10 Ways to Prevent Holiday Scams

The holidays should be a joyous time. But during this season, when online shopping increases, holiday scammers are particularly naughty. Digital fraud rose 12% between Thanksgiving and Cyber Monday in 2023.1

Which holiday scams are most common?

Last year, the BBB reported almost 42% of scams against small businesses were online.2 Promotion abuse, invalid chargebacks and account takeover are common types of online fraud businesses experience during the holidays.

• Promotion abuse cheats businesses out of millions in revenue each year.

  
  In its most basic forms, promo abuse exploits merchant policies to commit fraud. Examples include:
  • When a customer sets up multiple accounts to receive more sign-up and referral bonuses, discounts, and/or deliveries than the retailer intended.
  
  
  • Organized criminals create synthetic IDs and new IP addresses to launch large-scale attacks – most often called “promo fraud.”
  Promotion abuse will cost merchants an average 1.2% of revenue.3

• Account takeover involves gaining unauthorized access to a user’s account for the purpose of committing fraud.

  
  Both consumers (75%) and businesses (21%) are targets of account takeover, and some accounts are a mixture of both (4%).4 Schemes might include:
  • Hacking to uncover passwords and other login details.
  
  
  • Email phishing to trick users into revealing sensitive information.
  
  
  • Researching social media, open databases and other web-based access points to help with credentials theft. This is known as social engineering.
  
  
  • Credentials stuffing which attempts to match fraudulently obtained or leaked sensitive data against multiple websites.
  
  
  • Botnet attacks that use common passwords to access a large volume of accounts.

• Chargeback fraud occurs when customers successfully dispute legitimate transactions for which payment is reversed.

  
  In 2023, retailers lost $101 billion in chargeback fraud.5
  
  Friendly fraud occurs when customers dispute transactions with the bank (instead of merchants) for goods they receive and intend to keep. At potentially 86%, it is the leading cause of chargeback fraud.6
  
  U.S. chargeback volume is increasing, with an estimated 146 million transactions expected in 2026.7 Chargeback fraud costs businesses millions in lost revenue and increased expenses. It also compromises customer experiences and your business’ reputation.

You don't have to be a victim of holiday scammers.

Most businesses practice fraud prevention throughout the year. But the holiday season will require extra vigilance. Generally, holiday scammers count on increased shopping activity, employees’ reduced attention to detail, and short staffing during time off.

Here’s how to mitigate fraud risk during this joyous but hectic time.

1. Get to know your customers.
   Perhaps one of the greater advantages of being a small business is the opportunity to provide more personalized service and expertise. Customers appreciate the attention. The other side of this dynamic is the insights you’ll gain — such as buying patterns, payment types, interactions with your company — from nurturing customer relationships.


2. Immediately report suspicious activity.
   If you experience application pop-ups, error messages, unfamiliar login screens, suspicious emails, or other unusual activity, report them to your security team right away. Do not click on suspicious links. The FBI hosts a comprehensive cybercrime site, where you’ll find tips to protect your business, news, and instructions for reporting a claim if you believe you’ve been a victim.


3. Audit fraud prevention practices.
   A fraud prevention plan must include documented procedures, roles, and responsibilities and cover the system, network, applications and devices, and transaction levels. It should also detail both tactics to mitigate fraud, as well as steps to take if fraud occurs. Revisit this plan frequently. Conduct an assessment to ensure that your fraud prevention tools are working and to identify any gaps. For example, your business may be susceptible to package rerouting or account takeover based on outdated customer service or ordering protocols. Look for improvements to strengthen fraud prevention measures. It’s a good idea to outline specific practices to heighten security during busy seasons.


4. Analyze benchmarks.
   Review your historical transaction data so you’re aware of “normal” holiday numbers for chargebacks and decline rates. Also assess both fraud that was prevented and successful by channel, product, payment, and transaction type.


5. Maintain tight internal controls.
   The holidays are no time to lighten up on internal accounting controls such as segregation of duties, audits and management review of expenses, bank statements and collections. Set thresholds and limits for customer and employee purchases and discounts, with oversight for above-limit purchase and too-frequent return attempts. Examine commission policies to ensure that employees are not rewarded for selling to friends, family or fraudsters who will return merchandise in the post-holiday period.


6. Be consistent.
   Consistency reveals abnormalities and weaknesses. Good training drives home standardized practices, despite holiday chaos. If your team follows the same processes with every transaction, then unexpected, non-standard actions stand out.


7. Use multiple layers of fraud prevention tools.
   Because there are so many diverse channels and criminal tactics, businesses should adopt a layered approach to fraud prevention. IBM recommends a comprehensive digital security plan that addresses the system, network, application, and transmission levels individually. Then document how the levels will integrate with each other. Use the latest technologies, including machine learning to recognize data associated with fraud patterns, to keep fraudsters away.


8. Staff up store locations, call centers and IT.
   Increase staffing with properly trained employees who can identify, escalate, and prevent holiday scams. Make sure your team is rested so they are ready to catch fraudsters in your store, online, on the phone or any channel you use.


9. Proactively manage returns.
   You should expect that some customers will want to return purchases or may have concerns about service and charges. But given the potential for chargeback losses, establish a clear return policy and communicate with customers upfront. Also ask customers for feedback when they are making returns. Train your staff to identify and monitor suspicious transactions like frequent returns and threats to file chargebacks. You’ll need details when disputing chargebacks.


10. Purchase business insurance.
    Fraudsters are innovative. Insurance companies are responding with a range of products to protect not only your physical assets and inventory from theft, but they can also safeguard your business from cyberattacks.

You can protect your business from the high costs of fraud. Start with learning how to prevent holiday scams. Synovus Commerce Suite features comprehensive security with real-time authentication, account takeover prevention, payment fraud detection, customer screening and PCI DSS compliance. Complete a short form and a Synovus Merchant Services Consultant will be in touch to assist you. You can also call 1-888-SYNOVUS (1-888-796-6887) or stop by one of our local branches.