A Staff Awareness Guide
Restaurant scams are more common than most owners realize — and they're getting smarter. From customers gaming your refund policy to employees manipulating the till, and fraudsters exploiting your online ordering system, the threats come from every direction. This guide breaks down the most common scams your team needs to know about, how to spot them, and exactly what to do to stop them. Share it with every member of your staff.
# | Scam Type | Category | How It Works | Warning Signs | Prevention Steps |
1 | False Complaints to Get Free Meals | Customer Scam | A customer complains about their food — usually after eating most of it — claiming it was cold, undercooked, or inedible to get a refund or a free replacement. | The plate is mostly empty before the complaint is raised; the complaint is made directly to junior staff; the customer becomes aggressive when questioned | Implement a clear, written complaint-handling procedure; use time-stamped kitchen photos for quality control; assign a manager to evaluate all refund requests; track repeat complainers in your POS or CRM |
2 | Creating a Scene for a Discount | Customer Scam | A customer causes a loud public disturbance or threatens to post a negative review online to pressure staff into comping their meal or giving a discount. | Disproportionate reaction to a minor issue; customer immediately mentions social media or reviews; complaint is made at peak hours in front of other diners | Train staff in de-escalation techniques; enforce a manager-only policy for all meal comps and discounts; document all incidents in a logbook or CRM system |
3 | Phishing Emails and Fake Websites | Online & Payment Scam | Scammers send emails or texts impersonating food delivery platforms or payment providers, directing staff or customers to fake websites to harvest login credentials or card details. | Sender email address doesn't match the official domain; urgent language demanding immediate action; links lead to slightly misspelled URLs | Train all staff to identify phishing attempts; direct customers to your official website or verified delivery apps only; use SSL certificates and enable multi-factor authentication on all systems |
4 | Stolen Credit Card Orders | Online & Payment Scam | Fraudsters use stolen card details to place orders — often large ones — resulting in chargebacks and financial losses for the restaurant when the real cardholder disputes the charge. | Unusually large orders, especially for delivery; multiple orders to the same address from different card details; orders with mismatched billing and delivery addresses | Use payment processors with built-in fraud protection and address verification (AVS); flag and manually review suspiciously large orders; use delivery apps that require verified accounts and real-time tracking |
5 | Duplicate or Fraudulent Delivery Orders | Delivery System Scam | Scammers place multiple identical orders, then claim non-delivery to obtain refunds or free food — exploiting gaps in delivery confirmation processes. | Same customer placing repeated similar orders; multiple refund requests from one account; orders with vague or unverifiable delivery addresses | Require photo proof or signature confirmation on delivery; set order limits per account; maintain detailed records, including timestamps, delivery logs, and driver notes |
6 | Fake Negative Reviews for Compensation | Review System Scam | Individuals post fabricated negative reviews on Google, Yelp, or TripAdvisor to pressure restaurants into offering free meals or vouchers as compensation or to damage a competitor's reputation. | The reviewer has no prior review history; the review is vague and lacks specific detail; the reviewer contacts the restaurant privately shortly after posting the review | Monitor review platforms regularly; report suspicious reviews with documented evidence; proactively encourage genuine customers to leave honest feedback |
7 | Fake Positive Reviews | Review System Scam | Competitors or unethical marketing services post fabricated five-star reviews to manipulate search rankings and mislead potential customers, creating an unfair competitive advantage. | Sudden spike in reviews over a short period; reviews are generic and lack specific detail about dishes or service; reviewer profiles have no other activity | Report suspicious review patterns to the platform; focus on encouraging a steady stream of authentic reviews from real customers; avoid purchasing review services |
8 | Employee Voiding Sales | Internal / POS Fraud | A staff member completes a sale, collects cash from the customer, and then voids the transaction in the POS system — keeping the cash without it appearing as a discrepancy. | High number of voids on a specific employee's shift; cash drawer totals that don't reconcile with sales reports; complaints from customers that their receipt doesn't match what they paid | Restrict POS void and refund permissions to managers only; set up automated alerts for unusual void activity; conduct daily transaction audits and reconcile all cash drawer totals |
9 | Undercharging Friends and Family | Internal / POS Fraud | An employee manually adjusts prices or applies unauthorized discounts in the POS system to undercharge people they know, resulting in revenue loss that is difficult to detect without auditing. | Unusually high discount rate on a particular employee's transactions; price adjustments with no manager override on record; discrepancies between items ordered and amounts charged | Restrict price-editing access in the POS; require manager approval for any manual price change; run regular reports on discounts applied per employee |
10 | Fake Refunds and False Overcharge Claims | Internal / POS Fraud | A dishonest employee processes a refund for a transaction that doesn't warrant one, either issuing it to themselves or fabricating a customer overcharge complaint to justify pocketing cash. | Refunds processed with no corresponding customer complaint on record; high refund volume on specific shifts; refunds issued outside normal operating hours | Require dual authorization (manager sign-off) for all refunds; install video surveillance at cashier stations and link footage to transaction logs; conduct random reviews of refund activity |
11 | Scam Phone Calls (Impersonation Fraud) | Phone & Communication Scam | Fraudsters call the restaurant posing as health inspectors, utility companies, or POS technical support — requesting urgent payments, sensitive system access, or staff login credentials. | Caller creates urgency or threatens consequences; caller requests payment via gift cards, wire transfer, or cash; caller asks for remote access to your systems or login details | Train staff never to make payments or share information over an unverified call; establish a rule that all such calls must be escalated to management; log all suspicious calls with caller ID details |
12 | Loyalty Account Hacking | Loyalty & Gift Card Scam | Cybercriminals gain unauthorized access to customer loyalty accounts and redeem accumulated points for free food or merchandise before the account owner notices. | Multiple point redemptions from unusual locations or IP addresses; customer complaints about missing loyalty points; a sudden spike in redemptions shortly after a promotion launches | Use loyalty platforms with two-factor authentication (2FA) and fraud detection; monitor redemption patterns for anomalies; cap how many points can be redeemed per transaction or time period |
13 | Promo Code and Loophole Abuse | Loyalty & Gift Card Scam | Customers find and exploit loopholes in promotional offers — such as reusing single-use codes, sharing codes widely online, or creating multiple accounts to claim first-time customer discounts repeatedly. | Same promo code used across a high volume of orders; multiple accounts registered to the same device, IP, or phone number; discount redemptions that far exceed the expected campaign volume | Add expiry dates and single-use restrictions to all promo codes; monitor redemption volumes in real time; flag accounts that share identifying details like device ID or IP address |
14 | Gift Card Number Theft | Loyalty & Gift Card Scam | Scammers steal gift card numbers from packaging displayed in-store (by photographing the numbers and PINs) and drain the card's value as soon as it is activated by a legitimate buyer. | Gift card inventory is not stored securely; cards are sold that show signs of tampering with the packaging; customer complaints that their gift card balance is zero upon first use | Store all unactivated gift cards in a locked, secure location; only activate cards at the point of sale upon payment; conduct regular audits of your gift card inventory and usage logs |
15 | Supplier Invoice Fraud | Supplier & Vendor Scam | Fraudsters send convincing fake invoices impersonating real suppliers, hoping accounts payable staff will process payment without cross-referencing the request against actual deliveries or contracts. | Invoice arrives via email from a slightly altered supplier address; bank account details on the invoice differ from your records; the invoice is for an unusually high amount or unfamiliar products | Verify all new or changed supplier bank details via a direct phone call to a known number; implement a two-person approval process for invoice payments; cross-reference all invoices against purchase orders and delivery records |
16 | Skimming Devices on Card Terminals | Payment Terminal Scam | Criminals attach a physical skimming device to your card payment terminal to secretly capture customers' card data and PINs — often over a weekend or after hours when staff are less vigilant. | Terminal feels loose, bulky, or has visible signs of tampering; customers report unauthorized transactions after dining at your restaurant; overlay on the PIN pad that feels different from usual. | Inspect your card terminals at the start of every shift; use tamper-evident seals on terminals; source terminals directly from your payment provider, and report any suspicious tampering immediately. |