Customer allowed herself to be a victim of cyber fraud. Customer responed to a message on Facebook Messenger. When customer replied, they took over her online banking and transfered her savings balance into her checking account and then proceeded to complete multiple Apple Cash transactions. The customer also had several Cash App credits into her checking account that she did not initiate. We think this was to test to see if the account was legit. Customer is still out about $900. I am guessing this is what we are to provisionally credit the customer (the difference between the debits and credits)?

What do you plan to do with the credits that were credited to her account? If you are not returning them, you cannot use them to offset the unauthorized debits.

I guess that is what I am questioning since we have never experienced this before. So, we should return the credits and deal with the full amount of debits for the dispute?