Guarding against fraud is nothing new for aftermarket businesses–they trade in some high-dollar items, attractive to thieves and fraudsters–but there’s a relatively new brand of fraud hitting businesses: the Point-of-Sale Scam.

As noted, fraudsters present a moving target. A favourite of these criminals a year or so ago was termed MOTS (mail order, telephone sale) fraud. In this brand of theft, the targetted businesses are contacted over the phone by a “customer” –a favourite was a large quantity of tires and/or rims–saying someone will pick up the order and will pay at that time. Commonly it’s set up as a woman calling and a husband doing the picking up and paying. Only after the onsite payment and pickup does the business hear from a credit card company that the card is reported stolen, and payment therefore is frozen.

And of course the chargeback scams–where a “buyer” claims they never received the goods or services and disputes the charge–are old hat.

But the new POS scammers seem more brazen than ever.

POS systems are essential for processing payments quickly and efficiently, but they’ve also become a target for increasing cases of fraud. From terminal swaps to unauthorized refunds, these attacks are costing businesses thousands—and the aftermarket is no exception.

In some cases, thieves are correctly guessing the password to the POS and refunding themselves money while in other cases, thieves are swapping the point of sale terminal for their own when the staffer isn’t looking.

In Toronto, several small businesses—including auto service shops—reported POS terminal thefts where scammers swapped devices and issued refunds to their own accounts.

Some businesses were hit with thousands of dollars in fraudulent “refunds,” executed in seconds using their own terminals.

All types of business can be targeted, and it seem so be common to see multiple cases in local communities over a short period of time. Thieves can hit half a dozen businesses in a local area in a single afternoon.

How POS Scams Work

Common tactics include:

• Terminal Swapping: Fraudsters replace your POS device with a lookalike, then issue refunds to their own accounts.
• Default Password Exploits: Many terminals ship with default manager codes—if unchanged, they’re easy targets.
• Unauthorized Refunds: Thieves access the system and process fake refunds, often within minutes of entering the store.

How Automotive Businesses Can Protect Their POS Systems

1. Change Default Settings Immediately

• Update manager codes and disable refund functions unless needed.
• Customize employee permissions to limit access.

2. Secure Your Hardware

• Use tethers or locked mounts for countertop terminals.
• Keep devices out of customer reach and store them securely after hours.

3. Monitor Refund Activity

• Set daily refund limits and require supervisor approval.
• Use POS software that logs all refund attempts and alerts anomalies.

4. Train Your Team

• Teach staff to recognize suspicious behavior, such as customers claiming tap isn’t working.
• Encourage reporting of any unusual terminal activity.

5. Install Surveillance

• Position terminals within view of security cameras.
• Review footage regularly, especially after refund transactions.

6. Report Incidents Promptly

• Contact your payment processor and the Canadian Anti-Fraud Centre.
• Quick reporting can freeze stolen funds and prevent further losses.

Whether its the parts counter or an auto shop, big or small, POS scams can hit hard. They disrupt operations, damage customer trust, and lead to costly losses. With real cases happening across Canada, now’s the time to lock down your systems and train your team.