Pinterest Stumbleupon Whatsapp
Ads by Google

If you’re part of my generation, you might have had to convince your parents or grandparents at some point that using their credit card online is safe. “It doesn’t feel safe,” they say, but you tell them that’s the way everyone shops all the time, and their credit card information is totally safe.

But you’re wrong. Credit card numbers do get stolen, and credit card fraud does happen, both online and offline. But how does it happen? How does a thief get your card number? Why don’t verification systems prevent these problems? And what can you do to keep your own cards safe? Let’s take a look at credit card fraud and find out how you can protect yourself.

Getting Your Card Number

Obviously, the first thing that needs to happen for credit card fraud to take place is someone else getting your credit card number Fraudsters Still Clone Credit Cards: Keep Plastic In Your Pocket Fraudsters Still Clone Credit Cards: Keep Plastic In Your Pocket If you regularly pay by credit or debit/cheque card (and who doesn’t these days?) you should be aware that your card can be cloned. But how is this done, and what types of business are... Read More . There are a number of ways to accomplish this, and they range from the very basic, to the more technologically complex.

Phishing Gone Phishing: 5 Security Terms You Need to Know Gone Phishing: 5 Security Terms You Need to Know The Internet is a shark tank; you're exposed to threats left and right. You need to understand the risks to protect yourself. Here we introduce you to the five most common online security threats. Read More , for example, is an old strategy that only requires a thief to be a smooth talker. They’ll get in touch with you via phone, email, post, or some other way, usually posing as someone from your credit card issuer, and talk to you into giving them your credit card information. It sounds like something you’d be able to spot right away, but some phishers are really good at what they do—this is very similar to the tactic that was used in the British phone hacking scandal Not Just Email: Your Voice Mail Can Be Hacked, Too - Here's How To Secure It Not Just Email: Your Voice Mail Can Be Hacked, Too - Here's How To Secure It Read More a couple years ago.

phish-hook

Another way in which thieves could come to have your 16-digit credit card number is through online data breaches like those suffered by Target, Home Depot, the Playstation Network, and a whole list of others in recent years. The numbers stolen from those sites often end up on “carding” shops, where people go to buy stolen credit card numbers for use online. According to Brian Krebs, the card numbers sold on Rescator, one of the biggest card-buying sites, go for a median price of about $27 per card. This makes it easy for thieves to buy hundreds of cards at a time, potentially including yours.

Ads by Google

It’s not always a merchant or a bank that’s compromised, though; sometimes it’s your own computer. If a hacker manages to get a keylogger or another type of malware Viruses, Spyware, Malware, etc. Explained: Understanding Online Threats Viruses, Spyware, Malware, etc. Explained: Understanding Online Threats When you start to think about all the things that could go wrong when browsing the Internet, the web starts to look like a pretty scary place. Read More installed on your computer, they could easily nab your credit card information when you use it for online shopping. Because most people don’t do enough to protect their computers from malware, this is a serious threat.

Your card itself can also be the target for card thieves. With the increase in contactless payment credit cards, radio frequency identification (RFID) scanners have become a more popular method to steal credit card information; all a thief needs to do is get a scanning device in close range RFID Can Be Hacked: Here's How, & What You Can Do To Stay Safe RFID Can Be Hacked: Here's How, & What You Can Do To Stay Safe How much do you know about RFID chips? Do you know how many you're carrying at any given moment? Do you know what information is stored on them? Do you know how close a hacker... Read More to your card, and they’ll have all the information they need.

contactless-payment

This same strategy can be used if your phone uses near-field communication (NFC) NFC! What Is It Good For? Here Are 5 Uses NFC! What Is It Good For? Here Are 5 Uses If your phone doesn’t already have a Near-Field Communication chip in it, your next one probably will. High-end Android handsets are quickly adopting the tech and while Apple has so far shrugged it off, adoption... Read More to communicate with points of sale to share your credit card information—Apple Pay, Google Wallet, Visa PayWave, and similar apps Everything You Need to Know about Apple Pay, Samsung Pay, and Android Pay Everything You Need to Know about Apple Pay, Samsung Pay, and Android Pay Android Pay, Samsung Pay, Apple Pay all have their advantages and disadvantages. Let's take a look at exactly how each of them works and who can use them. Read More use this technology when you pay with them. If an NFC reader is compromised or tampered with, it could be giving your credit card information to a criminal.

A similar method called “skimming” requires a thief to have a physical scanner that reads the information from your credit card Fraudsters Still Clone Credit Cards: Keep Plastic In Your Pocket Fraudsters Still Clone Credit Cards: Keep Plastic In Your Pocket If you regularly pay by credit or debit/cheque card (and who doesn’t these days?) you should be aware that your card can be cloned. But how is this done, and what types of business are... Read More . These devices are surprisingly easy to get (you can get a basic reader for $13 on Amazon), and thieves can be rather creative in using them to tamper with ATMs How Scammers Can Use ATMs To Clean You Out How Scammers Can Use ATMs To Clean You Out That ATM in the wall of your local bank might look like an easy way to get some cash, but you need to make sure that the scammers didn't get there first. Read More , card readers at businesses, and other places where your card is swiped on a regular basis. ATM fraud is surprisingly common; check out Dan Price’s awesome article on ATM fraud These 7 News Reports Prove ATM Fraud Can Hit At Any Time These 7 News Reports Prove ATM Fraud Can Hit At Any Time We often go into auto-pilot while using ATMs, but in Europe alone, cash point fraud increased by 15% in the first six months of 2015. These news stories prove ATM fraud can strike at any... Read More to see just how much of it happens every day.

And, of course, there’s the most time-tested, old-fashioned way: just stealing the card. A forgotten wallet or purse, a dropped card, an unlocked car door, or any number of things, can make your card easy for a thief to grab. Sometimes they’ll just write down your information—the number of waiters caught writing down card numbers while running customers’ cards is larger than you might expect.

Using Your Credit Card

Of course, once a thief has your credit card, the hardest part is done. Now all they need to do is use it (or sell it). Banks want you to think that your credit card transactions are very secure, but a quick trip to the store makes it clear that anyone with your card could use it wherever they want. I live in the US, where not all cards have EMV chips Heads Up, Americans: Here's How Credit Cards Are Changing in 2015 Heads Up, Americans: Here's How Credit Cards Are Changing in 2015 Chip credit cards have been standard for years in the world outside of the USA. Now they're coming to the US; here's everything you need to know. Read More yet, and I haven’t had my signature checked against my card or driver’s license in a long time.

Contactless payments with cards don’t require PINs or signatures, so they’re perfect for credit card thieves (even though the limits for contactless payments are rather small, they add up quickly). Online payments don’t require PINs or signatures ether, so going on an Amazon shopping spree with a stolen card is remarkably easy.

online-shopping-credit-card

And, as I mentioned, these card numbers can be sold online. Rescator is one of many sites that sell this information—most of these sites are on the dark web, where all sorts of identifying information can be bought Here's How Much Your Identity Could Be Worth on the Dark Web Here's How Much Your Identity Could Be Worth on the Dark Web It's uncomfortable to think of yourself as a commodity, but all of your personal details, from name and address to bank account details, are worth something to online criminals. How much are you worth? Read More , but some are easy to get to from any browser. By staying hidden, using servers based in other countries, and making it difficult for law enforcement to look for patterns in stolen cards, these sites stay untouchable.

How to Protect Yourself from Credit Card Fraud

As you can see from the list above, there are a lot of different ways that fraudsters can obtain and use your credit card information—it might seem like it’s impossible to protect yourself. But by following a few simple guidelines, you can significantly decrease the chances that you’ll fall victim to credit card fraud.

First, don’t share your card information over the phone or in an email. Most credit card companies, banks, and stores won’t ask for your credit card information via email, so an email asking for this information should be a clear sign that you’re being scammed 5 Examples To Help You Spot A Fraud Or Fake Email 5 Examples To Help You Spot A Fraud Or Fake Email The shift from spam to phishing attacks is noticeable, and is on the rise. If there's a single mantra to keep in mind, it's this -- the number one defense against phishing is awareness. Read More . If you need to share your information over the phone, be sure that no one is around to overhear you.

eavesdropping

Second, pay attention to online security news; if a retailer or a bank that might have your credit card information gets hacked, call your bank, tell them what happened, and ask for a new card. You could wait to see if you get any suspicious charges on your account before alerting your bank, but it’s up to you whether or not you want to take that chance before starting the process.

Third, if your card is RFID-equipped, consider getting an RFID-blocking wallet What Are RFID-Blocking Wallets & Which Should You Buy? What Are RFID-Blocking Wallets & Which Should You Buy? If you knew that someone could read your credit cards, passport, and even driver's license without actually having to swipe them, would you take steps to guard against it? Read More so your card is protected while it’s in your pocket. By blocking RFID signals, the wallet prevents any device from reading the information on your card until you take it out to use it.

Fourth, be on the lookout for any card-scanning device that looks like it’s been tampered with. ATMs, pay-at-the-pump gas stations, small stores and restaurants, and many other places can be targeted by skimmers. If something looks suspicious, use another method to pay. Make cash withdrawals from within your bank, pay at the counter when you buy gas, and don’t let your card out of your sight.

swiping-card-restaurant

Finally, make sure to monitor your credit card statements, bank statements, and credit reports on a regular basis. The earlier you catch a potentially fraudulent transaction What To Do If You’re A Victim Of Online Credit Card Fraud What To Do If You’re A Victim Of Online Credit Card Fraud Read More , the better the chances that you’ll be able to prevent further trouble. You can get a credit report free every year from annualcreditreport.com, but you should make sure to check your online accounts much more frequently than that to see if anything suspicious is going on.

Your Credit Card Fraud Stories

Now that you know how credit card fraud happens and what you can do to protect yourself, we want to hear your stories of credit card fraud. Have you ever had a card stolen? Do you know how the thief got the information? What tipped you off to the fact that your card had been compromised? And what did you do about it? Share your stories below so we can all learn from them!

Image credits: steal a credit card by Andrea Danti via Shutterstock, wk1003mike via Shutterstock.com, LDprod via Shutterstock.com, A. and I. Kruk via Shutterstock.com, India Picture via Shutterstock.com, Khakimullin Aleksandr via Shutterstock.com.

  1. Anna
    October 24, 2016 at 12:19 am

    Mine was taken by going through a drive-through. I noted that the girl working had my card longer than she should have and I couldn't see in the window very well. So not too long after this happened, my account was unexpectedly overdrawn with a $700 + purchase for a product seen on an infomercial. I did some sleuthing myself and the person was caught by law enforcement.

    • Dann Albright
      October 26, 2016 at 9:37 pm

      Glad to hear that your issue was resolved effectively! I don't know how many people end up catching the person who nabbed their card, but I can't imagine it's too many. Good job paying attention to where your card was, too. Not everyone (probably including me) would notice that.

      • Martina
        December 3, 2016 at 8:48 am

        I want to know is there any way I can find out the email on the charges that was took from my card

        • Dann Albright
          December 10, 2016 at 12:18 am

          You might be able to get in touch with the merchant where the card was used, but I'm not sure how likely that is to work. It's entirely up to them.

  2. Kath
    September 27, 2016 at 2:24 pm

    Hi
    I just got my debit card details stolen and it's still in my purse. After getting declined at shop discovered $2 500 purchases made pretty much over night, whilst I was sleeping and in a different state. Think I was hacked after or during online order for Target. Reported to cyber crime and bank will give money back to me. Still the person who did it paid their fines and energy bill with my card so should get caught!

    • Dann Albright
      October 21, 2016 at 8:03 pm

      Did you use that debit card online? If you did, it's quite possible that someone got the details in a hack. And I hope you're right about them getting caught; using it for energy bills doesn't seem like the best way to go!

  3. Vivian Kannon
    August 15, 2016 at 4:23 pm

    Someone made a purchase online at Best Buy with my number. This is a fairly new card and I only use it to shop on line. No one else uses it. The transaction date was 7/08, so I think it was stolen from some online order on or before that date. I had 2 purchases on 7/07. I also had a purchase on 7/02 and 7/01. I should put these on my Must Avoid list in the future, right? I have Malwarebytes on my computer.

    • Dann Albright
      August 16, 2016 at 2:06 pm

      That's strange . . . seems like it could have been stolen from an online order. Companies do have breaches on a regular basis, so it's certainly a possibility.

      • Meg
        August 29, 2016 at 11:02 pm

        Something similar just happened to me also. I got a newly activated card, used it for 3 purchases: a restaurant, a gas station, and an online shop. After the online shop purchase posted, 4 new charges appeared: two $1 then two $40. I changed my card account, checked my credit report, and got the two $40 charges reversed.

        But now what? Do I put a fraud hold on my credit? Do I take action against the online shop? After researching the place, others have had similar experiences with fraudulent charges made after purchasing from there. I submitted a BBB complaint, but not sure what will come of that.

  4. Jona Marie
    July 30, 2016 at 9:32 pm

    I offer an explanation for credit card fraud which cannot be attributed otherwise: it happened before it was in your house and your hands. (Thank you Sherlock Holmes, "when all other explanation are excluded, the remaining must be true.")

    It is theoretically probable that someone wanting RFID information can go to a bank of mailboxes and use one of the illegal readers. It is a felony on several counts, but the rewards are enticing, and made easier since they know your billing address (cards are always sent to the billing address).

    Some mailboxes appear to be metal, but are not. Sometimes not enclosed enough to block RF on all six sides. Or a person with a reader can cruise down the street checking plastic mailboxes, or pulling open the front of the metal ones, especially where they are close together.

    Worse yet, a postal employee could be doing it, in the mail sorting area of the USPS. Of course this would involve a more sophisticated piece of equipment to segregate the signals and data, but once again, rich rewards are quite enticing.

    The solution: ask at work if you can use the company's address on a temporary basis. Be sure to use "? The Company" on the 2nd address line, and put your floor/dept/mail stop in there too. Upon receipt, it will be in a big pile of other mail coming to the company, not sorted locally or delivered where unsecured. Upon receipt, immediately activate and change the billing address to the correct one.

    Those are my thoughts to explain where they get your info if the card itself has been secured since you received it: it had to have happened before it was in your house and your hands.

  5. Illuminated
    July 26, 2016 at 7:34 pm

    As I indicated its Bank of America. And no one else has access to my computer unless they have broken into my house.

    • Dann Albright
      August 11, 2016 at 2:35 pm

      That's pretty weird. Sounds like there's some factor that we haven't considered yet. Especially if you never entered it into your computer. Also, you said that "Google charges appear[ed]"—what did your statement say? Did it give any indication of the account that used the card or what it was used for?

  6. Illuminated
    July 23, 2016 at 4:53 pm

    I've had repeated thefts of my credit card number. The last time this happened I deliberately did not use the replacement card with the new number for anything. I didn't use it in a store, type it in anywhere, assign it to a recurring charge, or save it online. Six weeks later, fraudulent Google charges appear. I don't have a Google pay account or anything else Google. The Bank of America told me I likely had malware that was taking info from my online account but I daily scan with Malwarebytes Premium and my Micro Center diagnostics dept says I don't have a problem. I think it is a BOA breach. How are they getting my info?

    • Dann Albright
      July 25, 2016 at 8:08 pm

      Sounds to me like someone's either accessing your computer or your bank has had a breach. Are you using a major bank, or a smaller, local one?

  7. Emily
    June 12, 2016 at 7:54 pm

    How do credit card hackers get additional information that isn't on the card, like my billing address? Would that have been stolen through an online hack? Do you know the best way to find out if wifi is compromised or if my computer has malware that scrapes my info?

    • Dann Albright
      June 13, 2016 at 7:50 pm

      Hm, that's a tough one. Data leaks or hacks seem pretty likely, but they may also be able to get your billing address through public channels. From what I understand, it's not that hard. To check your wifi and computer, change your wifi password and run an anti-malware scan. That's the best advice I can give you. If you search around the site, you might be able to find a more detailed answer, but that sort of monitoring on your wifi is definitely beyond my own level of expertise. Hope you get it figured out soon!

  8. Ernie
    May 16, 2016 at 2:24 pm

    I just discovered 2 fraudulent charges at Home Depot on a card that I have NEVER CARRIED OR USED. The bank told me it was an on line purchase and they even used my 3 digit security code. OK now how did the thieves get this info. The article does not cover this situation or I missed it.

    • Dann Albright
      May 16, 2016 at 8:43 pm

      That's pretty weird. If you've never carried it or used it, it seems to me like the only possibility is that your bank got hacked, but it seems like there's a pretty low probability of that, too. Hm. Keep us updated on what you find out!

      • dita
        June 3, 2016 at 6:02 am

        same here Ernie, home depot just billed me usd 3000. i never heard of that website after my bank send me a confirmation request. Anyone here know whats gonna happen next? i dont need to pay for that right? im so panic. and well, i did call the bank and c ontact home depot.

        • Dann Albright
          June 6, 2016 at 11:55 am

          Very strange; as far as I understand it, you won't be responsible for that payment. What did your bank and Home Depot say when you called them?

    • Aj
      August 7, 2016 at 3:02 pm

      People are smart and some are disparate....it's easy to do something when you do it over and over see everyone tells you the same thing, keep the card out of sight, but people hack .... a hacker can rob a back ,anything ....but when they found out that card never been used....great credit gone .....it's no keeping your card save .....it's stop making new cards or pay everything cash....and when shop online make a PayPal send money to PayPal when you wanna shop or be smart put your due credit card payments in your PayPal....so you don't have to get bad credit and make a new account....the only way to get fraud if you let yourself .....think.... Everyone knows how to stop it but don't you think you would be unfruadble if you actually knew how to do it ..... Don't you think you can hack the hackers if you learn/knew how to hack ..... Don't you think if malware can hack your computer.....another computer can hack malware only if you knew how to actually do it

      • Aj
        August 7, 2016 at 3:35 pm

        and people think about that one card that got fraud...but the person that toke your card and billing info could be make way more card with your social!!!!! Dark web my ass??it's right under yo nose .....remember that weird link you pushed and it sent you no where .....that's a set up....some people call your phone looking for the info .....and some really smart people that would actually go in your device...just by you letting them

  9. Samurai Shonan
    May 10, 2016 at 10:33 pm

    They got two of my Japanese cards in the last two weeks. Sucked.

    • Dann Albright
      May 16, 2016 at 8:42 pm

      Oof. Sorry to hear that. Hope you get it worked out!

  10. Bill
    December 22, 2015 at 2:38 pm

    1) Your card number isn't transmitted using ApplePay -- just a pseudo-number which is useless to crooks. 2) Online use of cards usually requires additional info so address and/or phone number verification can be done. 3) While grabbing a card number from an NFC card with a reader is possible, as is using a skimmer, neither of these methods capture address information or the card verification codes (because neither of those are encoded anywhere).

    The worst way to use a card is to hand it to someone else!

    • Dann Albright
      January 2, 2016 at 1:34 am

      All of the things that you point out are true . . . but online credit card fraud does still happen. Keyloggers and wi-fi interception will provide all of the information a fraudster needs to use your credit card, and that doesn't require that they actually get the physical card. Yes, handing your card to someone else is dangerous, but if the card doesn't go out of your sight, it's quite a bit safer than handing it off to someone and losing track of it for a few minutes!

  11. Mike
    December 22, 2015 at 2:14 pm

    I guess I have been lucky so far,but for a number of years now,we have been using chip enabled cards with a pin number,so theft of the card wouldn't help the thief ( my cards don't use NFC,and I have to insert them into a reader). The article doesn't mention the security code on the back of cards. If I make a purchase online,the site often asks for this number,so again,if a thief acquires my card number,he still doesn't have the security code on the back of the card.

    • Dann Albright
      January 2, 2016 at 1:32 am

      That's true, the security code on the back of the card is an important part of making an online purchase, and just having the card number isn't going to get you past that particular security hurdle. If someone actually gets a hold of your physical card, they could easily write down the number, but in other cases, it's going to be more difficult.

      Also, chip-and-pin cards are definitely more secure, and I'm very glad that the US is starting to make the transition. It's moving really slowly, but any change is welcome.

  12. Robert O
    December 22, 2015 at 10:26 am

    I'm not kidding or making this up here..... but just today (December 21), the day this article was posted, a coworker of mine had his bank debit card hacked and was charged over $800 for purchases he never made, in a city he never visited! (Charleston, South Carolina, USA, to be specific).

    The thing is, his previous bank account from the state he used to live (New York) was also hacked recently! His card was charged in yet another state he's never been to (somewhere in Indiana). That time, it was two, small, separate purchases of around $40 that were flagged by his bank.

    He just started his new (local) bank account here two (maybe three) weeks ago, and now he just got hacked for the previously-mentioned $800+ dollars!

    It's one thing to have your bank account hacked in another state, but to have your new bank account hacked again? That's pretty scary, and as a geek, I'm trying to figure out what this guy is doing that allowed himself to be bank-hacked twice! He doesn't have the internet at home, and claims to have never shopped online. He basically buys beer at the corner gas station, food at the local supermarket, and goes to the local pubs frequently. Apparently, he uses his debit card to do much (if not all) of his purchases.

    I suspect either there's a "skimmer" in an establishment he frequents, or that one of his associates has somehow acquired access to his new account. It seems very odd that his bank account would be hacked only two or three weeks after he opened it!

    The bank told him that the charges are being turned over to their fraud department, so hopefully the culprit(s) will be caught. But this has made me quite paranoid about my own bank cards and charges.

    Thanks to this article, I'm wondering if he got "phished" somehow over the phone. Or "skimmed" at an establishment he frequents. Considering he got hit twice, over a relatively short period of time, on two accounts at two separate banks, seems to indicate he's being targeted somehow.

    • Dann Albright
      January 2, 2016 at 1:30 am

      Wow, that's crazy! Seems likely to me that there's a skimming operation somewhere nearby, especially if he's not shopping online. And he definitely could have gotten phished over the phone . . . that happens to a lot of people. If you find out more about this case, please let us know; I'd be very interested in finding out how this happened.

      Also, this is a great reminder that you should be checking your accounts frequently to make sure that no suspicious activity is showing up!

      • shay
        June 9, 2016 at 8:22 pm

        Hey i just wanted to say I got scammed with a brand new account after me old account was hacked. within two weeks both accounts were hacked and out of new York where I've never been. I am definitely being targeted

        • Dann Albright
          June 13, 2016 at 7:51 pm

          That's rough, Shay. I wonder if they got enough information from the first card to get access to the second one. You may want to open a card with a different bank/provider, and make sure to run anti-malware scans on your computer on a regular basis.

Leave a Reply

Your email address will not be published. Required fields are marked *