Markets Open
Global Markets
S&P 500 7,478.2 ▼ -0.7% DOW 52,476.7 ▼ -0.1% NASDAQ 25,509.41 ▼ -1.4% RUSSELL 2K 2,974.65 ▲ +0.0% VIX 18.11 ▲ +8.2% GOLD 4,000.6 ▲ +0.4% CRUDE OIL 80.74 ▲ +2.3% EUR/USD 1.14 ▼ -0.2%
Markets

Police link tap-to-pay fraud rings to $1bn in annual retail crime

Law enforcement says stolen cards, digital wallets and retail apps are changing organized retail theft, with gift cards central to laundering schemes.

Marcus V. Thorne

By Marcus V. Thorne · Markets Editor

· 4 min read

Police link tap-to-pay fraud rings to $1bn in annual retail crime
Photo: CNBC

Digital payment fraud tied to organized retail crime is generating as much as $1 billion a year for Chinese criminal groups, police told CNBC, as stolen cards are used through phones and retail apps rather than at the end of a physical shoplifting run. The shift is affecting retailers, card issuers and consumers by turning self-checkout lanes, stored payment credentials and gift cards into tools for moving illicit proceeds.

CNBC reported that it reviewed nearly a dozen cases across the United States involving retailers including Lowe’s, TJX Companies, Target, Walmart and Home Depot. Law enforcement officials described a mix of organized groups and lower-level fraudsters using stolen card data to buy gift cards or merchandise that can be resold.

In one case described by Adam Parks, an assistant special agent in charge with U.S. Homeland Security Investigations, a suspect at a Lowe’s in Hammond, Louisiana, used tap-to-pay at self-checkout to buy multiple $95 gift cards. Parks said the suspect was being coached through wireless headphones by a Southeast Asian scam compound and was using stolen credit card information. Parks said the person remains a suspect and was not arrested. Lowe’s did not respond to CNBC’s requests for comment.

How the schemes work

Tap-to-pay fraud often begins with phishing messages that warn consumers about unpaid tolls, vehicle registration problems or pending legal action, according to experts cited by CNBC. Those messages seek payment card details, email credentials or other information that can help a fraudster take control of an account.

Jeff Otto, chief marketing officer of Riskified, a fraud prevention company that works with retailers, said a fraudster who has both an email password and a credit card can add the card to a device under the fraudster’s control. If a bank sends a confirmation code to the victim’s email, the fraudster may be able to retrieve it before the consumer notices, Otto said.

Once a stolen card is loaded into a digital wallet, the user can buy gift cards or goods without presenting a physical card. Parks said organized groups use gift cards to buy high-value products, including iPhones with U.S. settings, that can be resold at higher prices in China. He said the process helps criminal groups move value while avoiding banking restrictions in the United States and China.

Retail apps create another entry point. Otto showed CNBC how credentials obtained through breaches, phishing or social engineering can provide access to consumer retail accounts. CNBC reported seeing Walmart login credentials offered on Telegram channels for $1.50 to $2.50, with sellers noting how long the accounts had existed. Telegram did not respond to CNBC’s request for comment.

Walmart told CNBC that customer privacy and safety are a top priority and that it has systems to detect, prevent and respond to unauthorized access. The company said full payment card information is not stored in an unprotected form.

Cases and enforcement

In Miami, police arrested Dancliff Labady in January and accused him of stealing nearly $95,000, largely through TJX Companies store-branded credit cards, according to a police report cited by CNBC. Police alleged Labady gained access to about 15 customer accounts by calling Synchrony Bank, the card issuer, and adding a phone number he controlled. Labady has pleaded not guilty, and his lawyer declined to comment. Synchrony said it does not comment on continuing investigations and is cooperating with law enforcement.

TJX told CNBC that protecting customer information and technology systems is very important and that it has measures intended to identify and address possible fraudulent account activity.

In Tennessee, Capt. Matt Lawson of the Knox County Sheriff’s Office said investigators have arrested more than a dozen suspects since spring 2025 with alleged ties to Chinese organized crime. Lawson said phones seized in the cases contained tap-to-pay applications disguised as anime-style games.

At the federal level, Homeland Security Investigations’ Project Red Hook has produced at least 239 arrests since January 2024 and targets gift card fraud and other digital retail crime, HSI told CNBC. Retailers and law enforcement groups are also pressing for the Combating Organized Retail Crime Act, which passed the House in May and has been added as an amendment to the Senate’s National Defense Authorization Act. Supporters say it would improve information sharing in complex cross-jurisdictional cases.

This story draws on original reporting from CNBC.

More from Markets

All Markets →