Peer-to-peer (P2P) payment apps such as Zelle, Venmo and CashApp enable users to conveniently send money directly to another user — and fraudsters aren’t afraid of exploiting them.
P2P related fraud has been increasing over the last few years. With bad actors are finding very creative ways to exploit these P2P payment apps with phishing/smishing/vishing schemes, spoofing phone numbers, or listing non-existent goods for sale.
One example of P2P fraud involves sending a text pretending to be from a financial institution/P2P provider. Once the user responds, they receive a phone call from a spoofed number asking to verify a few security details on the account. During the exchange, the bad actor triggers the multi-factor authentication (MFA) for the P2P service and asks the user to provide that code. From there the bad actor has full control of the account.
Another simpler form of fraud involves listing items for sale on an online marketplace and requesting advance payment through a P2P app without ever fulfilling the order.
How to protect yourself from P2P related fraud:
- Never share your password or MFA code with anyone. If someone asks for these hang-up/don’t respond – it is a scam.
- Most online marketplaces have their own preferred payment method AND best practices for avoiding scams. Someone asking for payment outside of the normal channels should set off a red-flag.
- Remember the mantra: Hang up, Look Up, and Call Back. If you receive a call from a financial institution/P2P provider warning you about fraud on your account, hang up. If you believe the call might be legitimate, look up the number of the organization supposedly calling you, and then consider calling them back.
Have questions? We’re always here to help. Call us: (207) 839-4796.