how to prevent payment fraud

Nearly 1.7 million cases of fraud have been reported to the FTC in 2022.

Even more shocking, the estimated total financial loss exceeds $580 million in the third quarter alone.

The data speaks for itself. Without fraud prevention, your business is an easy opportunity for scammers.

If you’re ready to take fraud prevention seriously, read on. Here’s what you’ll learn:

  • What payment fraud is
  • How payment fraud happens and the various scams used
  • How fraud works for different payment methods
  • Detection, prevention, and response to payment fraud
  • How to prevent business payment fraud


What is payment fraud?

Payment fraud is the practice of stealing someone’s payment information and using it for unauthorized purchases or transactions. Essentially, bad actors either misrepresent  themselves or manipulate information in order to gain access to your funds.

On a personal level, sometimes that means criminals steal credit cards or get details without a physical card to make withdrawals. In business, fraud is a little more complicated.


How payment fraud happens

It can take as little as a stolen password to commit serious acts of fraud.

However, there are many avenues fraudsters use to approach businesses and gather sensitive information. Here are some of the most common (and lucrative) methods of fraud:

  • Cyber attacks
  • Phishing
  • “Friendly” transactions
  • Stolen payment information
  • Bank transfers


Cyber attacks

Criminals can use cyber attacks to gain access to your bank card information through payment details. After fraudulent purchases occur, you’ve already lost the sensitive information and will have to replace bank cards. Online fraud poses a threat to your company’s brand. Even if you (the owner of a targeted website) weren’t the culprit, you’re likely to suffer significant reputation harm.



Phishing fraud occurs when a criminal sends a message to the victim to trick them into providing personal information.

Offenders usually attempt to imitate a well-known person or brand.

Phone calls, emails, and text messages can all be used to launch phishing attacks.


“Friendly” transactions

The so-called “friendly fraud” isn’t friendly at all.

Fraudsters pay with a card and then request a refund, then claim they didn’t receive the product, or that it was defective.

The goal is to keep the product and receive money back.


Stolen payment information

Known as “clean fraud,” it is one of the most difficult to detect. The reason is that they get away “clean,” without a trace.

Criminals begin by carefully examining your companys’ fraud-detection systems. Next, they gain stolen payment and personal information. They then use the information to circumvent the anti-fraud systems.

The more exposed your fraud detection system is, the more likely you are to be chosen as a target.

Once the fraudulent transaction completes, the criminal disappears, leaving you to deal with the chargebacks.


Bank transfer fraud

A bank transfer scam occurs when someone is duped into making a direct transfer in exchange for goods or services.

Criminals with stolen email credentials may monitor your company’s conversations, impersonate a recipient, and send their own banking details as the receiving account.

Another common example is when a fraudster pretends to be interested in purchasing goods or services and asks the seller what account the payment should be transferred to.


Payment fraud across different payment methods

We went over common methods fraudsters apply to target businesses. To further help you develop a risk strategy to prevent fraud, we’ll discuss what types of fraud exist and how they can affect your business.



The ACH Network comprises many actors (both automated and human) who work together to ensure that money transfers are secure and successful.

Fraudsters often target specific bank accounts to take advantage of the ACH processing time delay.

In fact, according to a report by JP Morgan, checks and ACH transfers accounted for 66% and 37% of payment methods affected by fraud.

Because the issue is so prolific, our team at Orum has already spoken about fighting ACH fraud


Debit cards

Scammers can get your debit card information entirely without your knowledge.

They can install a skimming device on an ATM, gas station, or any other location where you swipe your card.

Hackers can gain unauthorized access to companies you’ve previously purchased from and steal information from them.


Credit cards

B2B credit card fraud occurs when someone virtually compromises your account or gets control of your physical card.

There is no foolproof way for you to prevent hackers from attempting such attacks.

However, you can reduce your chances of becoming a victim and mitigate the consequences of fraudulent activity.

Be proactive and keep track of your accounts to protect your credit card information. Examples include employing credit monitoring services or setting up alerts for specific transaction types.


RTP (real-time payments)

The RTP network, which was launched in 2017, reaches 70% of Demand Deposit Accounts (DDA) to provide real-time payments.

In January 2021, the Fed launched the FedNow pilot program. Orum is one of the launch partners for the new payments network, which includes over 200 financial institutions and processors.

The availability of real-time payment methods increases the attractiveness and profitability to fraudsters.

A common scam involves impersonating a company employee or vendor to dupe victims into sending money.


Wire transfer

Wire fraud affects you, whether you’re the funds’ transmitter or recipient.

To deceive victims into moving money, some phishers use bogus Western Union emails and copied websites.

Also important to know is that accepting money from a stranger and wiring it to yourself can flag you for money laundering.


Paper check

The mailbox is a vulnerable point for fraud. Bad actors can simply change dollar amounts or the receiving accounts of professionally written checks.

Altering paper checks, stealing blank checks, and issuing bogus checks are all common methods.

The age-old art of forgery is still alive and well, thanks to advances in technology.



Once taken, cash is almost untraceable.

Cash deposits are particularly vulnerable (and attractive) to fraudsters. Withdrawals from the cash pouch or a lack of accounting records make fraud easy.

The problem can be discovered after the fact by comparing the deposit slip to the cashier’s record of cash received.


Detection, prevention, and response

How do you distinguish between a scammer and a consumer?

The wrong call may cause legitimate clients to get blacklisted.

You can achieve a balance of risk and revenue by employing detection, prevention, and response.



Fraud detection technology detects behavioral abnormalities. It also determines which of your customers are genuine and which are not by analyzing historical and cross-platform data between businesses.

Specific high-risk segments, such as specific industries or geographic regions with higher fraud rates, can also be considered.



Use predetermined risk profiles to automate a portion of the assessment process. You’ll save time and reduce risk management efforts.



How do you choose the best risk management strategy for your company?

Experiment with various settings and A/B test them to see which is most effective and cost-efficient.


6 steps to preventing payment fraud

Setting up internal controls to prevent payment fraud is just as important as having a disaster recovery plan. Here are 6 steps to take to secure your organization against payment fraud:

  1. Train your team
  2. Require multiple approvals
  3. Improve your cybersecurity posture
  4. Set up account activity monitoring
  5. Target suspicious emails
  6. Stop using paper checks


1. Train your team

The report by JPMorgan shows 32% of respondents attribute payment fraud in their company to working remotely. 21% said they were unsure, and 47% do not believe remote work is the problem.

While the jury is still out on whether remote work is to blame, deploying a successful employee training program is essential.

Your employee training program should cover how to detect fraud as well as prevent it.

When one of your employees receives an unusual or suspicious request, he or she should pause and contact the individual via a known phone number or email address.


2. Require multiple approvals

Set a monetary limit and require multi-employee approval for any transactions that exceed it.

Requiring at least two sets of eyes on large transactions reduces the likelihood of a fraudulent payment being processed.

Implement internal controls to further aid in the prevention of occupational fraud, as well as wage and benefit fraud.


3. Improve your cybersecurity posture

Besides adopting an encrypted wireless network, consider implementing the following safeguards:

  • Require staff to use business email accounts to communicate
  • Configure multi-factor authentication for all company accounts and require employees to follow suit
  • Use strong passwords and avoid using the same login information across multiple platforms.


4. Set up account activity monitoring

Check your bank account balances regularly and report any suspicious activity.

It’s easy to miss fraud occurrences when you review statements months later.

You can also appoint a person or product to monitor account balances to detect problems early.


5. Target suspicious emails

Your company’s Accounts Payable (AP) department is the most attractive to cybercriminals to target through email.

Keep a watch out for two sorts of fraudulent emails in particular:  phishing and business email compromise.

Avoid clicking any links if you receive an email or text message you are unsure about.


6. Stop using paper checks

Although the use of paper checks has decreased over time, check fraud is still common.

The time it takes for a check to be processed allows fraudsters to gain funds and get off scot-free.

Some criminals also employ low-tech techniques, such as changing the name or amount on a legitimate check and other forms of forgery.

To reduce check fraud, some organizations are using paper checks less in business-to-business transactions.


Fraud prevention done for you

The more you understand the different avenues through which fraud can occur, the more tedious and demanding prevention becomes.

We’re backed by the most reputable payments experts who are here to partner with you to optimize your payments experience from start to finish. 

If you’d like to learn more about Orum and how we can help you speed up payments, reach out to our team! We’d love to chat.