Peer-to-Peer (P2P) Payment Scams (Part 2)

30th January 2024 | Advisory, Blog Peer-to-Peer (P2P) Payment Scams (Part 2)

Hackers target you to "Borrow" your phone and drain your Bank Account.

CyberHoot recently blogged about scams involving peer-to-peer payment apps. Hackers impersonate family members on social media or marketplaces, tricking people into erroneous payments. Following this blog article, CyberHoot learned of two more mobile phone-based cash app scams growing in popularity.

Firstly, we’ll discuss the “Erroneous Payment and Refund” scam. Then, we’ll explore the “Emergency Phone Borrowing” scam. Finally, we offer suggestions for protecting yourself from these cash app scams.

Scam #1: Accidental Payment Refund Scam

Hackers infiltrate cash app accounts, draining funds and linked bank accounts. They then issue accidental payments to the account holder’s contacts, followed by messages requesting refund or repayment due to a ‘wrong account’ error.

Once these accidental payments are reported, they are reversed by the bank. Meanwhile, your reimbursement has been transferred to a hacker’s burner cash app account and withdrawn, leaving no trace.  They are playing on your good nature and trust of the people you have transacted with in the past.

Hackers gain from refunds, the breached cash app balance, and linked bank account funds. This scam is lucrative with minimal risk of capture. Prevention measures, which we’ll discuss shortly, apply to both this refund scam and the “Emergency phone borrowing scam” we discuss next.

Scam #2: Emergency Phone Borrowing

Hackers approach individuals near stores, cinemas, and other public places. Their phone is dead and they have an emergency like a dead car battery, being out of gas, or some other credible emergency. Upon handing over your unlocked phone to help, the scammer accesses your cash app (Zelle, PayPal, Venmo, or Cash App) and transfers your balance to a burner cash app account.

Both scams exploit your good nature and hope you’re blissfully ignorant of these increasingly popular financial attacks. However, knowing about these scams isn’t enough; you must take protective steps.

Protective Measures to Prevent Cash App Scams

By following these protective measures, you’ll be able to continue being a kind helpful citizen, without putting yourself at financial risk.

Verification: Always verify with the sender if you receive unexpected cash app funds. Never refund without a verbal or in-person confirmation.

Logout Security: Log out of cash apps when not in use. Although apps encourage staying logged in, logging out hinders opportunistic hackers.  Tip: If you’re using a Password Manager, you can quickly and easily log into any cash app with strong authentication only when you need to.

Funding Source Caution: Consider linking a credit card, not a bank account, as your backup funding source to your cash app balance. Credit cards often offer better protection against fraudulent activities.

Transfer Cash App Balances to your Bank Account:  should your cash app be compromised for any reason, the balances held in them are not insured by the app developers.  Any money removed fraudulently from your cash app is essentially gone.  Transfer all funds to your bank account in order to prevent their theft.

Emergency Phone Use:  instead of handing your phone over to someone, offer to make the call for them.  Be firm and unwavering that you will not give your phone over to anyone, but you are willing to assist by making a phone call.  There are many other social engineering scams people use to get you to give them your phone.  Never do it!

Conclusions:

Stay vigilant with personal finances on cash apps. Confirm refunds verbally or in person. Instead of lending your phone, offer to make the call yourself. If refused, politely decline to help. Always log out of financial apps to require authentication for transactions.

Bonus Tip: Know your phone’s emergency shutdown process. Most devices require strong authentication after rebooting, rendering them useless to attackers.

Video overview of two popular payment app scams.

https://youtu.be/F3_ytnEveeE

Related Articles: 

  1. 6 ways to spot a mobile payment app scam” on VerifyThis.com. This article provides insights into common mobile payment app scams and offers tips on how to avoid them. It covers scams related to Zelle, Venmo, Cash App, and PayPal. Read more on VerifyThis.com
  2. 4 Common Scams on Cash App, Venmo and Zelle (and How To Avoid Them!)” on Clark.com. This article outlines four popular scams on peer-to-peer payment platforms and provides advice on how to protect yourself from them. Read more on Clark.com

Secure your business with CyberHoot Today!!!


Sign Up Now

Latest Blogs

Stay sharp with the latest security insights

Discover and share the latest cybersecurity trends, tips and best practices – alongside new threats to watch out for.

CyberHoot Newsletter – June 2025

CyberHoot Newsletter – June 2025

CyberHoot June Newsletter: Stay Informed, Stay Secure Welcome to the June edition of CyberHoot’s newsletter,...

Read more
Make Phishing Training Count with HootPhish

Make Phishing Training Count with HootPhish

Stop tricking employees. Start training them. Take Control of Your Security Awareness Training with a Platform...

Read more
Apple Alert: Critical AirPlay Vulnerabilities Expose Millions to Cyber Threats

Apple Alert: Critical AirPlay Vulnerabilities Expose Millions to Cyber Threats

A recent discovery by cybersecurity firm Oligo Security has unveiled a series of critical vulnerabilities in...

Read more