Payment Fraud: Agencies Unite to Tackle Scams and Share Data

United States regulators outlined a coordinated push to curb schemes targeting transactions, leaning on a new public-private forum to gather input and strengthen oversight for modern threats in real-time.

Payment fraud is the deliberate use of deception or unauthorized access to move money, obtain goods or services, or trigger a payout through a payment system. It can involve stolen credentials, manipulated payment instructions, counterfeit instruments, or disputes used to reverse legitimate charges.

Common types include credit card fraud (including card-not-present misuse), check fraud (such as altered or counterfeit checks), phishing (tricking a person into handing over credentials or approving a transfer), account takeover (using stolen logins to take control of a customer or business account), and friendly fraud (when a real customer makes a purchase and then disputes it to obtain a refund while keeping the goods or services).

Fraudsters typically succeed by exploiting weak authentication, stolen personal data, or gaps between systems: they may use social engineering to pressure a victim into sending funds, capture passwords through fake sites, intercept one-time codes, or test stolen card details at scale until they find a combination that works.

Examples include a spoofed email that convinces an employee to reroute an invoice payment to a criminal-controlled account, a stolen card number used for an online purchase, a check that is “washed” and rewritten for a higher amount, a merchant account accessed with compromised credentials to change payout details, or a customer who later claims a valid purchase was unauthorized to force a chargeback.

For businesses, fraud can create direct financial losses, chargebacks and dispute fees, higher payment processing costs, and additional operational overhead for manual reviews and customer support. It can also damage reputation and customer trust, especially when fraud leads to delayed fulfillment or account lockouts.

Businesses that tend to be more vulnerable include online retail and marketplaces, subscription services, travel and ticketing, digital goods and gift cards, peer-to-peer platforms, and any merchant with high-volume remote transactions or rapid fulfillment. Smaller organizations can also be at risk when they lack dedicated fraud teams or mature controls.

Prevention steps businesses commonly use include stronger customer authentication and step-up verification for risky activity, multi-factor sign-ins for staff and admin tools, tighter refund and dispute workflows, device and behavioral checks to flag anomalies, limits on velocity and high-risk payment attempts, and clear employee training to reduce social engineering exposure.

Banks detect fraud through transaction monitoring and rules that look for unusual patterns, behavioral analytics and artificial intelligence models that score risk, and customer verification steps such as confirmations, out-of-band callbacks, or temporary holds when activity appears suspicious.

Real-time payment fraud refers to scams and unauthorized transfers that exploit instant payment rails where funds can move and settle quickly, leaving little time to claw back a loss. These schemes often rely on manipulation—getting a customer to approve a push payment—or on compromised accounts that can send funds immediately.

Friendly fraud is a specific kind of dispute abuse where the payer is the real account holder, but the dispute is used to avoid paying for a legitimate transaction. It can stem from deliberate misuse, confusion about billing descriptors, or dissatisfaction handled through the chargeback process rather than normal customer service channels.

Key Takeaways: Prevent Transaction Scams

• The Federal Reserve, the Federal Communications Commission, and the United States Treasury Department will convene a public-private roundtable to collect guidance on countering scams in payments.
• Topics will include firms’ fraud prevention programs, how well data are shared across institutions, and potential solutions that span industries or involve government partners.
• The Federal Reserve Board has assessed more than 250 responses submitted last June to a joint request for information from the Federal Reserve, the Federal Deposit Insurance Corp., and the Office of the Comptroller of the Currency, and will use that feedback to shape its strategy to reduce scams in payments.

Deeper Insight: Fraud Prevention Collaboration

Bowman endorsed tighter coordination among states and federal bodies to confront constantly evolving schemes. The plan brings in banks, other regulators, law enforcement, consumer advocates, and policymakers to improve fraud detection and limit financial loss.

We should reassess whether today’s rules fit modern schemes and are ready for the threats consumers will face next. The financial system must serve everyone safely. Criminals are organized, skilled, and persistent; our response has to be just as strong.

She also flagged a basic hurdle: the absence of a shared vocabulary to describe scams in payments.

When institutions classify the same scam in different ways, alerts and lessons learned do not travel as far or as fast as they should.

Taxonomies vary, with some models tagging cases as e-commerce purchase scams while others classify similar activity as imposter schemes. Agreeing on common labels for categories, methods, and prevention tools would make it easier to size the problem and track fraud trends, she said.

The Federal Deposit Insurance Corp., the Fed, and the Office of the Comptroller of the Currency have collaborated before on this issue. Last year, they outlined steps to curb scams, with a focus on check fraud, and Bowman committed to working alongside state and federal regulators and law enforcement.

Other experts are sounding the alarm as losses from fraudulent payments rise.

During a March panel hosted by Payments Dive and Banking Dive, Donna Turner of Risk Insight Solutions — and former chief operating officer of Early Warning Solutions, parent of Zelle and Paze — said the United States could draw lessons from international approaches to reducing scams.

Paul Benda of the American Bankers Association added that closer coordination among banks, social platforms, and telecommunications providers could help identify bad actors using artificial intelligence tools in near real-time and strengthen fraud detection across the ecosystem.