How You Can Be Ripped Off
Credit card fraud is as varied as the criminals conducting it. Here are some of the major ways it is committed.
Lost and Stolen: Loss and theft of credit cards is still the most common way credit card crimes are committed, accounting for 50 percent of credit card fraud at J.P.Morgan Chase & Co., one of the largest credit card issuers in the United States, notes Chris Conrad, senior vice president for fraud management at its Chase Credit Cards division, based in Wilmington, Del.
Skimming: Increasingly, fraudsters will attach a device to an ATM or point of sale terminal that will capture an account number from the magnetic stripe on the back of the card. This usually involves a complicit merchant who sells the information, which is then used to "clone" a duplicate card with your information.
Phishing and Spoofing: As use of the Internet and sales on the Internet continue to rise, hackers and other Internet criminals will attempt to steal your credit card information by sending you bogus e-mail claiming to be from your bank or credit card company. The e-mail may say something like the bank needs to make a change to your account and needs you to input your account information. Phishers and spoofers may even send you a link that looks almost exactly like your bank or credit card company's Web site, asking you to input your account information.
Social Engineering: Fraudsters may need some other piece of information from you to set up a fraudulent account, so they will contact you directly. "Criminals will actually contact the victim directly, usually by telephone (or cell phone), and tell some story which ends up in them requesting that the victim tell them 'a few basic details about your card,' " recounts Peter Dorrington, head of fraud solutions for SAS Institute Inc., a business intelligence company, based in Cary, N.C. "Human nature tends to be that we cooperate with other people, especially if they sound like they are someone in authority."
ID Theft: Your personal information like name, telephone number, home address and Social Security number are stolen, possibly from the mail, trash or even online, and then used to open up a new credit card account in your name.
Card Not Present: Your stolen credit card information is used to purchase something from a remote location, either by telephone or the Internet. The merchant cannot see the card and should be checking that the information is valid.
It's easy to get someone's personal data, according to reformed credit card and identity thief Robert Smith, now a businessman living in Rockton, Ill.. Smith explains it's sold online for as little as $20 at Web sites that contain public records.
"All you need is the money and they will sell it to you," Smith says. "You can get that information in two minutes."
How to Protect Yourself
Easy as it is to fall victim to credit card fraud, consumers can protect themselves in a number of ways, experts said. They said you should:
Never throw away any personal data, including credit card statements and offers for new credit cards, without completely destroying it or shredding the information.
Check your credit history once or twice a year at one of the three credit reporting agencies — TransUnion, Experian and Equifax — to see that nothing is amiss. This is particularly important because it can take months to sort out problems on your credit report once fraud happens. Experts recommend signing up for a fraud alert service, offered by the credit agencies, that will tell you if a new account has been opened, or will notify you about any changes to your credit file.
Never let your credit card out of your sight for too long when paying.
Never give out your credit card account or other personal information to people posing as bank representatives over the phone if you have not contacted them first. Call the bank yourself.
Never give out your credit card account information to anyone posing as your bank online, and never click on links to new sites that someone posing as your bank may send you in an unsolicited e-mail. Banks will never ask you for your full Social Security number or account number if you have an established relationship with them, experts said. Call your bank and inquire if changes need to be made; similarly, type in your bank's URL yourself. "The difference in the [fraudulent] URL could be off by one character, which you would never notice," said Jim Van Dyke, founder and principal analyst for financial services research firm Javelin Strategy & Research, based in Pleasanton, Calif.
Turn off paper statements wherever possible and use electronic statements.
Be proactive. If you are computer savvy, log on to your accounts more than once a month to monitor for suspicious activity.
HOW TO PREVENT IT
Prevention begins with protecting your personal and financial information.
- Do not share your credit card or credit card PIN with anyone.
- Cover the keypad when entering the PIN at a retailer or a bank machine.
- Keep your credit card in sight when you make purchases to prevent skimming or double swiping.
- Record your credit card number, card details and whom to contact in case of theft or loss. Keep this information in a secure place.
- Check your statements every month and report any errors or unauthorized transactions.
- Keep your credit card statements in a safe place, and shred them when you no longer need them.
- Get written confirmation when you cancel your credit card.
- Only use your credit card online on trusted sites and ensure that your online transaction is encrypted. Look for websites with addresses starting with “https” or a padlock image on the page. This will indicate that the information entered on these pages and the transmission of the information is secure.
WHAT TO DO IF YOU ARE A VICTIM
If you become a victim of credit card fraud, you may be protected by one of theconsumer protection policies set in place by American Express, MasterCard and Visa. Some conditions may apply.
If you think you have been a victim of fraud, take the following steps:
- Start a written log: record when you noticed the fraud and the actions you took, including names of people you spoke to and dates of communications.
- File a report with your local police.
- Contact your financial institutions and any other companies (e.g. phone company, cable provider, etc) where your accounts were tampered with, or are at risk of being tampered with.