How to Prevent Peer-to-Peer Payment Fraud

Image courtesy of CO-OP Financial Services

It has never been easier to transfer money quickly than with peer-to-peer (P2P) payment platforms. The increased convenience has made it easier to order services, shop online and support friends and family members with little to no lag time. Still, there is always someone looking to de-fraud your hard-earned money through fraud, a scam or a security attack. COVID-19 has created new opportunities for fraud and scam attempts, including those related to P2P payments. Taking time to understand potential threats and how to navigate them will give you an added layer of protection from fraud.

An increase in peer-to-peer payments

As P2P payments increase in popularity, it’s become important to know how they work. P2P payments are instant digital transfers that make it simple and secure to send money to friends, family, trusted businesses and professionals without a card, check or traditional multi-step wire transfer process. Similar to a debit card, they eliminate the need to have cash on hand by initiating a payment directly from an associated bank account. In real-time, money can be pulled from your bank account and sent to another P2P account. It’s a secure way to send money and digitize day-to-day transactions—unfortunately, if you’re unprepared, this added speed and convenience can open an opportunity for fraudsters. Some of the most used P2P options include:

  • Zelle
  • PayPal
  • Venmo
  • Cash app
  • Square
  • Apple Pay
  • Google Pay

While these platforms are technologically secure, there are still many scams centered on using P2P services. Of particular concern are confidence schemes targeting P2P services. Confidence scams prey on a person’s emotions, wants and needs to gain sensitive personal information or convince the victim to send money to the scammer willingly. You should always be sure that you know and trust any person you are paying.

How do fraudsters commit P2P fraud? 

Criminals are using several methods to commit P2P fraud. Some use “friendly fraud” social engineering tactics, like messaging a user requesting that they deposit the fraudster’s check in their account and then send the funds back to the requester via a P2P app. The fraudster then promises to send the victim $500 as “payment” for the transaction. Of course, the fraudster never sends the payment and the original check bounces, leaving the member (and the credit union) on the hook for the funds. 

Another popular scam is where a fraudster advertises items for sale, like concert or sporting event tickets, and requests payment to be made via a P2P app. Once the funds are received, the fraudster disappears without ever delivering the requested item to the unwitting consumer. 

Unfortunately, with P2P fraud, fraudsters no longer need to obtain a user’s card number to steal funds. If they are able to hack into a member’s smartphone or mobile device, they can easily gain access to the user’s digital wallet app and transfer funds in their name. 

How can you protect yourself?

  1. Pay it safe: Many P2P apps don’t let you cancel a transaction once you’ve sent it to another user. With that in mind, avoid sending or requesting money from anyone you don’t know and trust.
  2. Take your time: Try not to rush when you’re using a P2P app to send money. If someone is pushing you to act quickly, it could be a red flag.
  3. Treat payments like cash: Money moves quickly when you use P2P apps. Once you hit send, money doesn’t take long to reach its destination. It’s a good idea to double check you have the correct info to make sure your money goes where you intended.
  4. Use your security settings: P2P apps have measures in place to help keep your account secure. Two-factor authentication requires you to provide multiple pieces of information to access your account. The first is typically your username and password. The second step might require you to enter a numeric code you’re given in an email or text. Or you might use fingerprint or facial recognition.
  5. Be aware of phishing: One way fraudsters might try to access your account is by posing as your bank or a P2P company. They may try to contact you through emails, calls or texts. Avoid clicking links and sharing personal information. They may also claim you need to download another app or give them remote access to transfer money. Never give remote access to a third party.
  6. Keep your personal information private: If you use social media, avoid sharing things like your address, phone number and other personal details. And ignore friend requests from people you don’t know.
  7. Protect your passwords: Use different passwords for P2P apps and other sites. If you’re worried about remembering them all, there are tools available that might be able to help. And like the tip about your personal information, don’t share your passwords with others.