The last thing anyone wants to find is unauthorised transactions on their card. This sends you into a panic mood and makes you wonder what is happening. We understand how you would feel hence why we’ve put together a list of things to do so you can protect yourself from card fraud.
How to protect yourself from scams and card fraud ?
1. Delete your card if you lose it, it’s stolen, or you notice any suspicious activity
This is the best way to make sure no more transactions can happen on your card. If you can’t find your card, you can delete it permanently in your account. See instructions below on how to do each:
You must permanently delete your card if:
You’ve been a victim of fraud / a scam.
Fraudsters and scammers are nifty. If you bought something and later found that it was a scam or you have unauthorised transactions on your account that can’t be explained, or have been a victim of fraud, you must delete your card immediately.
Your card details are now in the hands of someone else, even if you used to trust them but no longer feel it's safe, delete it permanently in your account. This prevents a multi-user accidentally unblocking the card in the future and your business sustaining further unauthorised transactions.
Your card has been lost / stolen.
If you’ve searched and you’re unable to locate your card, you’ll need to delete it permanently. This prevents any unauthorised payments.
2. Be conscious and increase your security
Avoid accessing card information on a public computer
Never write down your card details or PIN number onto a notepad, sticky note or even into a document on your computer.
Make sure your computer’s security software is up to date and scan for viruses regularly
Check that your WIFI networks are password protected
Avoid accessing your card information via hotspots or on public networks
If multiple people within your business or multi-users have access to your virtual card details, make sure that the above applies to them too.
Working from home or a coffee shop can also pose these risky scenarios:
Hot-spotting or logging into a public WIFI network to access the card whilst working on the train home / at an airport
Accessing card details off home computers, rather than work computers
Accessing card details using non-password protected WIFI at home
If you've recently experienced fraud, questions to ask yourself and colleagues are:
- Is my WIFI network password protected?
- Are other employees' home WIFI networks password protected?
- Has anyone been logging into public networks (at train stations, etc)?
- Has anyone written down the card details?
- Has anyone noted down the card details on their computer (Google Document, Notes, etc)?
- Has anyone written their card details in an email? This applies, even if the email is to a colleague - email inboxes are not a secure place to share details!
- Is the security software on all work laptops adequate and up to date?
- Has anyone been logging into your Verto account from their unsecured home computer?
3. Make sure the merchant's website is secure
Make sure that the website you’re adding your card details to is secure by checking for the security certificates. Look out for a padlock icon in your browser bar (where your website address is listed) to show that the website is secure.
If you've recently experienced fraud, questions to ask yourself and your colleagues are:
- Have you used your card on any new or dodgy website recently?
- Have you used your card at a dodgy location?
- Have you given your card details to anyone lately?
4. Pay securely
Websites can become compromised and card details taken when inputting or storing your card details on them. Two ways you can protect against this is:
Third party apps : Paying using a third party provider, such as Paypal allows you to store your card details securely with them, so that you don’t have to input your card details onto other websites directly.
Payment gateways : Check that a payment gateway is being used before saving your card details on a website. The use of a trustworthy payment gateway means that your card details won’t be stored on the merchant’s website, but instead will be stored within the payment gateway, which will have extra, dedicated security measures in place specifically to protect your financial details.
5. Keep your personal information protected
Make sure you have a strong password on all your devices and accounts that include upper and lower case letters, numbers and symbols. Don’t use the same password for every account / device, don’t share them with others and never write them down.
This also includes shredding anything that contains sensitive information.
If you've recently experienced fraud, questions to ask yourself and your colleagues are:
What is our procedure for disposing of sensitive documents? Do we shred them?
Does everyone have a strong, unique password or use a secure password manager on their work computer?
Has anyone shared their passwords, written them down, or noted them on their computer (Notes, etc)?
6. Never give anyone access to your computer
If anyone contacts you wanting to install something on your computer, no matter how legitimate it sounds, do not let them. If it’s a scam, they’ll likely be planting a virus which will give them access to all your passwords and personal information. Hang up immediately.
If you've recently experienced fraud, questions to ask yourself and your colleagues are:
- Has anyone recently had someone request access to their computer?
7. Never give your card details to anyone you don't trust
Be wary of anyone asking you for your card details. This can be via email, SMS, or phone call. You should always be provided with a secure option, such as Paypal or a secure payment gateway.
If you've recently experienced fraud, questions to ask yourself and your colleagues are:
- Has anyone given their card details to someone over the phone, in an email or an SMS?
8. Be wary of unauthentic emails and pop-ups
Treat any pop-up window or notification that you’ve won something as highly suspicious. This is called “phishing”. Successful scams make their communication look very official, so it can be very difficult to identify, and often pretend to be reputable companies.
If you've recently experienced fraud, questions to ask yourself and your colleagues are:
Has anyone in your company recently clicked a link in an email that might not have been genuine? (eg. a vague email from the CEO of your company, an email from
Has anyone clicked a pop-up recently saying they've won something?
9. If someone leaves your company, remove access immediately and cancel cards they had access to
If someone leaves your company and they were a multi-level user on your Verto account or card(s) held by your Verto account, make sure to do the following immediately:
Remove them from your Verto account
Cancel their card, if they had one
If they had access to any other business cards (company cards), you must cancel them too. They may have written down the details or saved them to one of their personal devices and inadvertently use it at a later date)
Lastly, don't forget to remove their access to all company accounts, including their email, internal messaging system and anywhere else they could continue to gather sensitive information.
If you don't remove access for your ex-employees immediately, they may continue to gather sensitive information and make purchases using company money.
If you've recently experienced fraud, check through your list of users under the settings in your account to make sure you've removed all ex-employees.
What if I've had fraud on multiple cards?
Seeing unauthorised transactions on multiple of your cards indicates that the person responsible has access to your Verto account.
Do the following immediately:
1. Check that no one has access they shouldn't.
Check your list of users under your multi-user settings and remove anyone who shouldn't be there, for eg. ex-employees.
2. Ask every user to immediately change their Verto password.
They must change it to a strong password, which includes upper case, lower case, numbers and special characters. They should not have used this password anywhere else and they must not write it down.
3. Think about other ways your account could be accessed.
Do you have a bookkeeper or contractor? How do they keep your details safe?
How will I know if I’m being contacted by a scammer?
Red flags that you’re talking to a scammer:
They get agitated that you’re going to call the company’s general support line
They ask you for your card details
They’re contacting you at an unusual time (outside of business hours / on the weekend)
They aren’t able to give you a succinct explanation of what they’re calling / emailing about
They refuse to send you an email confirming the details of the call and their request
They’re pushing you to make payment now
They ask for remote access to your computer
They’re emailing from an Outlook, Hotmail or Gmail email address
The email address is different (even just slightly) from the email address on other emails you’ve received from this company
What to do if you think you’re talking to a scammer.
Don’t click any links (if by email / SMS)
Verify who they are:
- Ask for the name and job title of the person who’s contacted you
- Find an official phone number for the company (for eg. from Google)
- Call their official* support line and ask for them
Type the phone number / email address that contacted you into Google. You might find that “scam!” is the top hit.
Hang up on them (if you’re on the phone)
*DO NOT use any contact details they give you. Always find the company’s contact information via an independent source, such as Google or their official website.
Never call the number given to you by the person on the phone, or on SMS.
If the person you’re talking to gets agitated when you say you’ll call their office back and pushes you to give them your details then and there (for example, saying that you’ll lose the prize if you don’t enter them now), do not do it. This is most likely a scam.
If you think your card details have become compromised.
If you’ve noticed unauthorised transactions on your account, please block your card immediately and follow the steps in the following article: How do I dispute a transaction? or raise your dispute here.