Chargeback Prevention

5 Holiday Fraud Prevention Tips

Blog Image -Holiday Fraud



Table of Contents

  1. Make Sure to Use an Obvious Merchant Descriptor
  2. Eliminate Typosquatters and URL Fraud
  3. Patch and Update Third-Party Software
  4. Prep Your Customer Service Team
  5. How Do You Fight Phishing Emails
  6. Conclusion
  7. Frequently Asked Questions

It’s the holiday season, a time for silver bells, sleigh rides, and rampant ecommerce fraud. For most consumers these days, filling all the stockings and getting all the necessary presents under the tree means placing lots of online orders, and fraudsters are well aware that in the lead-up to Christmas there are more credit card numbers flying across cyberspace than at any other time of year. So how can you keep your customers and your company safe?

New call-to-actionThey’ll do their best to take advantage of the hustle and bustle of the holidays, seeking out poorly-secured merchant sites, testing out cards when their owners are least likely to notice an unfamiliar charge, and luring in desperate shoppers with fake websites promising deals on must-have toys and electronics.

While cardholders must ultimately take responsibility for their own security and choices if they really want to avoid becoming victims of fraud, merchants know that they are often the ones who take the financial hit when fraudsters strike. Merchants can play an important role in protecting their customers from fraud and identity theft, and this benefits them directly as well. By protecting your customers, you can reduce chargebacks.

To keep your holiday chargebacks down and ensure that your customers can enjoy a fraud-free yuletide season, we’ve put together a list of actionable steps merchants can take to protect shoppers from being victimized by opportunistic fraudsters.

Make Sure to Use an Obvious Merchant Descriptor

One of the most important things you can do to stop preventable chargebacks is make sure your merchant descriptor clearly identifies who you are and provides current contact information.

The merchant descriptor is what shows up on your customers’ monthly bank statements next to your transactions. These are typically set up when you first sign up with a payment processor, and some merchants may give little thought to them, or they may change the name of their online storefront later. When the customer reviews their statement and does not see a recognizable name, they assume the transaction is fraudulent and dispute it.

During the holidays it’s especially easy for consumers to forget where they shopped, and some of them may know to be on heightened alert for signs of fraud.

A clear and concise merchant descriptor that includes a web address or telephone number can do a lot to prevent customers from filing “friendly fraud” disputes out of confusion.

Eliminate Typosquatters and URL Fraud

Have you ever typed a URL into your web browser and ended up at a completely different website than you were expecting, then realized that you made a small typo while entering the URL? This is quite common—and fraudsters know it. It’s called “typosquatting,” registering a domain in the hopes of receiving accidental traffic from unwitting visitors.

Sometimes, transposing or omitting a letter or two will take you to a completely unrelated website, or even to a competitor’s site, but occasionally, you’ll find yourself at a fake website that is designed to look like the genuine article. Fraudsters typosquat these domains and build fake websites in the hope that consumers will try to make a purchase and enter their credit card information.

Look for likely misspellings of your website address to see if any typosquatters are targeting your customers. Fraudulent sites can be reported to their hosting platforms. You might also consider registering some of these domains yourself and directing the traffic to your actual site.

Patch and Update Third-Party Software 

No matter how strong your internal security protocols are, your defenses can be breached—and your customer data compromised—if your third-party software is vulnerable. Many cyberattacks target shopping cart software, ad networks, and other third-party programs that run on top of the host site. It’s not always feasible to avoid using third-party software, so the best thing you can do is make sure they’re always updated and patched to the most recent versions.Manage Chargeback In-House Or Outshore

While you’re doing that, don’t forget to update your own cybersecurity software and certificates, or look into adding new ones that will be effective at protecting your customers. There are various anti-fraud tools that can be highly effective at stopping fraudsters from using stolen cards, many of which can be implemented with minimal disruption to the customer experience.

Prep Your Customer Service Team

Just as Santa couldn’t possibly pull Christmas Eve off without his elves, merchants who want to deliver a satisfying and stress-free holiday shopping experience to their customers need a customer service team that’s fully trained and prepared to deal with the myriad issues that will inevitably accompany the Christmas rush.

The return and refund processes need to be handled with extra special care. One leading cause of chargebacks is delays in the refund process—the customer contacts the merchant, returns the item, doesn’t get a refund promptly, and cannot get ahold of anyone in the customer service department who can accurately tell them when to expect it. Frustrated, they dispute the charge with their bank. If the merchant processes the refund before they get around to addressing the chargeback, they can end up suffering double the revenue loss.

Excellent customer service can proactively head off the chargebacks that might otherwise result from product defects, shipping errors, misplaced customer expectations, and other common issues.

When a customer has a problem, it’s always best to offer them a refund and make them happy rather than stonewall and leave them with no alternative but to ask their bank for a chargeback—but it’s only possible to do this if the customer can easily reach a competent customer service representative.

How Do You Fight Phishing Emails?

Phishing is one of the older tricks in a fraudster’s book, and the holidays are a perfect time for them to attempt to attack your customer service and support team with phishing emails. When a phishing attack is successful, it could compromise your customers’ credit cards or other private information, not to mention critical company data.

It doesn’t help that phishing attacks are becoming more sophisticated. It’s relatively easy for a fraudster to create email templates that look similar to financial partners, reputable businesses, or security firms. These fake emails will usually contain hidden links in legitimate-looking CTAs like buttons or requesting information used for social engineering purposes. Then, once they have that information, they can use it to commit chargeback fraud themselves or sell information to other fraudsters who will do the same.

Make sure that you have trained your employees on the latest phishing prevention tips. Teach them how to identify suspicious emails, and require them to never share company data, including any passwords, emails, or customer information. Likewise, install filters in your internal email system to flag suspicious emails. Even a notification for any email coming from outside your domain can help your team recognize potentially fake email messages.

A well-trained staff could be the difference between a secure operation and a slew of true fraud and chargebacks. It only takes a single staff member to compromise a system. Make sure that anti-phishing staff training is part of your holiday fraud prevention checklist.


As enjoyable as the holidays can be, they can also be difficult and stressful for consumers. When problems pile up, merchants can be an easy scapegoat for defective products, delayed deliveries, budget overruns, and other frustrations.

You can and should fight friendly fraud and other illegitimate chargebacks, but remember: most of these chargebacks represent a story of a customer who had an unsatisfying experience. Whether you fight the chargeback or not, taking the time to analyze it and understand what went wrong for that customer can give you valuable insights that you can use to improve your business and serve your customers better in the future.

Holiday Fraud Prevention - FAQ

Can fraud charges be prevented?

Fraud charges can be prevented with the right tools and practices. maintaining secure card verification software is a good start. Also make sure that your customer service employees verify and authenticate users with their address or ID. Above all, provide solid customer service and ensure that your customers have no reason to try and reverse a transaction because of slow service or confusion



Can you protect yourself from online fraud?

Prevent online fraud with a few simple but important steps. First, make sure that you are monitoring your online store for suspicious activities, like purchases from IP addresses that don't match shipping destinations or abnormally large purchases. Always requires customers authenticate with their billing and shipping address and that the billing address matches the one attached to their method of payment. Finally, conduct regular security audits and ensure that your software is up-to-date and compliant with all regulations.



How Can Merchants Prevent Chargeback Fraud?

Alongside the above-listed prevention methods, a good way to prevent chargeback fraud and promote fund recovery during fraudulent chargebacks is to work with representment experts. These experts can use their experience, technology, and insight to help you get ahead of fraudsters and respond to chargebacks effectively this holiday season.



Thanks for following the Chargeback Gurus blog. Feel free to submit topic suggestions, questions or requests for advice to:

Download the Definitive Guide to Visa's New Dispute Process