14 Common Merchant Account Scams (and How to Stay Safe)
If you’re looking to accept payments for your business, you’re going to need a merchant account and a payment gateway. While there are plenty of highly reputable merchant account providers out there, there are also a few bad eggs that can turn (online) transactions into a financial nightmare for your business.
Today, we’ll show you the most common merchant services scams, how they happen, and what you can do to protect your business.
Get approved for a merchant account in less than 24 hours
Merchant account scams can affect merchants and customers
Merchants looking to process payments can get scammed by shady processors. But at the same time, customers can get affected by fraudulent transactions, purchasing from fake businesses, and more.
This is why we’re showing you both types of scams: those that affect merchants, and those that affect their customers.
PS. it’s also worth knowing the differences between merchant accounts, payment processors and payment gateways.
Top merchant account scams that impact merchants
Legitimate businesses that want to accept payments can get sidetracked by shady processors that promise instant approvals and fees that you can only dream of. These are the most common scams you’ll run into with merchant account providers.
|
Type of scam |
Best way to stay protected |
|---|---|
| Fake “instant approval” high-risk merchant accounts | Work only with providers that conduct full underwriting and disclose their acquiring bank partners. Avoid anyone promising guaranteed approval with no documentation. |
| Account coding fraud | Never agree to misclassify your business. Ensure your industry and MCC code accurately reflect what you sell. |
| Hidden or changing rolling reserves | Get reserve percentage, holding period, and release schedule clearly stated in writing before signing. |
| Teaser processing rates that hide the real cost | Request a full fee schedule and a sample statement. Focus on effective rate, not headline pricing. |
| Equipment leasing traps | Buy credit card machines outright when possible and confirm that no separate long-term lease agreement is attached. |
| Fake PCI compliance penalties | Verify any PCI notice directly with your processor using official contact information. Never pay unexpected invoices from unknown third parties. |
| Early termination fee and liquidated damages traps | Review contract length, renewal terms, and cancellation clauses carefully before signing. |
| “Free” merchant account offers | Calculate total processing cost based on your volume and average ticket size. Look beyond marketing claims. |
| Merchant account recovery and MATCH removal scams | Avoid paying upfront fees to third parties promising MATCH removal. Work directly with legitimate high-risk specialists instead. |
Fake “instant approval” high-risk merchant accounts
If you work in a high-risk industry and you have been declined before, the phrase “guaranteed approval” can sound like a lifeline. That is exactly why scammers use it.
Legitimate merchant accounts always involve underwriting. A real provider reviews your website, your chargeback history, your processing volume, your business model, and your compliance documents. There is no such thing as skipping that step, especially for high-risk verticals.
Scam operators promise approval in minutes with no documents and no compliance checks. In many cases, they collect an upfront application or setup fee and then disappear. In other cases, they onboard you temporarily under false information. The account works for a short period, then the acquiring bank shuts it down and freezes your funds.
If there is no underwriting, there is no real merchant account. That alone should be your first warning sign.
Account coding fraud
This scam is more subtle and far more dangerous long-term.
Instead of declining your business, an unethical processor may tell you they can “make it work” by coding your business under a different category. A CBD seller might be registered as a consulting service. An adult platform might be labeled as digital marketing. On paper, everything looks approved.
The problem appears later.
Acquiring banks regularly audit accounts. When transaction descriptors, website content, or chargeback patterns do not match the assigned MCC code, the account is flagged. That often results in immediate termination, fund holds for 90 to 180 days, and potential placement on the MATCH list.
At that point, the processor who misclassified you is gone, and you are left dealing with the consequences. Any provider suggesting you “hide” your industry is exposing you to serious financial and reputational damage.
Hidden or changing rolling reserves
Rolling reserves are common in high-risk merchant accounts. They are not inherently abusive. In fact, they are often required by acquiring banks to manage chargeback risk.
The issue arises when the reserve terms are vague, poorly explained, or quietly modified after you are onboarded.
Some merchants are told they will have a 5 percent reserve for 90 days. After processing begins, the reserve increases to 10 or 15 percent. In other cases, the release schedule is unclear, and funds are held longer than originally described.
A professional provider will spell out the reserve percentage, the holding period, and the release structure in writing. If those numbers are missing from the contract, or if the sales rep seems evasive when you ask for details, that is a serious red flag.
Teaser processing rates that hide the real cost
“1.49 percent processing” looks fantastic on a sales page. The problem is that it rarely reflects what you will actually pay.
Many merchants only discover the truth after receiving their first statement. The advertised rate may apply only to qualified debit cards, while the majority of transactions fall into mid-qualified or non-qualified tiers with much higher percentages. On top of that, you may see PCI fees, statement fees, monthly minimums, gateway fees, and batch fees that were never clearly discussed.
By the end of the month, your effective rate may be double what was promised.
A trustworthy provider will present either a clear flat rate or a transparent interchange plus model. If the pricing structure feels confusing or overly technical, ask for a sample statement. If they cannot provide one, walk away.
Equipment leasing traps
Card terminals are not exotic pieces of technology. Most standard countertop devices cost a few hundred dollars if purchased outright.
Yet some merchant service providers push long-term equipment leases that stretch for 36 to 48 months. The monthly payment seems small at first glance, but over time, you may end up paying several thousand dollars for hardware worth a fraction of that.
What makes this worse is that the equipment lease is often handled by a separate leasing company. Even if you cancel your merchant account, you are still locked into the lease.
Before signing anything, check whether the equipment agreement is separate from your processing contract. In most cases, buying the device outright is far cheaper and safer.
Fake PCI compliance penalties
PCI compliance is a legitimate requirement for businesses that process credit card transactions. That is why scammers use it as leverage.
You may receive an urgent email claiming your business is non-compliant and that you must pay a fee immediately to avoid fines or account suspension. Sometimes the email looks official and includes logos or payment links.
In many cases, these messages are phishing attempts. In other situations, the “compliance service” charging you has no direct relationship with your actual processor.
If you receive any unexpected PCI notice, do not click the link in the email. Contact your processor directly using the official phone number on their website. Real compliance issues are handled through your contracted provider, not random third parties.
Early termination fee and liquidated damages traps
Some merchant agreements are written in a way that makes leaving extremely expensive.
An early termination fee might be presented as a flat number, such as 500 or 1,000 dollars. That is already significant. More problematic is the liquidated damages clause, which requires you to pay all remaining monthly fees for the rest of the contract term if you cancel early.
For example, if you signed a three-year agreement and try to leave after one year, you could be responsible for two full years of projected fees.
These clauses are usually buried deep in the contract. Always check the agreement length, renewal terms, and cancellation conditions before signing. A reputable provider will clearly explain your exit options.
“Free” merchant account offers
The idea of a free merchant account sounds appealing, especially for startups trying to control expenses. In practice, payment processing always involves cost. If someone is promising something for free, there are usually hidden fees involved.
If there is no monthly fee, the provider may compensate by increasing the transaction percentage. If the setup is free, the markup on gateway services may be higher. The pricing may look simple on the surface, but it is expensive once you calculate the effective rate.
There is nothing wrong with competitive pricing. The issue is when the word “free” is used to distract from how the provider actually earns money.
When evaluating offers, look beyond marketing claims. Focus on the total cost of processing based on your average ticket size and monthly volume.
Merchant account recovery and MATCH removal scams
When a merchant account is terminated and funds are frozen, business owners often feel desperate. That desperation creates an opportunity for another type of scam.
Some companies claim they can remove you from the MATCH list, instantly release your held funds, or guarantee approval with a new bank. They usually require a large upfront payment.
In reality, MATCH placement is controlled by acquiring banks, not third-party “recovery” services. There is no shortcut or paid removal service that overrides bank risk controls.
If your account was terminated, the safest path forward is to work with a legitimate high-risk specialist, disclose your history honestly, and rebuild trust with a new acquiring partner.
Anyone promising a quick fix for serious underwriting issues is almost certainly selling false hope.
Top merchant account scams impacting customers
Your customers can be victims of merchant account fraud, too. And once again, choosing the right merchant account provider is crucial to keep everyone safe.
These are some of the most frequent scams that your customers can fall victim to.
|
Type of scam |
Best way to stay protected |
|---|---|
| Identity theft and stolen credit card abuse | Choose processors with strong encryption, PCI compliance, and advanced fraud detection tools to reduce data breaches. |
| Account takeover fraud | Enable two-factor authentication and use providers that monitor unusual login and transaction behavior. |
| Phishing scams targeting online shoppers | Educate customers about official communication channels and monitor for fake websites or social media accounts impersonating your brand. |
| Triangulation fraud | Use transaction monitoring tools that flag unusual purchasing patterns and shipping inconsistencies. |
| Chargeback fraud and friendly fraud | Maintain detailed transaction records, delivery confirmations, and clear billing descriptors to defend against disputes. |
Identity theft and stolen credit card abuse
When a merchant works with an insecure or poorly vetted processor, customer data can become exposed. Weak encryption, outdated systems, or improper storage practices increase the risk of data breaches, which can lead to identity theft.
Criminals may use a stolen credit card to make unauthorized purchases through legitimate websites. If fraud detection tools are weak or misconfigured, these transactions may go through without being flagged. Customers then discover unfamiliar charges and must dispute them, creating stress and inconvenience.
For small businesses, a single breach can damage trust for years. Strong payment security and strict compliance standards are essential to protect both cardholders and merchants from long-term fallout.
Account takeover fraud
Account takeover fraud occurs when criminals gain access to a customer’s online account and use stored payment details to make purchases. This can happen through password reuse, leaked credentials, or phishing scams that trick customers into sharing login details.
If a merchant’s payment provider lacks advanced fraud detection systems, suspicious login behavior may not be identified quickly. Once inside, fraudsters can change shipping addresses, place high-value orders, or extract stored personal data.
Encouraging customers to use two-factor authentication and partnering with processors that monitor unusual activity patterns adds an extra layer of protection against this growing threat.
Phishing scams targeting online shoppers
Fraudsters often impersonate legitimate businesses through fake emails, text messages, or even cloned social media accounts. These phishing scams may claim there is a problem with a recent transaction or that payment information needs to be updated.
Customers are directed to fake checkout pages that closely resemble the real website. Warning signs can include poor grammar, unusual URLs, or urgent language demanding immediate action. Once customers enter their card details, criminals capture the information for future misuse.
While merchants cannot control every external scam, working with reputable providers that monitor suspicious activity and educate merchants about fraud patterns reduces the overall risk exposure.
Triangulation fraud through online marketplaces
Triangulation fraud is one of the more complex schemes affecting online purchases. In this scenario, a fraudster sets up a fake online store or marketplace listing. A customer places an order and pays the fraudster directly.
The fraudster then uses a stolen credit card to purchase the same product from a legitimate merchant and ships it to the unsuspecting customer. Initially, the customer receives the item and assumes everything is normal. Later, the legitimate cardholder files a dispute for the stolen credit card transaction.
The result is a chargeback for the real merchant, even though they fulfilled a valid order. Strong fraud detection systems and transaction monitoring tools can help identify unusual purchasing patterns linked to triangulation fraud.
Chargeback fraud and friendly fraud
Not all fraud involves external criminals. Some disputes come from customers themselves.
Friendly fraud happens when a legitimate customer makes a purchase and later disputes the transaction with their bank, claiming it was unauthorized. Chargeback fraud can also occur when customers falsely state that goods were not delivered or services were not provided.
In many forms, this type of abuse targets small businesses that lack detailed documentation or advanced dispute management processes. Excessive chargebacks can damage a merchant’s standing with financial institutions and increase processing costs.
A reliable processor should provide tools to track delivery confirmations, verify transactions, and manage disputes efficiently. Clear communication, detailed receipts, and secure credit card machines in physical locations also reduce misunderstandings that lead to unnecessary chargebacks.
How to protect yourself against merchant account scams
Merchant account scams are built around pressure, confusion, and urgency. Scammers count on unsuspecting businesses rushing through contracts or reacting emotionally to account freezes. The good news is that most of these schemes can be avoided with a few disciplined steps.
Below are practical ways to protect your business, your customer data, and your revenue.
Verify the processor with trusted financial institutions
Before signing anything, confirm that the provider works with legitimate acquiring banks and recognized financial institutions. A real merchant services company should be transparent about its banking partners and registration details.
Search for the company name together with terms like complaints or reviews. Check listings with the Better Business Bureau and look for patterns in customer feedback. If you cannot clearly identify the acquiring bank or corporate entity behind the offer, that is a serious warning sign.
A fake merchant services company often operates behind vague websites and generic email addresses, and may simply disappear once fees are collected.
Demand full written disclosure of all fees
Never rely on verbal promises from a sales representative. Ask for the complete fee schedule in writing, including processing rates, monthly fees, PCI fees, reserves, and early termination clauses.
This protects you from hidden charges that can quietly increase your costs and lead to financial losses over time. It also gives you something concrete to review with a lawyer or financial advisor before committing.
If a provider avoids sharing documentation or pressures you to sign immediately, step back. Transparent companies do not fear written scrutiny.
Refuse to misclassify your business
If a provider suggests registering your business under a different category to secure approval, walk away.
Misclassification may temporarily allow you to process online payments, but it exposes you to account shutdowns, frozen funds, and long-term damage with banks. It can also create compliance risks around how you handle customer data and online purchases.
Honest disclosure protects you. Any shortcut that involves hiding what you actually sell is likely to create larger problems later.
Protect your customer data with secure systems
Merchant accounts handle sensitive information tied to making purchases and processing online payments. Choose providers that follow strict PCI standards and offer secure gateways.
An extra layer of security, such as tokenization, encryption, and fraud monitoring tools, can help prevent fraud and protect both you and your customers.
If a provider cannot clearly explain how they safeguard customer data, or if their platform looks outdated and poorly secured, you are increasing your exposure to breaches and chargebacks.
Be cautious of upfront fees and recovery promises
Scammers often target businesses that are under stress, especially those whose accounts were terminated. They promise guaranteed approval or MATCH removal in exchange for a large upfront payment.
In many cases, they collect the money and simply disappear.
No third party can override bank-level risk decisions. If you need a new account, work directly with reputable high-risk specialists and disclose your full processing history. Rebuilding trust is slower, but it is the only legitimate path forward.
Monitor statements and account activity closely
Even after approval, your responsibility does not end. Review your monthly statements carefully and compare actual charges against the agreed terms.
Watch for sudden changes in reserve percentages, unexplained compliance fees, or unexpected surcharges tied to online purchases. Early detection can limit financial losses and give you time to resolve issues before they escalate.
Staying informed about how your account is structured is one of the most effective ways to prevent fraud and abusive billing practices.
Get a reputable merchant account with TailoredPay
Merchant account scams thrive in environments where businesses feel rushed, rejected, or confused by complex pricing. The safest way to avoid fraud, hidden fees, and account shutdowns is to work with a provider that is transparent from day one.
TailoredPay focuses specifically on high-risk and hard-to-place industries, which means there is no need to hide what you sell or worry about misclassification. Every application goes through proper underwriting with legitimate acquiring financial institutions, so you are approved the right way, not through risky shortcuts that could later freeze your funds.
Pricing is disclosed clearly, including processing rates, reserves if applicable, and contract terms. There are no vague promises of guaranteed approval, no surprise equipment leases, and no misleading “free” processing claims. Merchants know exactly what they are signing and what they are paying.
Security is another priority. By working with established banking partners and secure gateways, TailoredPay helps protect customer data, support compliant online payments, and reduce exposure to prevent fraud. That extra layer of diligence is what keeps businesses from suffering avoidable financial losses.
If you want a merchant account that does not cut corners, does not rely on hidden fees, and does not disappear when problems arise, choosing the right partner matters. TailoredPay offers stability, transparency, and industry-specific expertise so you can focus on growing your business instead of worrying about your payment processor.
Get approved for a merchant account in less than 24 hours