The biggest drawback of using a credit card is the risk of credit card fraud. Unlike debt (which is incurred consciously) credit card fraud can strike at any time, and frequently with no warning to the card holder until it’s too late. And the consequences range from the merely annoying, such as having to call and cancel your stolen card, to the downright catastrophic, such as identity theft. With so much at stake, it pays to know what the most prevalent types of credit card fraud are, how victims are tricked, and how you can protect yourself. Billshrink explains the six most serious threats – and offers six protection tips – below.
Physically Stolen Cards
The oldest form of credit card fraud is the brazen theft of physical cards by criminals. Consumers are susceptible to theft in any location where they are joined by strangers – the bank, the supermarket, even a busy city street. Professional pickpockets have trained themselves to detect signs of distraction and move in for the kill when it appears that you are not paying attention. Having your credit cards stolen by such people exposes you to all manner of fraud. If detected early, you can stop the damage by calling your card issuer and canceling the card. However, if the theft goes undetected, there are few limits to what the thief can do: making extravagant purchases, applying for new credit cards, and in some extreme cases, taking out hefty loans in your name.
“Card Not Present” Orders
Orders placed via Internet and mail are a frequent target of credit card fraud because the actual, physical card is not required or visible for the order. Such transactions allow thieves to use stolen cards without exposing themselves to the risks of in-store shopping (such as being caught on security cameras or apprehended by police.) Unfortunately, card not present fraud penalizes two parties: the original consumer who had their card stolen, and the merchant who unknowingly processed fraudulent orders and will, in all likelihood, have them charged back when the original consumer protests. Card not present orders are also less likely to be investigated, since there are, again, usually no immediate red flags that distinguish stolen card orders from legitimate ones.
Application fraud is one specific version of what is broadly referred to as “identity theft.” As the name implies, it essentially involves a criminal using someone else’s name and credentials to fill out a credit card application without their permission. Often times, the thief sets the stage for application fraud by stealing supporting documents from the victim, such as utility bills or bank statements, which are then used to substantiate the thief’s fraudulent credit card application. If and when they are approved for a card in the victim’s name, thieves face few restraints in the damage they are capable of inflicting. FICO scores and payment histories can be ruined in a heartbeat by determined thieves in possession of a fraudulently granted credit card.
Another more brazen type of credit card identity theft involves what is known as “account takeover.” Under this method, the criminal gathers pertinent documents and information about a victim in order to call their credit card company requesting a change of address (one controlled by the criminal.) Following the address change, the criminal proceeds to impersonate the victim by submitting “proof” of identity to the credit card company and requesting that a replacement card be sent to the new address. Although some card issuers attempt to thwart account takeover by requiring card holders to submit photocopies of the card in question and its monthly statements, not all of them do, and this remains an extremely problematic form of credit card fraud.
A more modern form of credit card and bank fraud is the so-called “phishing” attack. Rather than rooting through your trash or swiping your wallet at a busy intersection, sophisticated Internet hackers simply lead victims into an authoritative-looking website (usually one claiming to be their bank or credit card company.) Once the victims land on these websites, they are asked to fork over their credit card or bank details as part of a “routine security check.” At no point is it clear that such websites are stealing your information. Indeed, great care is taken to mimic the look and feel of real bank websites down to the most intricate details (including logos, URLs and slogans), such that the entire process of keying in your information feels natural and safe. Only once you have clicked “Submit” will your credit card information fall into the hands of ruthless identity thieves.
Skimming is perhaps the form of credit card fraud most difficult to prevent. While the methods above all involve outside criminals, skimming is when a dishonest employee interferes in legitimate transaction that victims did make. An example would be if you walked into an electronics store and bought an iPod on credit, only to have an unscrupulous clerk record your card data and take a spending spree on your tab. Sadly, this is not only difficult to prevent. It is also difficult to detect, after it has occurred. Generally speaking, the last person a defrauded consumer suspects is the friendly store clerk who checked them out. Therefore, it is only once a particular merchant has been involved with a substantial number of credit card fraud incidents that they are even suspected of skimming, much less investigated or prosecuted for any wrongdoing. A merchant who skimmed only once in a while might, in all actuality, never be suspected of anything for as long as they remained in business.
How to Protect Yourself
Don’t Habitually Leave Home With Your Card
One surefire way to reduce your exposure to most forms of credit card fraud is to not always leave home with one. For one thing, a criminal can’t swipe what you don’t have on you. But it also reduces the number of physical card transactions you make, which, in turn, limits your chances of being scammed in proportion. If you don’t want to leave home without plastic of some kind, get a credit card with a low limit and bring that. This way, provided the criminal doesn’t have any additional documentation about you, the worst they can do is spend what that card allows, which is purposefully not enough to devastate your finances.
Use Virtual Credit Cards
Leaving your card at home is all well and good to prevent in-person fraud, but what about shopping online? Surely, you can’t be expected to sacrifice the convenience of buying online just to keep prying eyes out of your finances. Luckily, nothing of the sort is needed. By using virtual credit cards (which have a different number than your regular credit card and expire after one use) you can remove the one thing from the equation that attracts criminals: a viable card to steal. Thieves who intercept virtual credit card numbers will soon find that they no longer work, which will send them on their way toward the next victim-in-waiting. Best of all, most banks and credit card companies (including PayPal) now offer virtual cards for little or no cost.
Shred Your Mail
A key element in several types of credit card fraud, as you now know, are the supporting documents (like bank statements or utility bills) that enable a complete stranger to pose as you to your credit card company. The surest way to prevent criminals from getting their hands on such documents is to shred them before they leave your home. Do not, as many foolishly do, simply toss those papers in the trash and figure that no one will “really” stoop so low as to empty your garbage cans to find them. Professional identity thieves can and will do just that, because they know from experience that it pays off in spades. Don’t take that chance. Instead, invest $40 in a small paper shredder and make it a rule of the household that nothing hits the trash can without being shredded first.
Do Not Submit Credit Card Numbers to Bank Emails
As a general rule, most banks and credit card companies will never request your account numbers via e-mail. Such requests (in the unlikely event they occur at all) will occur over the phone or, more likely, in person. No matter how official, credible, or authoritative an e-mail or website appears to be, if it is asking for sensitive information – especially in connection with a “routine security check” – you can safely assume that you are being scammed and back away. In fact, most banks (on their real websites) explicitly state that they will never approach you for this information in any such manner.
Shop Only at Trusted Merchants
It should go without saying that your odds of being skimmed increase by shopping at smaller, “no-name” merchants. To continue our analogy from earlier: it’s not very likely (though it’s certainly possible) that the local BestBuy is going to skim your card number from a genuine, in-store transaction. Big-name corporate chains tend to have elaborate security procedures that are difficult for rank-and-file store employees to circumvent, even if they wanted to. However, countless fly-by-night shops exist who will happily skim you, both online and in stores. Of course, not every small shop is out to steal your credit card number. It simply pays to be mindful of the possibility and the greater odds of it occurring in smaller rather than larger stores.
Review Your Billing Statements Periodically
The sad truth about most forms of credit card fraud is that you, the card holder, are often in the dark until the thief does something so egregious that you are notified. Fortunately, there is one way to detect early warning signs of fraud: periodically reviewing your billing statements. While most people instinctively toss their statements in the trash (because, after all, they know what they charged), this is in fact the only way to detect whether fraudulent charges have been made. A simple, five minute review of your statement will make crystal clear whether the card has been used improperly, and it can mean the difference between canceling your card while there’s time to limit the damage or being completely unaware until disaster befalls you.