Refund Scams: What They Are & How to Prevent Them

Refund scammers are hidden pests, peeling away profit from businesses behind a wall of distraction and deception. Without the right solutions, scammers go undetected because their transactions are processed and logged in the same way as legitimate ones.

We look at how refund scams work and how the right precautions can stop them from damaging your business.

What Are Refund Scams?

Refund scams involve a criminal tampering with a POS (point of sale) terminal so it sends them an unwarranted refund.

Many scammers carry out refund scams in person, where they’re able to distract and manipulate their targets, namely whoever is operating the POS. However, some payment terminals can be accessed remotely, such as through hacking and phishing techniques, so many refund scams are carried out online.

How Do Refund Scams Work?

Below are two examples of how in-person and remote refund scams can be carried out:

  1. A scammer has an accomplice distract the shopkeeper so the scammer can go behind the till and change the POS terminal’s transaction settings, meaning the system goes from preparing to receive a purchase to offering a refund.
  2. A scammer uses a phishing email to convince their target that their payment system has encountered a software fault and needs remote assistance to be fixed. The attacker then uses their illegitimate entry into the POS payment terminal to grant a refund.

Types of Refund Scams

There are many ways that scammers can interfere with a business’s refund policies and equipment in order to carry out a refund scam. Some major examples include distraction, collusion, layered transactions, and phishing.

Here’s a closer look at each one:

  • Distraction: Refund scammers can use false pretenses (such as a staged “emergency” outside the shop) to convince their target to leave the POS terminal unattended.
  • Collusion: Some scammers work in collusion with a staff member who knowingly puts through a fraudulent refund and then doctors the record of purchase to make it look like it complies with their employer’s refund policy.
  • Layered transactions: Refund scammers can evade suspicion by complicating their exchanges with their target business. For instance, they may carry out multiple purchases and refund requests, using different cards in quick succession. This confuses the company they’re scamming, making it harder to trace who received the refund and which card it went to.
  • Phishing: The scammer acts online rather than in person and uses deceptive communication, such as emails loaded with social engineering attacks, to trick an organization into providing the login details for their POS terminal.

All these examples involve the scammer (or their accomplice) tampering with the point of sale terminal. This sets a refund scam apart from another related term: return fraud, which instead sees the criminal abuse a business’s refund policy. For example, return fraudsters may trick staff into refunding a stolen item if they aren’t obligated to ask for proof of purchase.

You can learn more about what separates the two terms by checking out the table below:

differences between refund scams and return fraud

The Impact of Refund Scams on Businesses

Businesses that fall victim to refund scams don’t just see their revenue erode, it can also affect the business’s reputation and even employee morale.

Let’s take a closer look at how refund scams can impact a business: 

  • Operational damages: It is time-consuming and labor-intensive to investigate how a refund scam occurred and how to recur the damages. Integrating the best solutions, such as chargeback management software, is therefore crucial to reduce the workload involved in fighting back against suspicious transactions.
  • ROI losses: Refund scams can severely impact the business’s profit margins and stock.
  • Reputational damages: If a business becomes known as an easy target for refund scams it may undermine it’s wider security status and make it more liable to attack. 
  • Staff disputes: Given that refund scams can involve staff collusion some co-workers may lose trust in each other when a refund scam occurs.
Reduce Chargebacks with SEON

SEON is more than just a software solution – it is your business partner in chargeback management, with insightful digital footprint analysis and machine learning.

Speak with an Expert

Methods to Prevent Refund Scams

Thankfully, when businesses know what to look for they can put a block on most refund scammers and their activities. Key points to remember are the importance of training your staff, protecting your point of sales terminals, and integrating the best fraud prevention system for the job.

Staff Training

Unlike return fraud, refund scams tend to occur when your staff members’ backs are turned, it’s vital to educate them on preventative measures. Your security awareness training should therefore teach your employees to do the following:

  • Never leave their point of sales terminal unattended and unlocked, and always keep a secondary device on them to ensure multi-factor authentication can be utilized.
  • Exercise caution when they encounter unusual situations, report them, and recognize they may be a distraction and manipulation technique.
  • Make sure staff are aware that emotionally charged messages, such as calls and emails, can also be used as a distraction method, and to exercise caution. 

Maintain Comprehensive Camera Surveillance

While this won’t be as useful if you encounter a refund scammer operating remotely, camera surveillance is invaluable if the criminal targets a physical store. Having high-definition cameras with facial recognition technology will be a strong deterrent for, or proof of, refund fraud as many cases involve sneaking behind a shop counter to tamper with the point of sales terminal.

Use Fraud Prevention Solutions

The right fraud prevention solutions, such as SEON, offer transaction monitoring and other account monitoring solutions that detect suspicious shop exchanges that may signify refund scams.

SEON detects unusually high transactions, which can be a calling card for refund scammers. They may make big purchases to feign credibility in their history with the target business, or a series of small but frequent purchases to make their spending habits less noticeable.

SEON’s transaction monitoring keeps historical data, the scope of which grows with your business, so any suspicious patterns that arise through transactions can be flagged.

For example, if an individual is making suspiciously large and complicated transactions, this isn’t necessarily a cause for alarm in itself. However, if those transactions also occur at a time when the individual suddenly changes their payment method, this can be a reason to suspect a refund scam or other attack is in the works.

In the below interactive screenshot gallery, you can learn more about the many ways that illicit transaction patterns and user account details can be detected through SEON:

You can see below how easily you can learn more about a person just through their payment methods. Enter any card’s BIN (bank identification number) into the box below and see what information SEON can offer in return.

Free BIN lookup!

Enter the first 6 or 8 digits of a card number (BIN/IIN)

Bank Name
···· ····

Text here

Cardholder name

SEON’s ability to knock down the wall refund scammers operate behind not only means you’ll know when you’ve fallen victim, but you can prevent it from happening in the future. 


Related Articles

Share article

Subscribe to our newsletter

Get anti-fraud and compliance insights and tips from SEONs experts.

Author avatar
Bence Jendruszak

Bence Jendruszák is the Chief Operating Officer and co-founder of SEON. Thanks to his leadership, the company received the biggest Series A in Hungarian history in 2021. Bence is passionate about cybersecurity and its overlap with business success. You can find him leading webinars with industry leaders on topics such as iGaming fraud, identity proofing or machine learning (when he’s not brewing questionable coffee for his colleagues).