Good deals lure every shopper but paying without verifying might not be a good idea. Have you ever paid attention to the number of spam emails you receive on daily basis, offering you best deals and discounted product at an unbelievable price, dream job or trip to a very exotic place in the least price? Don’t get overwhelmed; it might be the work of a hacker aiming to attain your personal details. These hackers misuse documentation and credential of any Business in the form of newsletter or advertising whereas merchant bears the price. Customer without analyzing the email files a chargeback against the merchant. These are the unacceptable chargebacks and can be avoided by remaining cautious and keeping an eye on such scams. It becomes of utmost importance for merchants to be cautious of such emails and have proper protection and management system for documentation.
A good relationship with its customers is what a merchant wants but the big question is how can a merchant protect Internet network? Misuse of credentials does not necessarily happen with new business owners but it can happen with merchants who are in the business for a long time. Until and unless merchant does not pay attention to documentation, hackers will always have an upper hand. This will lead to high chargeback rate and loss of time and money while fighting those chargebacks. The solution to this problem is ‘knowledge’; knowledge about channels via which Phishing attacks are made. Let us discuss them one by one in details.
1. Business E-mails
BEC (Business Email Compromise) scams are one of the most preferential forms of phishing scams. In about every case of the scam, employees performing financial responsibilities are targeted, so they need to be more cautious and observant. These scammers are smart enough to fool any employee with the type of engineering used to make these emails look authentic, and by the time you find out about the scam, it is too late. Few reasons for emails being the main channel for phishing are:
- Most of the customers find emailing more reliable and credible
- Majority of the people feel comfortable and are habituate of handling financial queries through e-mails
- Emails have been proven as a good platform for advertising
- Easiest way to reach population around the world
Keywords used by most of BEC scams are:
Such keywords are used to manipulate the receiver to open the mail. Out of curiosity, if receiver opens the mail, the work of the hacker is done and the malware will be downloaded on your computer. Below are few tips to identify authentic and fake emails:
- Store the account number of all the parties/customers safely. Match the presented invoice number with records and if it mismatches, delete the email immediately and if possible, inform others about the stolen identity.
- Always make sure to verify the email address. For example: if you normally receive the email from [email protected] and this time you received it from [email protected], it might be a spam. Avoid opening it. With a slight change in spelling, which a receiver might not even notice, malicious software can be easily loaded on your system.
- If the content of the email seems more aggressive and unusual, do not respond and inform the concerned person.
The phisher can also use business credentials in the form of a newsletter. Although it does not directly affect the merchant but can be used to drain bank accounts of customers. Few tips for the merchants are:
- If your business is dependent upon newsletter, provide precise information in the disclosure about what information is required from the customer.
- Send newsletters on specified date and time only.
- False advertisement and fake coupons, with unbelievable deals and offers, are often part of the scam. This puts a negative impact on the business and can lead to chargebacks. In this case, a merchant does not have much room for chargeback representment. The only way is to be consistent with advertisement and newsletters.
2. Marketing via SMS
Smishing scam is a type of phishing attack via SMS (SMS phishing). Over a year, both merchants and customers have become more cautious about spam emails, so the scammers have found another way of phishing scams. Through SMS, phishers aggravate more urgency for receivers to read SMS and respond to it such as
- Unauthorized transaction occurred
- Immediate action required
- Someone is trying to open your email
- Your email has been accessed from a different location
- An extra fee is charged on your package, pay immediately
- Provide the information below to complete the process
Here are a few points to combat this type of scam:
- As people are more comfortable with receiving instant notification about deals and news through SMS, smishers make the best use of it. Clear communication is a must to let the customer know whether or not they will receive any text from the merchant.
- It is better to include a unique signature for identification purposes while texting your customers. This unique signature will depict the authenticity of the text message.
- Not every deal which is presented to the customer is approved by the business. But if the customer becomes a victim due to a false identity, he might file a chargeback against the merchant. It is important to add the information regarding “spot fake deals” within disclosure or FAQ list. This will help in clearing the dilemma, restore customer’s trust and will also help in chargeback representment.
3. Social media
Social media is another great platform to advertise your business but ads displayed are a mixture of both; fake and genuine ads. Sometimes fake advertisements seem safe but are actually a part of a phishing scam. Especially if you are providing services to customers or run a portal to accept customer’s complaint, you might become the target of a phisher and by using your identity, the scammer can drain money from your client’s account by assuring to resolve the issue or can take query of the customer over Social Media platform and offer the help. Customer in this hostile situation might file a chargeback against the merchant to retrieve their lost money. Few tips to avoid social media scams are:
- Apologize and offer help to negative talkers over social media by directly communicating with them. Provide them with the customer care number deliberately. This will decrease the chances of other customers to get influenced and contact phishing party.
- Conduct brand audit at regular intervals to know what is talked about you over social media and keep a check on identity theft.
- Inform your customer about your company’s policies. Educate them about fake ads and authenticated ads. Educate them about the process through which you collect information from your customers. Ask them not to share their financial information over social media, as it’s not in your company policy to collect the information on the social media platform.
The post Chargeback Management: Preventing Phishing Scams appeared first on Chargeback Expertz.