authority to make those payments and who checks that those payments are legitimate. Always check your bank statements! 

8. Secure and protect your property 

This includes laptops/computers, smartphones and intellectual property. Consider obtaining business insurance to cover these items if they’re compromised and/or stolen. Using and maintaining inventories can also protect your business. 

9. Develop an action plan 

You should consider where you might need professional or legal advice. While prevention is better than the cure, it’s important for you and your business to be prepared for the worst. Having an action plan in place will help limit your losses to fraud and help ensure that your business doesn’t suffer damaging losses. 

10. Always report fraud and get help 

Action Fraud is the UK’s national fraud reporting centre where you should report fraud if you’ve been scammed or defrauded. It’s a central point of contact for information about fraud and financially motivated internet crime. Report online at actionfraud.police.uk or by telephone on 0300 123 2040. Report to your local police if the suspect is known or still in the vicinity. 

11. Checking cards – when the customer is present 

When customers are paying by card, whether debit or credit card, check the following: 

  • That the printed digits above or below the first four embossed card numbers are the same. This security measure features on both Mastercard and Visa cards. With counterfeit cards, these four digits are often missing or rub off if you run your finger over the digits. On payment cards that have been counterfeited, they might not match the embossed details. 
  • Check card receipts to make sure that the number on the card matches with the number on the receipt.
  • If you’re accepting a non-chip and PIN card payment, keep hold of the card while the person is signing. This is so a fraudster can’t easily copy the signature. 

If you’re at all suspicious of any of the above and you believe that your customer checks have failed, you should contact your card terminal provider’s/acquirer’s Authorisation Centre. 

12. Know your staff 

Employee fraud poses a serious risk to your business and, if your business is small, it can have a greater impact on the success of the business. Be aware of possible indicators: 

  • A new member of staff resigning shortly after joining 
  • Staff with financial difficulties 
  • Staff with a sudden change in lifestyle – cars/holidays etc. 
  • A pattern of customer complaints 
  • Change in behaviour by a staff member, for example, retracting from others 
  • A drop in performance 
  • Suppliers/contractors insist on dealing with one individual 
  • Staff on sick leave but working elsewhere 
  • Abuses of flexible working time systems 
  • Computer misuse 
  • False references or false qualifications used to secure employment 
  • Check the End of Day/Z totals – ensure any refunds are for genuine customers/known transactions 

13. Fraudulent refunds 

Members of staff/customers have been known to process refunds to their own card(s): 

  • Make sure that you control who has access to the supervisor/refund PIN 
  • Change the generic PIN that comes with a new card processing terminal 
  • Ensure that this is changed regularly, particularly upon staff leaving 
  • Ensure that you have processes in place to help you spot unusual refund activity 

14. Phone scams 

If anyone calls your business purporting to be a card processing terminal engineer, from Visa or Mastercard or even your card processing terminal provider/acquirer, asking for card details of the most recent transactions processed, don’t give them any information and alert your card processing terminal provider/acquirer. A variation on this is where the caller will state that there’s a fault with your terminal and that they need to test it by asking you to process a card transaction using one card and then a refund using a different card. Don’t process these transactions, as your business will suffer a financial loss equal to the value of them. Alert your card processing terminal provider/acquirer. 

15. Customer distraction 

A fraudster may attempt to distract you when they’re entering their PIN into the card processing terminal. This is so they can enter a dummy/false authorisation code. Be wary of a customer that holds onto the card processing terminal for longer than is strictly necessary. 

16. Referred transactions 

Occasionally, when completing a card transaction on your card processing terminal, you may receive a message: ‘CALL AUTH CENTRE’ on the terminal screen. This is because the card issuer wishes to undertake further verification of the customer/cardholder. Should this occur, contact your Authorisation Centre at once and never accept an authorisation number from the customer or from a caller claiming to be from the cardholder’s bank. Such codes aren’t genuine and may result in a financial loss to your business. 

17. Stolen terminals 

Be wary of where you leave your terminals and train your staff to keep them out of sight when not in use. Fraudsters can easily steal these and process refunds onto their own cards. Upon receipt of your terminal, ensure that you amend the supervisor’s code for refunds so that it isn't set at the default; this can be easy for the fraudster to guess or research online. 

18. Removing the ability to take CNP transactions 

If you know that your business doesn't need to take card holder not present (CNP) transactions, then ask to have this functionality removed from your terminal. This reduces the risk of unauthorised payments going through your facility. 

If you have any questions, or need advice on what to do, you can call the Global Payments Fraud Team on 0116 252 4984* or email fraud.risk@globalpay.com 

 

  • Account
  • Products
  • Customer Docs & Pricing
  • Compliance & Security
  • Industry news
  • Trending articles
  • Notices and Policies
  • Sitemap

Already a customer?

Log in

Connect

  • LinkedIn
  • Twitter
  • Facebook
  • YouTube
{D6036E8F-C9A1-420D-AEC3-5680EC9FBE35}
 

Global Payments is a trading name of GPUK LLP. GPUK LLP is authorised by the Financial Conduct Authority under the Payment Services Regulations 2017 (504290) for the provision of payment services and under the Consumer Credit Act (714439) for the undertaking of terminal rental agreements. GPUK LLP is a limited liability partnership registered in England with company number OC337146. Registered Office: Granite House, Granite Way, Syston, Leicester, LE7 1PL. The members are Global Payments U.K. Limited and Global Payments U.K. 2 Limited. Service of any documents relating to the business will be effective if served at the Registered Office.

Global Payments is also a trading name of Pay and Shop Limited. Pay and Shop Limited is a limited company registered in Ireland with company number 324929. Registered Office: The Observatory, 7-11 Sir John Rogerson's Quay, Dublin 2, Ireland. Service of any documents relating to the business will be effective if served at the Registered Office.

© 2023 GPUK LLP. All rights reserved. Privacy Statement | Terms of Use  | Ethics Reporting Hotline | Gender Pay Report  | Anti Slavery Statement