Refund Phishing
03/05/2025
Refund Phishing
The usual scammer modus operandi is to contact a victim and intimidate them into giving them money. However, scammers are now working on more subtle ways to con people. Refund phishing is a new way scammers are getting consumers to divulge their personal and financial information. If you are a frequent online consumer, you will want to learn the details of this new scam and how to avoid it.
To start, let’s go back to what phishing is. Phishing is a social engineering tool that is mainly used to steal personal and financial information. That information is then used to scam the victim or steal money, or it is sold on the dark web. Most phishing attempts happen through email and text but can also happen over the phone. Usually, victims receive a text or email that looks like it is from a legitimate source and includes a link for the victim to click on. Once the link is used, the scammers may install malware onto the device, or they may collect sensitive data on the website.
Refund phishing, however, is a little bit different. Instead of focusing on stealing money using stolen credit card information, “they make a fraudulent purchase from a fake merchant” (Experian.com). Victims then call or visit the fake merchant’s website from the purchase information to dispute the charge and are tricked into sharing personal and account information with the scammer. These scammers may also email a fake invoice or send an email claiming you are eligible for a refund on a recent purchase. The links or attached documents then install malware to steal information once the victim clicks on either.
Luckily, avoiding these scams is usually the same as avoiding other phishing attempts. First, if you receive unsolicited emails or texts about a refund, do not open them. Refunds are almost always initiated by the consumer. Second, before you click on any links, hover over them to see what website the link takes you to. If it looks like it could be a scam, open your browser and visit the website via its official address. Lastly, if you see a fraudulent charge on your credit card or receive an invoice for a purchase you did not make, pause before contacting the merchant. If your credit card bill shows a fraudulent charge, always reach out to your bank or credit card company at a trusted number and let them deal with disputing the charge with the merchant. If you receive an invoice for a purchase you did not make, check your credit card statement to see if the charge actually posted. If not, ignore the invoice.
Refund phishing is a much more subtle way scammers are attempting to con you out of your money and sensitive information. If you receive a phishing attempt, report it to FTC.gov/Complaint.
Sources:
https://www.experian.com/blogs/ask-experian/the-latest-scams-you-need-to-aware-of/