Despite the numerous anti-fraud efforts utilized by businesses and consumers, the threat of a being becoming a victim of a cyber attack or scam is persistent. This isn't just costly, it's been estimated that the median loss caused by fraud was $145,000 in 2014, it's also frustrating, can do serious damage to your brand's reputation, and could months, if not years, for you to completely cover.

That's why it's imperative for you to be proactive when it comes to securing either your business or personal information. Having updated anti-virus software, using unique passwords, and using some common sense are a start. But, since scammers are always changing the rules to the game, you also need to stay up-to-date on the latest scams, like these 10 payments scams.

Top Banking Malware of 2016

According to the Check Point 2016 H2 Global Threat Intelligence Trends report, these were the most common of 2016;

Form W-2 Scam

This phishing scam, which is formally known as a BEC (business email compromise) or BES (business email spoofing) attack, first appeared in 2016. But, it's back with a vengeance in 2017. According to the IRS, this is "an email scam that uses a corporate officer's name to request employee Forms W-2 from company payroll or human resources departments" where cyber criminals pretend to be an "executive" to obtain employee names, SSNs and income information so that they can file a fraudulent tax return.

The latest variation of this scam, however, asks payroll or HR staff to wire money to a certain account.

Vishing and Smishing

These scams aren't exactly new, but with the mobile revolution in full swing, they could cause havoc for unsuspecting victims like this woman from the UK and these individuals in the Czech Republic.

Vishing is where a scammer calls you and pretends to be from your bank or a trusted institution like Microsoft. They trick you into thinking that there's an emergency so that you'll willingly hand over account information or download malicious malware.

Smishing, which is short for SMS phishing, works just like phishing in that you're duped into downloading a Trojan horse or virus. However, instead of downloading like this virus from an email, you download it onto your phone via SMS. The most prevalent mobile malware in 2016 was Hummingbird, Triada, and Ztorg.

PayPal Phishing Scam

If you're a PayPal user, you may receive an email that includes the PayPal logo, a well-written message, and even some fine print that informs you that you most login into your account to resolve some issues. You're then directed to click on a link to sign into your account. But, instead of logging into your PayPal account, you're actually logging into a fake page. Now the scammers have all of your PayPal credentials.

To make matters worse, some of these pages are requesting information like the user's address, phone number, social security number, and date of birth.

Venmo Scams

Venmo has quickly become one of the most popular payment apps available. It makes it painless to pay back friends or family and even split bills. However, it's also a hotbed for payment scams. As reported in

As reported in VR-Zone; "A man selling his car on Craigslist was scammed out of $1,800 when the buyer agreed to transfer the money via Venmo. According to the seller's report, he confirmed the payment when he received a deposit into this Venmo account. Things went smoothly until Venmo reversed the payment. The car title was already signed over, and the seller was out $1,800.

In another incident, a man selling iPhones over the holiday was scammed out of over $5,000 in a blink of an eye. He saw the money coming into his account, and then after everything was finalized the money was taken back by Venmo."

"These Venmo scams work so well because the scammers know a few things that you don't," writes Alison Griswold for Slate. "They are taking advantage of your assumption that because transacting on Venmo is simple and quick, it is also always safe."

The easiest way to protect yourself on Venmo is to only transfer funds to and from people that you know.

Sneaky Social Media Scams

It's not uncommon for you to catch ads or unsolicited content while on your favorite social media channel. However, like Venmo, social media has become a hotbed for fraudsters. Here are a couple of the more prevalent social media scams to be cautious of;

Amazon Gift Cards

According to the Federal Trade Commission, scammers are asking people to buy big online purchases, like a car or a boat, with an Amazon gift card. "Posing as sellers, scammers say they need to sell a car fast -- maybe they're in the military or about to deploy. They tell you to pay with an Amazon gift card."

"Don't do it. Amazon gift cards aren't a way to pay someone -- you can only use them at So if someone asks you to pay with an Amazon gift card, it's a scam. If you share the code from an Amazon gift card with someone, you're giving that person control of the money on the card. By the time you realize it's a scam and report it, the money will likely be gone."

Fake Altcoin Sites

Cryptocurrency scams have been around since the launch of bitcoin in 2009. However, with eCash becoming more widely embraced by the mainstream, many newbies who want to start investing in cryptocurrency may fall victim the increasing amount of fake altcoin sites.

Examples of these sites include OneCoin, S-Coin, and Earthcoin. Another site, which appears to have been shutdown, is Hashpoke.

To avoid getting scammed, do your research before handing over money to a new or lesser known altcoin site. Look for reviews, trust your instincts when reviewing their website, and stick with reputable bitcoin alternatives like Litecoin or Dash.

Calling the "Issuing Bank"

If you have a brick-and-mortar location, you may encounter a customer whose credit card is denied. They angrily call their "issuing bank" from their cell phone. Once they're in contact with a "representative," they hand the phone over to you so that you can be informed that the card is good and the transaction can be authorized offline. In good faith, you complete the transaction.

According to Heartland Payment Systems, when your monthly statement arrives, you notice a "Code 72 dispute (i.e., the issuing bank received a transaction that was not authorized). The jewelry store's account is debited and a chargeback reversal is denied."

The easiest way to prevent this scam from working is to call the credit card company yourself at one of the following numbers;


Scammers are always modifying their techniques and using the latest technology to trick you into submitting financial information. In order to stay ahead of these nefarious individuals, follow basic security protocols like not opening links from unknown senders, never sharing account information or information with anyone over-the-phone, avoiding public WiFi, and using anti-virus software, firewalls, and tools that detect malware.

You also need to educate yourself, and your team if you're a business owner, on the most common security threats and stay updated on the latest scams and trends by frequently visiting sites like the Federal Trade Commission's Scam Alerts page and reviewing the previously mentioned Global Threat Intelligence Trends.

Most importantly, don't be complacent. Just because you have anti-virus software and use common sense doesn't mean that you're 100% safe. For example, digital wallets are fairly secure, but some are known to have bugs and security flaws. And, there's always the instances of human error during the card-setup process. In short, make sure that your accounts are set-up properly and that you constantly review your account activity.