Point-of-Sale Fraud Alert
Recent incidents in the U.S. in which criminals are committing fraud through processing fraudulent return transactions. As part of the fraud scheme, criminals obtain Point-of-Sale (POS) devices—either from an acquirer or agent while posing as a merchant, from online resellers or auctions, or through theft—and program the POS devices with the credentials of a legitimate merchant, thus effectively cloning the unsuspecting merchant’s actual POS device. Criminals use the cloned POS devices to complete returns to gift cards, often in the range of $2,000 – $6,000 per transaction. After the returns are posted to the gift cards, the cards are cashed out at ATMs. Criminals prefer gift cards and in some instances debit cards. These products fund rapidly, allowing fraudsters to get their hands-on cash immediately.
What can you do to protect yourself?
- Always verify anyone calling you posing as your merchant provider
- Monitor your transactions often, especially credits
- Make sure your terminal or POS doesn’t allow credits without a corresponding sale
- Educate your employees
- Never let anyone other than your merchant provider, touch your terminal or Point-of-Sale System
- Change passwords often and use caution if you are working remotely
As a business owner, you can never be too cautious. These crimes happen primarily on the weekends (especially long holiday weekends). Criminals will choose to take advantage of the operating hours of the merchant and financial institutions. Protect your business this holiday and throughout the year!
New Credit Card Skimmers found inside card readers at gas pumps at many 7-11 stores
Look for the red tag on the pumps or go into the store to pay. Some 7-11 stores have installed temporary locks on pumps until permanent locks arrive.
Florida is number one in the country for crimes related to fraud, mainly because dozens of people are being targeted at the pumps by skimmers a day.
This year alone, 561 skimmers have been found at gas stations in the State. Due to this growing number of skimmers, State Leaders are making fraud prevention a priority.
The Florida Department of Agriculture and Consumer Services is pushing gas stations in Florida to install encryption readers by November of 2020. The encryption readers will scramble your cards information so that your number can’t be grabbed by another device to steal your information.
Tuesday, the Lee County Board of Commissioners unanimously passed the Fuel Pump Security Ordinance. Both Charlotte County and The Cities of Cape Coral and Punta Gorda have ordinances in place already to protect you at the pump.
Five Tips to Fight Fraud
Here are five tips for consumers to avoid credit card fraud by gas pump skimmers, listed by the Florida Department of Agriculture and Consumer Services:
- Avoid using pumps that are open or unlocked, have had the tamper-evident security tape cut or removed, or otherwise appear unusual.
- Use a credit card – not a debit card: If a credit card number is skimmed, you’re protected by the card issuer’s zero-liability policy – but a stolen debit card number could be far more damaging.
- Pay inside, with cash or credit, instead of at the pump
- Choose gas pumps closest to a physical building: Don’t use gas pumps out of the attendant’s line of sight, such as those around a corner or behind a building.
- Check your card statements and sign up for fraud alerts
NBC-2 Related News Story
Employee theft is increasing – the scope ranges from stealing inventory and padding time to taking money from the till. Many times, theft is a result of opportunity and incentive to steal. Employee theft can go unnoticed for years until your company hits a wall. Fortunately, early detection has never been easier with the convenience of a POS System (Point of Sale) and its many features.
A POS system allows your customer payments to be displayed and authorizes transactions to be executed. This compact system can also monitor employee engagements with your company. You will be able to use many of the numerous features such as…
- Managing your inventory
- Control inventory shrinkage
- Following company sales reports
- Outlining your best-selling products
- Determining customer buying habits
- Collecting customer data for future marketing
- Identifying your top performing employees
Smaller Companies Experience Larger Median Losses
Having access to the powerful business tools provided with a POS System can improve the security of your company by deterring employee theft, manage inventory losses and monitor employee time and productivity. Small businesses run a higher risk of falling victim to employee theft. Industries with over 100 employees have a median loss of $104,000, while industries with less than 100 employees have a median loss of $200,000. Smaller or mid-sized businesses often lack practices or systems designed to deter theft, making them a target. Here is an example:
Two Florida men working under a computer repair establishment were exposed for stealing inventory and skimming cash. Although both men had to repay their stolen expenses, many employees can carry out theft seamlessly and without a trace, costing U.S. businesses over $7 billion in total losses
Protect Your Business with a POS System
Employee theft is responsible for nearly 41% of all inventory shrinkage. A POS System can track inventory and sales, you will be able to recognize an imbalance in your inventory’s listed quantity and the actual physical count before it becomes a serious issue. Internal theft often occurs when an automated inventory system isn’t in place. Also, the easy to use POS system gives you the ability to accurately track and control product data such as pricing, stock counts and receipts.
The convenience and efficiency of a POS System will help reduce your exposure to employee theft, inventory losses, and unearned payroll which reduces costs and increases profits for your business. The price of investing in a POS System will be significantly less than the price of losing millions to theft.
Courtney Wells, a 49-year-old woman in Connecticut admitted to embezzling over a half a million dollars combined from her two positions as a trusted bookkeeper. Appearing as a trustworthy employee at her job as treasurer of the Southington Lacrosse Association, she gained exclusive access to the association’s debit cards and the bank account. Authorities believe she had stolen approximately $100,000 from this position to fund personal needs such as concerts, traveling, or shopping.
Additionally, Wells embezzled $375,000 from her other job working as a part-time bookkeeper at Jones Engineering. She put this money towards a partial refund of what she had stolen from The Lacrosse Association. Wells finally surrendered herself to authorities according to Southington, CT police. Her warrants included first-degree larceny, second-degree money laundering, and first-degree forgery. There are steps you can take to help secure the well-being of your company.
Article source: https://fox61.com/2019/01/10/woman-pleads-guilty-to-stealing-from-youth-sports-group/
5 ways to protect your company from employee fraud:
- Install a POS System for Accountability
- Monitor your company books and the back office of your POS System on a regular basis
- Sign up for bank and credit card alerts when purchases are made
- Perform thorough Background Checks on all employees and independent contractors
- If you become a victim, prosecute the employee!
A criminal background screening provides a thorough insight into a potential hire’s criminal history. Not only does PCI 12.7 warrant a background of employees dealing with multiple forms of payments, but also taking proactive steps to reduce your risk of employee theft and possible violence in the workplace makes good business sense. Your company’s future is in your hands and now more than ever we need to be watchful of who we are letting in the door.
According to PCI…that dreaded term…
12.7 Screen potential personnel prior to hire to minimize the risk of attacks from internal sources. (Examples of background checks include previous employment history, criminal record, credit history, and reference checks.)
Article source: https://fox61.com/2019/01/10/woman-pleads-guilty-to-stealing-from-youth-sports-group/
With all the recent stories about security breaches, you may be wondering what you can do to help secure your data and communications. Transport Layer Security, also known as TLS, is a procedure that provides privacy and data integrity between multiple applications in your systems. TLS is used to create a secure environment for web browsing, emailing, or other applications. Websites are able to use TLS to keep all communication between their servers and web browsers secure. For organizations that store or process payment information, using TLS version 1.2 is a requirement of the Payment Card Industry Data Security Standard. This standard was created by the PCI Security Standards Council to protect cardholder data. No single security measure will fully protect your organization from unauthorized data breaches, but implementing security protocols like TLS can reduce the chance of such threats.
How does your security impact your daily work day?
When it comes to your computer, your web browser may need to be updated. Whether you have Internet Explorer, Chrome, Firefox, etc, check to make sure your computer is installing these updates automatically. When it comes to your payment software, if it stops working, you may need to do an update or even upgrade your software. Contacting your software provider with any issues can be a big help. Some businesses run a standalone credit card terminal. If this stops working, you are going to want to contact your local sales office or merchant service provider as you may need a new file to be downloaded into the terminal.
The goal of TLS procedures are security and efficiency. Are you wondering if your browser is supported? This link will show you a list of supported browsers:
Secrets of the Dark Web
Cybercriminals can take an in-depth, six-week course of 20 lectures, in Russian, on Carding…learning how to steal credit card data from insecure databases or buy the data on the dark web. They can also take information on emails and passwords leaked from other data breaches to access banking websites, buy vacation packages, gift cards, all within nine minutes after the information was posted online.
The class, more in-depth than most, was discovered on a deep web forum by Digital Shadows while investigating credit card fraud and criminal activity. On one forum alone, more than 1.2 million card numbers were available for sale, nearly half of the numbers in the U.S. While card hackers and sellers are based in Russia and Eastern Europe, the buyers are often here in the U.S. Digital Shadows estimates $24 billion in credit card fraud next year.
Dark Web, A Simple Explanation
The Dark Web is a collection of thousands of websites that use anonymity tools like Tor and I2P to hide their IP address. While it’s most famously been used for black market drug sales and even child pornography, the Dark Web also enables anonymous whistleblowing and protects users from surveillance and censorship.See This article from Wired for more
How Can a Consumer or Business Reduce the Risk of Credit Card Data Theft?
- Place an alert on your credit card and bank for purchases less than $5 and more than $100…it is common for a thief to test the card by trying to process a small amount…usually less than $5
- Never give your pin number to anyone
- Never use the same password for your bank or credit card that you use for another website
- Confirm all communication is authentic such as phone calls or emails
- Do not click on links in suspicious emails
- When in question always contact the business or individual directly