Lynchburg business targeted by high-tech fraud scam

A Lynchburg business was recently targeted by a rare form of high-tech fraud that puts a new twist on old ways of tricking people into losing cash.

The scammers try to convince store owners that their credit card terminals need software updates, and then reprogram the terminals to funnel money from credit card purchases into someone else’s bank account.

Julie Wheeler, president of the Better Business Bureau of Western Virginia, said she had not heard of this kind of scam before, but “it doesn’t surprise me at all, the way technology is.”

“They’re getting sneakier and sneakier to try and get your money.”

An executive with a merchant services company, which helps stores process credit card transactions, said this scam is rare but scary.

The scam hit Lynchburg at Hamilton Shoe Salon on Boonsboro Road in mid-August. A caller claimed to be from a “merchant services reprogramming team,” according to office manager Megan Beach.

The caller initially left a message, and Beach called back.

The man who took her call said the point of sale terminal needed an update.

Since Beach occasionally downloads updates from Chase Paymentech, her store’s merchant services firm, she didn’t think anything was odd at first.

Beach followed the man’s directions and downloaded the update. But then he told her she needed to re-establish the store’s account with Discover in order to keep accepting Discover cards.

That’s when Beach got suspicious. The number he gave her was different than the one she had on file for Discover.

Then she realized the number for the “reprogramming team” was different than the number for her actual merchant services company.

She called Chase Paymentech, who identified the previous call as a scam.

The fraudulent company had changed some settings in the credit card terminal, “so that when our credit card transactions dialed out for the night, they would have been wired to them,” Beach said.

Chase Paymentech fixed the terminal before any cards were run through it, Beach said.

Michael Herman, chief compliance officer with Chase Paymentech, which is partly owned by JP Morgan Chase, said this scam comes up occasionally, but he’s only heard of it once or twice in his 11 years in the field.

“It’s a scary crime, but a tedious one,” he said.

He said his company mails out notifications several weeks before an update is due.

Wheeler compared the scam to others the Better Business Bureau hears about, including phishing scams that install spyware on a computer, but with “a little different twist.”

“That’s pretty slick, and you may not know it if you don’t look on your statements. It would be a while before you know what’s wrong.”