“Sucker! You just got scammed!”
Gary Warner, director of Research in Computer Forensics in the University of Alabama at Birmingham’s Department of Computer Science, says that was the message sent to his niece just after she sent $400 for NBA playoff-game tickets – tickets she found on Craigslist via the popular digital payment app Zelle last year. Warner says he talked with fraud examiners at Zelle, Craigslist, Facebook, his niece’s bank and the scammer’s bank, to no avail. There was no way to get her money back, even after the scammer’s identity and location were confirmed.
Warner says you are likely to have a similar experience if you send money to a stranger.
How does one keep one’s money safe while using digital payments? Warner shares some simple rules for ensuring transactions are more secure:
Only pay people you know
When using digital payment services such as Zelle, CashApp or Venmo, send money only to colleagues, family members, friends or people you plan to meet face to face.
“I use Zelle through my BBVA account often to pay a friend for a split-check dinner or to send money to a family member or friend in need – but only to people I personally know,” said Warner, who has worked in the field of computer science for more than two decades and is an expert in cybercrime and computer forensics.
Use a reputable digital payment provider
In addition to his preferred provider, Zelle, Warner recommends apps such as CashApp or Venmo, each of which is available for both iOS and Android devices, and iOS-specific service Apple Pay. But keep in mind that reversing payments through these providers is nearly impossible, though Warner says vendors are working diligently to improve their abilities in this area.
Digital payment operator PayPal is the oldest and most experienced service, Warner says, and offers a higher level of protection when sending money to a stranger or strange company for online business transactions. It is especially useful when sending money to a vendor for a product purchased online, he continues, because it protects users from having to directly enter their credit card information with an unknown business. The company also offers guarantees to users if a transaction turns out to be fraudulent.
“Thousands of vendor websites have had data breaches, and when credit card details are stolen in those breaches – including from very large companies such as airlines and hotel chains – PayPal users are still safe,” Warner said. “PayPal protects me from having my credit card details on a dozen different websites.”
Beware of fraudulent apps and text messages from banks
Though downloading a fraudulent application for iOS or Android devices is rare, Warner says it does happen from time to time – more likely by far on Android devices. The same advice for downloading any mobile app holds true for digital payment applications, he says: Look at the number of downloads for the app.
“If you are downloading an app with hundreds of thousands or even a million-plus downloads, it’s certainly the ‘real’ app,” he said. “Venmo, Zelle and CashApp each have more than 30 million downloads. Sketchy apps often have high counts of negative reviews and very low download counts.”
Scammers are also sending fraudulent text messages and voicemails to consumers, encouraging them to call unfamiliar numbers provided by a fake link to log into their online account.
Use a credit card instead of debit for online purchases
As an extra level of protection, Warner recommends using a credit card for online transactions, even when linking a payment method through PayPal.
“That way, if a fraud attempt does occur, your checking account doesn’t end up overdrawn,” he said. “It buys you more time to dispute the charge.”
This story originally appeared on the University of Alabama at Birmingham’s UAB News website.
