Finance glossary

What Is a Stripe Scam?

Catherine Chipeta
3 Min

Stripe is a widely trusted payment processing platform used by millions of businesses around the world. But like any service that handles financial transactions, it’s also a prime target for scammers. Whether you’re a small business owner, a freelancer, or just someone who shops online, understanding how Stripe scams work can help you avoid becoming a victim.

In this guide, we’ll explain what Stripe scams are, how they typically operate, and what you can do to protect yourself.

How Stripe Scams Work

Stripe scams come in several forms, but the underlying goal is almost always the same: to trick individuals or businesses into handing over money, credentials, or personal information. These scams can target both Stripe account holders and their customers.

Here’s how they typically go:

Phishing Emails and Fake Notifications

Scammers send emails that look like they’re from Stripe, warning of suspicious account activity, payment issues, or a need to verify your information. These emails often include urgent language and a fake link to a login page where scammers harvest your credentials.

Fake Invoices or Refund Requests

Fraudsters may impersonate customers and send fake invoices or refund requests. In some cases, they might ask for a chargeback and keep the product or service, leaving the seller out of pocket.

Overpayment Scams

This tactic involves a scammer “accidentally” paying too much and requesting a refund of the difference—often before the payment clears or using stolen credit card info. Once the original payment is reversed, the business loses both the goods and the refund.

Fake Stripe Support Calls or Chats

Scammers may call or message business owners pretending to be from Stripe’s support team. They might ask for account credentials, two-factor authentication codes, or bank information under the guise of “verifying your account.”

Why You Might Be Targeted

Stripe scams often start with publicly available or leaked business details—like your email, website, or phone number. Scammers may also pose as Stripe themselves or as customers, exploiting the trust that exists in digital payment systems.

You’re more likely to be targeted if:

  • Your business uses Stripe and publicly displays contact info
  • You’ve experienced a previous data breach
  • You engage in high volumes of online transactions
  • You’re unfamiliar with Stripe’s official communication methods

How to Avoid Stripe Scams

While scammers are clever, there are practical steps you can take to avoid getting caught out.

  1. Don’t click on suspicious links. Always verify the sender’s email address and hover over links before clicking. Stripe emails will always come from a verified @stripe.com domain. When in doubt, log in to your Stripe dashboard directly by typing the URL into your browser.
  2. Enable two-factor authentication. Secure your Stripe account with 2FA to prevent unauthorized access, even if your login details are compromised.
  3. Verify refund and payment requests. If a customer asks for a refund or sends a strange payment, take time to verify their identity. Never issue a refund until the payment has cleared.
  4. Know Stripe’s real support channels. Stripe will never call you out of the blue asking for credentials or banking information. Always initiate support requests via Stripe’s official website or dashboard.
  5. Educate your team. Make sure everyone who has access to your Stripe account knows how these scams work. One wrong click can compromise the entire account.

Related articles

The new security standard for business payments

Eftsure provides continuous control monitoring to protect your eft payments. Our multi-factor verification approach protects your organisation from financial loss due to cybercrime, fraud and error.

Request Demo