One of the most interesting scams that has come up frequently is related to hidden merchant fees. This scam entices merchants to apply for accounts at low rates with a brief quote. They conceal fees, rates, and many various extra charges. When applying for a merchant account, is important to stay away from advertisements that claim to have the lowest rates around. Some key fees to ask for are: discount rates, mid qualified rates (keyed rates), non qualified rates (rewards card and purchase card rates), transaction fees, setup fees, annual fees, statement fees, services fees, PCI Compliance fees, merchant club fees, and early termination fees.

Many times, merchants will receive a lengthy terms and conditions document. There are usually many different fees within the fine print of this document. You should request the terms and conditions document in advance and make sure to read through it carefully. You don’t want to be caught with a lot of unexplained and unexpected expenses.

Also beware of the “Hold Back” or reserve account. Some scams prey on e-commerce merchants looking for the lowest rate. Once the merchant finds the rate they are looking for, they fill out a surprisingly short online application. A high reserve is requested in order to grab the maximum amount of money without arousing the merchant’s suspicion. All of the sudden the merchant account provider disappears,  the telephone number is disconnected, and your money is gone. It is important to find out what bank your card processor is registered through, and who will actually be responsible for your money if they should happen to disappear.

Now merchants are in for a new type of threat. The very software that business owners use on their computer networks may cause card holder data to be compromised. Packet sniffers are software or hardware that monitors data on a network, and they have been around for a long time. This software is typically used to troubleshoot a network issue or to test firewalls . Conversely, we have malware that is designed to damage a network. It appears that attempted fraud is on the rise again. Packet sniffers are being used as malware on systems to snag or intercept card holder data.

Visa recently released an alert about packet sniffers . If you feel your card holder data has been compromised, make sure to unplug your network cable (turning off your computer will not work). Try to isolate the compromised machine from the rest of the network. Notify the card associations immediately so they can begin their investigation process.

Visa recommends in their alert that we follow these guidelines to avoid vulnerability to a packet sniffer attack:

• Utilize host-based Intrusion Detection Systems (IDS), such as Dragon IDS suite and Comodo
• Monitor firewalls for suspicious traffic, particularly outbound traffic to unknown addresses
• Implement file integrity monitoring
• Secure workstations so packet sniffers, or other malware, cannot be installed
• Utilize encrypted protocols or encryption to protect sensitive data
• Use packet sniffers legitimately to detect network intrusion attempts or suspicious activity on a network
• Ensure that anti-virus and anti-spyware software programs are up-to-date
• Routinely examine systems and networks for newly-added hardware devices