SCAMMERS TARGET WINE RETAILERS

Featured ArticleNews analysis

Two of the independent trade’s most prominent merchants – Vineyards of Sherborne and Cork of the North in Manchester – have both recently fallen victim to major card fraud.

Claire Harries hears their stories, and about their fruitless battles for compensation

 

Technology has made retail transactions increasingly easier and quicker for consumers. But when it comes to fraudulent card payments, who foots the bill?

Despite following the correct payment protocols, Hannah Wilkins at Vineyards in Sherborne, Dorset, was left with an unrecoverable debt after being targeted by a gang using cloned cards.

A woman called the shop and told Hannah that she was with a hen party staying at a local Airbnb and asked if she could she order wine for delivery. It all sounded completely plausible, so the sale went ahead.

“I put it through as a CNP [cardholder not present transaction],” Hannah explains. “I took her address, her name and number, as you’re meant to, and it went through. The money cleared into my bank account, no problem at all. I checked it was still in my bank account 48 hours later and as the money was very much in there, a member of the team delivered the stock.”

Alarm bells didn’t start ringing until the following week when the same woman called saying she’d extended her stay at the Airbnb and wanted to order some more Champagne. This time the card was declined.

“She gave me another card to try, and then another,” says Hannah. “I noticed at the time that one card had an Edinburgh postcode and another was from the south coast. I thought, ‘well, they’re a group of women on a hen-do, they’ve got together from wherever, so it’s not so weird’. But when the third card was declined, I told her I couldn’t put the sale through.”

Within a few minutes Hannah received a call from her card payment provider confirming that it wasn’t happy with those attempted transactions and saying it was looking into the activity on the three cards.

Then the woman called again with another card. “I told her that I’d had my card processing company on the phone, and they’d put a stop on any large transactions because of the issues with her cards,” says Hannah.

Remaining friendly and confident, the woman promised to do a bank transfer but that was the last Hannah heard from her. At that point she began some detective work of her own. She knew exactly where the Airbnb was, having delivered to it the previous week.

She approached the owner who, as she lived in the adjacent property, was able to confirm that rather than a group of women on a hen-do, the house was occupied by a lone man who spent his time accepting a stream of deliveries. She also saw a lot of taxis arriving, which he loaded and sent on their way.

This was followed by an email from Hannah’s payment services provider saying she’d received a charge back for the initial transaction. She called 101 and was sent a link to complete a form. “It took me nearly an hour and a half to get past the first section, because the second or third question is, ‘is this crime happening at the moment?’ Of course, I’m going, ‘well, yeah, but no, but yeah …’ If you clicked yes, it told you to ring 999,” she says.

“Eventually I gave them all the information and was advised they probably wouldn’t be able to do anything because none of the cards had been reported as fraudulent or cloned at that time.”

 

I always thought that with a CNP there was protection for the retailer. But there is absolutely zero

 

Shouldn’t this scammer have been caught red-handed? Counting a retailer, an Airbnb owner and numerous taxi drivers, there were plenty of witnesses – but this is 2025, and the police tend not to turn up for much less than anything involving a physical threat.

Hannah posted about this experience on her social media last month and, judging by the comments she received, it appears scams of this nature are common, with even the most experienced of retailers being caught out.

“I don’t want this to happen to anyone else,” she says. “I’ve done this now for 27 years and the good old days, when you used to take an imprint of someone’s card and they signed it, and you’d take the slips into the bank, have all gone.

“People come in and they pay with their watches or their phones.

“I get tech, I really do, and I always thought that with a CNP there was protection for the retailer. But there is absolutely zero.”

 


 

Marc Hough at Cork of the North in Manchester had a similar experience – but his scammer sent a courier to collect the goods.

“He rang one of my shops asking to buy £450 worth of wine and gin,” Marc explains. “OK, that’s more than the usual amount that somebody would buy over the phone, but it’s not unheard of, so it didn’t raise any suspicions.

“We took the long card number, expiry date and the three digits on the back and the payment went through. He said it was for a party and he was sending a courier to pick it up. A couple of hours later, a fella turns up with a van and we help him fill it with the booze. And off he goes.”

Just two days later, another call came in from someone else wanting to spend £500 on wine. Marc raised an eyebrow when he was told the customer didn’t mind what the wine was, but hearing it was for a party and that they’d been let down by a previous supplier, he swiftly went into helpful mode and suggested a party-pleasing mix of Cabernet Sauvignon, Sauvignon Blanc and Prosecco. Once again it was collection by courier, but the payment had gone through the card machine, so why ask questions?

“We use Elavon, who are tied to Santander,” says Marc. “The reason we use them, and a lot of retailers use them, is because once payment is approved you know it’s going to be in your account the next day.”

When it came to the fraudster’s third and final act of the scam, Marc called Elavon to check the payment, even mentioning the F word, but was advised to go ahead.

“A member of staff rang me to say the same guy had called and wanted to buy about £5,000 worth of wine,” he explains. “I asked, ‘what does he want and what discount does he want?’ and for me alarm bells rang when she said he wasn’t bothered about a discount and didn’t know what he wanted. Who on earth would buy £5,000 worth of wine and not ask for a discount?

“I rang Elavon and explained the situation. Elavon said, ‘we have just seen that payment successfully go through’, and I asked, ‘are you sure it’s not any type of fraud?’. To which they replied: ‘Well, look, the money is in your account.’

“Two days later, I get an email from Elavon telling me that all three of these sales were fraudulent as whoever it was ringing me had used stolen or cloned cards, but I am liable for the payments.”

Marc was told that he had not completed two additional checks required when taking a CNP payment. “You’re supposed to put in the card machine the number of their house and the numbers in their postcode,” he says. “We got some new card machines about 18 months ago and they do have the facility to do that, but we’ve never bothered with it because you just sort of like press ‘yes’ and ‘yes’ and just put the payment through.”

 

Incidents of small business cybercrime have more than tripled

 

The advice here would be for every retailer to check the policy with their own payment service provider, because as Hannah Wilkins at Vineyards confirms, she did go through those extra two steps but the monies were still rescinded from her account.

There are now new policies in place at Vineyards and Cork of the North. Payments must be made in person or failing that, by bank transfer or secure payment link.

“Apparently this is quite a well-known scam,” Marc says, “but I wish we’d been aware of it. We’ve spoken to the police but they say there’s nothing we can do.”

He adds: “Do you know what really adds insult to injury? The following week the same guy rang up again and when I said to him ‘how dare you commit this fraud on a small business?’ his outraged response was: ‘Fraud? How dare you!’ He was so brazen.”

In this situation the owner of the cloned or stolen card will often have their money reimbursed by the banks, but for that to happen, the bank will rescind payment from the retailer in question. It seems the only way to avoid this is to choose secure payment links or BACS instead of a CNP transaction.

“Retailers can be liable for chargebacks where fraudulent card information is used to make a purchase,” confirms Giles Mason at UK Finance, the banking and finance industry’s trade association.

“Whilst banks and payment providers have strong fraud controls in place to protect customers from fraud, criminals are sophisticated and find ways to use stolen customer data to make fraudulent payments.

“Best practice includes using an address verification service at checkout, ensuring Strong Customer Authentication such as 3D Secure is in place, checking for unusual or high value orders, and always obtaining the card security code to confirm the card details are genuine. If something doesn’t feel right, take a moment to challenge or verify before going ahead.”

According to research published by the Federation of Small Businesses, fraud costs the UK £7bn a year and now accounts for 41% of offences in England and Wales, with only 1% of police resources dedicated to it. Incidents of small business cybercrime have more than tripled.

Action Fraud was also invited to advise retailers on how to protect themselves as the busiest time of year approaches, but a City of London Police spokesperson said it is “unable to assist” because it is “currently working towards the launch of our national reporting service which will replace Action Fraud”.

The impact of fraud on businesses can be life-changing for the owner but can also have a negative impact on the local economy. Vineyards and Cork of the North are both busy and successful, but Marc, having lost £9,500, won’t be able to sustain a further hit – and Hannah has already had to explain to local charities that she won’t be able to make her usual boozy donations this year.

Related Articles