Common Payment Scams & How to Prevent Them

It’s 1:00 PM on a Saturday. Your café is heaving, the queue is out the door, and your team is rushing to clear tables. A well-dressed customer steps up to pay for a large order. They chat politely, maybe even compliment your staff. When it’s time to pay, they fumble with their card, claiming the chip is damaged, and ask you to type the numbers in manually.

In the heat of the moment, you just want to clear the queue. You key it in. The payment goes through.

Three weeks later, the money is clawed back from your account. The card was stolen, the owner is disputing the charge, and you have lost both the stock and the cash.

For UK SMEs, this isn't a rare horror story; it’s a daily risk. With fraud losses on UK-issued cards topping £600 million in the first half of 2025 alone, criminals are targeting independent businesses with increasing sophistication. They know you are busy, they know you value customer service, and they use that against you.

Here is how to spot the most common scams in 2026 and how Teya helps you stop them before they start.

1. The "Manual Entry" Scam

This is arguably the biggest threat to high-street retailers and hospitality venues right now.

How it works: A fraudster presents a card that they claim "won't read" due to a damaged chip. They pressure your staff to manually enter the 16-digit card number (PAN) into the terminal. The transaction might initially authorise, but because the physical card's chip wasn't used to generate a unique security code, the bank will almost always side with the real cardholder when they report it as fraud.

The Teya Solution: Our terminals are designed to prioritise chip and contactless security. You should strictly limit who has permission to perform manual entry transactions on your POS.

• Best Practice: Never process a manual entry transaction for a customer who is physically present unless you have known them for years. If the chip fails, ask for another payment method.

2. The Refund Fraud (or "Reverse Authority")

How it works: This can be an internal or external job.

• External: A customer buys a high-value item, then returns shortly after with a different card (or a "cloned" refund card), asking for the refund to be processed there. They pocket the cash and keep the original goods if they pulled a switch.

• Internal: A dishonest staff member processes a refund to their own personal card when no customer is present.

The Teya Solution: Teya terminals allow you to lock down refund capabilities. You can set the system to require a manager’s PIN code to authorise any refund. This simple step stops unauthorised staff refunds dead in their tracks.

3. The Distraction Theft

How it works: Professional thieves work in pairs. One causes a scene or asks detailed questions to distract your staff member, while the other swaps your card terminal for a dummy device or a compromised one. They might also simply watch a customer enter their PIN and then steal the card.

The Teya Solution: Our terminals are tamper-evident. If someone tries to open the casing or inject malicious software, the device is designed to shut down and wipe sensitive keys to protect your data. Plus, with payment security standards automatically updated, your software is always one step ahead.

4. The "Phone Order" Chargeback

How it works: You receive a large order over the phone (Card Not Present). You take the payment, the food or goods are collected, and everything seems fine. Days later, a chargeback arrives claiming "Item Not Received" or "Unauthorised Transaction." Since you have no proof the cardholder was the one who collected the goods, you lose.

The Teya Solution: If you take phone orders, you need a robust process. However, moving these payments to secure Payment Links (sent via SMS or email) is far safer. The customer has to authenticate the payment on their own device using 3D Secure (verified by Visa/Mastercard), which shifts the liability away from you.

How Teya Keeps You Safe (Without the Jargon)

We know you aren't a cybersecurity expert. You run a pub, a shop, or a salon. That is why Teya builds security into the background, so you can focus on your customers.

• Real-Time Monitoring: Our systems scan transactions 24/7 for suspicious patterns. If we see something odd—like ten high-value transactions in ten minutes—we flag it immediately.

• PCI Compliance Sorted: We simplify the complex world of compliance. By using our point-to-point encryption (P2PE), your customer data is unreadable to hackers from the moment the card is tapped.

• Next-Day Settlements: Secure payments shouldn't mean slow payments. We settle your funds the next business day, so you aren't left waiting to see if that big weekend take is actually real.

5 Simple Rules for Your Staff

Technology is only half the battle. Train your team on these basics to prevent payment scams:

1. Never type in card numbers manually for strangers.

2. Always keep the terminal in sight; don't leave it on the counter unattended.

3. Check receipts to ensure the transaction was "Verified by PIN" or "Contactless."

4. Compare the last four digits on the receipt with the physical card if you are suspicious.

5. Trust your gut. If a sale feels "too good to be true" (e.g., buying the most expensive wine without looking at the price), it probably is.

For more on managing disputes, check our guide on chargeback prevention tips.

Conclusion

Fraudsters rely on you being too busy or too polite to challenge them. By using Teya’s modern, secure terminals and sticking to a few firm rules, you protect your hard-earned revenue.

Don't let a scammer ruin your month. Upgrade to a payment partner that watches your back.

Secure your business with Teya. Get started today