As shown here in this report from Liverpool, , where a "trusted" member of staff abused the trust placed in them. Refunds offer a pertty low barrier of entry to shop staff to dishonest activity.
Refunds offer a "quick fix" to a too large of a credit card bill, your employer can just pay for it!
Of course as shown here its a kind of fraud that leaves a trail.
Good basic practise such as bank reconciliation will capture or prevent this.
But isn't this a bank problem?
Sadly no, your acquiring bank will not take responsibility.
As with many things there is a balance between customer service, i.e. always being able to give genune customers refunds and security, i.e. controlling who has the ability to do refunds.
If you shop has an card terminal interfaced to your EPOS system then refunds should be driven off recipts and previous purchases, reducing scope for fraud. If you use a bank or other stand-alone terminal then its openess leads to many opportunites for abuse, therefore your daily bank reconcilation and report checking is key to mitigating this risk to the bottom line of your business.