Fraud Awareness

Fraudulent actors use several methods to commit payment fraud. Here are some of the most common tactics: 

Phishing 

What it is: 
Phishing is a type of social-engineering attack. In phishing, fraudulent actors use fraudulent emails, text messages or websites to trick individuals into disclosing sensitive information such as log-in credentials and credit card information. 

Phishing attacks are usually carried out through emails that look like they are from a trusted source, such as a bank or a reputable online retailer. The email may ask the recipient to click on a link to update their account information, verify a recent transaction or claim a prize. When the recipient clicks the link, they are directed to a fake website where they are prompted to enter their log-in credentials, credit card information or other sensitive data. 

How to prevent it: 
To protect against phishing attacks, be cautious when clicking links or opening attachments from unknown or suspicious sources. Stay alert for common tactics used by fraudulent actors, such as urgent or threatening language, misspelled words or suspicious links. Using antivirus software can also help protect against phishing attacks. 

Vishing 

This is a two-step method and that involves a fraudulent phone call using information they may have previously obtained online. 

Once the fraudster has obtained stolen information online they will call the victim on the phone, claiming to work for the bank/company. Using particularly alarming messages (such as there has been a safety breech we need to rectify) the fraudster will then try to convince the victim to reveal their password or digital token which is needed to authorise the transactions. 

Please remember, Zero will NEVER contact customers to request sensitive and confidential information such as their passwords, digital tokens and/or pin numbers. 

Smishing 

This is the act where fraudsters will send messages on WhatsApp and/or via text message. The fraudster will send a message to the victim, often claiming to be from their bank saying that a suspicious purchase was made with their credit card. The text message will then ask the victim to contact their bank, however, will give a particular phone number for them to use (which will usually not be their banks actual number). 

The victim would then call the number within the message and this is when the fraudster, (who will be imitating the bank) strikes and requests confidential information in order to cancel the ‘suspicious purchase’. Sometimes the message can also include a link to a fraudulent website to request the sensitive information this way; similarly, to phishing. 

Skimming 

What it is: 
Skimming occurs when a fraudulent actor uses a device, called a skimmer, to steal credit or debit card information. The fraudulent actor attaches a skimmer to a card reader at ATMs or point-of-sale terminals such as petrol pumps, self-service checkouts and other payment terminals. The skimmer captures the card's magnetic stripe data, which can be used to create counterfeit cards or to make fraudulent purchases. 

In addition to skimmers, fraudulent actors may also use small cameras or overlays that fit over the ATM or the keypad of the payment terminal to capture the customer's PIN. This information is then used along with the stolen card data to make unauthorised withdrawals or purchases. 

Identity theft 

What it is: 
Identity theft is a type of payment fraud where a fraudulent actor steals a person's personal information, such as their name, National Insurance number or credit card number, and uses it to make unauthorised purchases or open accounts in the victim's name. Identity theft can have serious financial and legal consequences for the victim and can cause significant stress and anxiety. 

How to prevent it: 
Store any documents carrying personal information – such as your driving licence, passport, bank statements, utility bills or credit card transaction receipts – in a safe and secure place. 

Shred or destroy your old documents so that nothing showing your name, address or other personal details can be taken. 

Monitor your credit report and regularly check your credit card and bank statements for suspicious activity. 

When you move house, contact your bank, credit and store card providers, mobile phone provider, utility providers, TV licensing, your doctor and dentist etc, and give them your new address – you don’t want the new tenants to have access to letters containing your personal information. You can also redirect your mail by contacting Royal Mail. 

Think before you buy online – use a secure website which displays the company’s contact details, look for a golden padlock symbol and a clear privacy and returns policy. Check the web address begins with https. 

Card-not-present fraud 

What it is: 
Card-not-present (CNP) fraud is a type of payment fraud that occurs when a fraudulent actor uses stolen credit card information to make purchases without physically presenting the card, usually online or over the phone. CNP fraud has become increasingly common with the rise of e-commerce. What's more, it can have significant financial consequences for businesses, which may be liable for chargebacks or fraudulent purchases. 

CNP fraud usually occurs when a fraudulent actor obtains stolen credit card information through data breaches or other means, and then uses that information to make unauthorised purchases online. Another method is when a fraudulent actor uses social-engineering tactics, such as phishing, to obtain the card information directly from the victim.