How Credit Card Fraud Works, And How To Stay Safe
Whatsapp Pinterest

If you’re part of my generation, you might have had to convince your parents or grandparents at some point that using their credit card online is safe. “It doesn’t feel safe,” they say, but you tell them that’s the way everyone shops all the time, and their credit card information is totally safe.

But you’re wrong. Credit card numbers do get stolen, and credit card fraud does happen, both online and offline. But how does it happen? How does a thief get your card number? Why don’t verification systems prevent these problems? And what can you do to keep your own cards safe? Let’s take a look at credit card fraud and find out how you can protect yourself.

Getting Your Card Number

Obviously, the first thing that needs to happen for credit card fraud to take place is someone else getting your credit card number Fraudsters Still Clone Credit Cards: Keep Plastic In Your Pocket Fraudsters Still Clone Credit Cards: Keep Plastic In Your Pocket If you regularly pay by credit or debit/cheque card (and who doesn’t these days?) you should be aware that your card can be cloned. But how is this done, and what types of business are... Read More . There are a number of ways to accomplish this, and they range from the very basic, to the more technologically complex.

Phishing Gone Phishing: 5 Security Terms You Need to Know Gone Phishing: 5 Security Terms You Need to Know The Internet is a shark tank; you're exposed to threats left and right. You need to understand the risks to protect yourself. Here we introduce you to the five most common online security threats. Read More , for example, is an old strategy that only requires a thief to be a smooth talker. They’ll get in touch with you via phone, email, post, or some other way, usually posing as someone from your credit card issuer, and talk to you into giving them your credit card information. It sounds like something you’d be able to spot right away, but some phishers are really good at what they do—this is very similar to the tactic that was used in the British phone hacking scandal Not Just Email: Your Voice Mail Can Be Hacked, Too - Here's How To Secure It Not Just Email: Your Voice Mail Can Be Hacked, Too - Here's How To Secure It Read More a couple years ago.


Another way in which thieves could come to have your 16-digit credit card number is through online data breaches like those suffered by Target, Home Depot, the Playstation Network, and a whole list of others in recent years. The numbers stolen from those sites often end up on “carding” shops, where people go to buy stolen credit card numbers for use online. According to Brian Krebs, the card numbers sold on Rescator, one of the biggest card-buying sites, go for a median price of about $27 per card. This makes it easy for thieves to buy hundreds of cards at a time, potentially including yours.

It’s not always a merchant or a bank that’s compromised, though; sometimes it’s your own computer. If a hacker manages to get a keylogger or another type of malware Viruses, Spyware, Malware, etc. Explained: Understanding Online Threats Viruses, Spyware, Malware, etc. Explained: Understanding Online Threats When you start to think about all the things that could go wrong when browsing the Internet, the web starts to look like a pretty scary place. Read More installed on your computer, they could easily nab your credit card information when you use it for online shopping. Because most people don’t do enough to protect their computers from malware, this is a serious threat.

Your card itself can also be the target for card thieves. With the increase in contactless payment credit cards, radio frequency identification (RFID) scanners have become a more popular method to steal credit card information; all a thief needs to do is get a scanning device in close range RFID Can Be Hacked: Here's How, & What You Can Do To Stay Safe RFID Can Be Hacked: Here's How, & What You Can Do To Stay Safe How much do you know about RFID chips? Do you know how many you're carrying at any given moment? Do you know what information is stored on them? Do you know how close a hacker... Read More to your card, and they’ll have all the information they need.


This same strategy can be used if your phone uses near-field communication (NFC) NFC! What Is It Good For? Here Are 5 Uses NFC! What Is It Good For? Here Are 5 Uses If your phone doesn’t already have a Near-Field Communication chip in it, your next one probably will. High-end Android handsets are quickly adopting the tech and while Apple has so far shrugged it off, adoption... Read More to communicate with points of sale to share your credit card information—Apple Pay, Google Wallet, Visa PayWave, and similar apps Everything You Need to Know about Apple Pay, Samsung Pay, and Android Pay Everything You Need to Know about Apple Pay, Samsung Pay, and Android Pay Android Pay, Samsung Pay, Apple Pay all have their advantages and disadvantages. Let's take a look at exactly how each of them works and who can use them. Read More use this technology when you pay with them. If an NFC reader is compromised or tampered with, it could be giving your credit card information to a criminal.

A similar method called “skimming” requires a thief to have a physical scanner that reads the information from your credit card Fraudsters Still Clone Credit Cards: Keep Plastic In Your Pocket Fraudsters Still Clone Credit Cards: Keep Plastic In Your Pocket If you regularly pay by credit or debit/cheque card (and who doesn’t these days?) you should be aware that your card can be cloned. But how is this done, and what types of business are... Read More . These devices are surprisingly easy to get (you can get a basic reader for $13 on Amazon), and thieves can be rather creative in using them to tamper with ATMs How Scammers Can Use ATMs To Clean You Out How Scammers Can Use ATMs To Clean You Out That ATM in the wall of your local bank might look like an easy way to get some cash, but you need to make sure that the scammers didn't get there first. Read More , card readers at businesses, and other places where your card is swiped on a regular basis. ATM fraud is surprisingly common; check out Dan Price’s awesome article on ATM fraud These 7 News Reports Prove ATM Fraud Can Hit At Any Time These 7 News Reports Prove ATM Fraud Can Hit At Any Time We often go into auto-pilot while using ATMs, but in Europe alone, cash point fraud increased by 15% in the first six months of 2015. These news stories prove ATM fraud can strike at any... Read More to see just how much of it happens every day.

And, of course, there’s the most time-tested, old-fashioned way: just stealing the card. A forgotten wallet or purse, a dropped card, an unlocked car door, or any number of things, can make your card easy for a thief to grab. Sometimes they’ll just write down your information—the number of waiters caught writing down card numbers while running customers’ cards is larger than you might expect.

Using Your Credit Card

Of course, once a thief has your credit card, the hardest part is done. Now all they need to do is use it (or sell it). Banks want you to think that your credit card transactions are very secure, but a quick trip to the store makes it clear that anyone with your card could use it wherever they want. I live in the US, where not all cards have EMV chips Heads Up, Americans: Here's How Credit Cards Are Changing in 2015 Heads Up, Americans: Here's How Credit Cards Are Changing in 2015 Chip credit cards have been standard for years in the world outside of the USA. Now they're coming to the US; here's everything you need to know. Read More yet, and I haven’t had my signature checked against my card or driver’s license in a long time.

Contactless payments with cards don’t require PINs or signatures, so they’re perfect for credit card thieves (even though the limits for contactless payments are rather small, they add up quickly). Online payments don’t require PINs or signatures ether, so going on an Amazon shopping spree with a stolen card is remarkably easy. When it comes to choosing a credit card for your online shopping Visa vs. Mastercard: Which Should You Use for Online Shopping? Visa vs. Mastercard: Which Should You Use for Online Shopping? Want to shop online but not sure which credit card to use? Here's what you need to know to choose between Visa and Mastercard. Read More , you will find that Mastercard and Visa both offer some decent precautionary measures to prevent suspicious purchases.


And, as I mentioned, these card numbers can be sold online. Rescator is one of many sites that sell this information—most of these sites are on the dark web, where all sorts of identifying information can be bought Here's How Much Your Identity Could Be Worth on the Dark Web Here's How Much Your Identity Could Be Worth on the Dark Web It's uncomfortable to think of yourself as a commodity, but all of your personal details, from name and address to bank account details, are worth something to online criminals. How much are you worth? Read More , but some are easy to get to from any browser. By staying hidden, using servers based in other countries, and making it difficult for law enforcement to look for patterns in stolen cards, these sites stay untouchable.

How to Protect Yourself from Credit Card Fraud

As you can see from the list above, there are a lot of different ways that fraudsters can obtain and use your credit card information—it might seem like it’s impossible to protect yourself. But by following a few simple guidelines, you can significantly decrease the chances that you’ll fall victim to credit card fraud.

First, don’t share your card information over the phone or in an email. Most credit card companies, banks, and stores won’t ask for your credit card information via email, so an email asking for this information should be a clear sign that you’re being scammed 5 Examples To Help You Spot A Fraud Or Fake Email 5 Examples To Help You Spot A Fraud Or Fake Email The shift from spam to phishing attacks is noticeable, and is on the rise. If there's a single mantra to keep in mind, it's this -- the number one defense against phishing is awareness. Read More . If you need to share your information over the phone, be sure that no one is around to overhear you.


Second, pay attention to online security news; if a retailer or a bank that might have your credit card information gets hacked, call your bank, tell them what happened, and ask for a new card. You could wait to see if you get any suspicious charges on your account before alerting your bank, but it’s up to you whether or not you want to take that chance before starting the process.

Third, if your card is RFID-equipped, consider getting an RFID-blocking wallet What Is an RFID-Blocking Wallet? (And Which Should You Buy?) What Is an RFID-Blocking Wallet? (And Which Should You Buy?) If you have cards, passports, or devices with RFID chips, then an RFID-blocking wallet could be important for keeping your data safe. Read More so your card is protected while it’s in your pocket. By blocking RFID signals, the wallet prevents any device from reading the information on your card until you take it out to use it.

Fourth, be on the lookout for any card-scanning device that looks like it’s been tampered with. ATMs, pay-at-the-pump gas stations, small stores and restaurants, and many other places can be targeted by skimmers. If something looks suspicious, use another method to pay. Make cash withdrawals from within your bank, pay at the counter when you buy gas, and don’t let your card out of your sight.


Finally, make sure to monitor your credit card statements, bank statements, and credit reports on a regular basis. The earlier you catch a potentially fraudulent transaction What To Do If You’re A Victim Of Online Credit Card Fraud What To Do If You’re A Victim Of Online Credit Card Fraud Read More , the better the chances that you’ll be able to prevent further trouble. You can get a credit report free every year from, but you should make sure to check your online accounts much more frequently than that to see if anything suspicious is going on.

Your Credit Card Fraud Stories

Now that you know how credit card fraud happens and what you can do to protect yourself, we want to hear your stories of credit card fraud. Have you ever had a card stolen? Do you know how the thief got the information? What tipped you off to the fact that your card had been compromised? And what did you do about it? Share your stories below so we can all learn from them!

If you shop online frequently, make sure you’re aware of what formjacking is and how you can avoid it What Is Formjacking and How Can You Avoid It? What Is Formjacking and How Can You Avoid It? The big online security risk of 2019 looks like it could be formjacking. Here's how hackers steal your data from website forms. Read More .

Image credits: steal a credit card by Andrea Danti via Shutterstock, wk1003mike via, LDprod via, A. and I. Kruk via, India Picture via, Khakimullin Aleksandr via

Explore more about: Credit Card, Online Fraud.

Enjoyed this article? Stay informed by joining our newsletter!

Enter your Email

Leave a Reply

Your email address will not be published. Required fields are marked *

  1. Donald Mcgreggor
    August 29, 2018 at 5:05 pm

    I have been to some comments and people are saying RFID wallets doesn't work which I think is not true since I have been using one and have not had any issues since last year. A year ago there was an unknown transaction in my account and i found out about RFID thefts and I decided to buy RFID proof wallet from Mani Wonders. Since then there hasn't been any case of skimming with me, so I would highly recommend to buy it.

  2. Michael Kaufman
    May 3, 2017 at 7:42 pm

    Over the years I've had froudulent charges a few times, always caught by the credet card company before I even knew. Lately, 5 incidents in aout 6 weeks...all but one caught by the company, and the rest the charges were declined as the persons didn't have the right information. One of the incidents was with version where a party called up saying they were me, and to ad da new was also declined by Verizon for not enough information. The last incident was today with a Sears card, which was replaced last January for similar reasons. Seems this is getting bad. I have no idea as to how the information was obtained, with online purchases I suppose it gets hacked somehow. The last three incidents were attempts for online ites generated from Texas, I'm in NC.

    • Dann Albright
      May 13, 2017 at 6:03 pm

      Hm, that's strange. Could be a hack of a company that you've done online business with before, I suppose, or maybe your bank.

  3. Mary
    April 19, 2017 at 9:17 pm

    I just opened a new credit card a month ago. I got the card solely to transfer a balance from high interest card to this zero percent interest card. I have made exactly 4 transactions - the initial balance transfer (on the phone with customer service representative that I called), a payment to the account, and one $14 online purchase for my son. Card is still in my dresser with the sticker on it. It's never been out of the house. Yesterday I received an email from the issuer that there may be fraudulent activity on the account. Someone used it 3 times for Dominos purchases ($57 each) in a city 2 hours south of me, and another Dominos purchase in NC (7 hours north), they ordered $400 online from a lamp company that, thankfully, needed an address verification, attempted to set up a paypal account - again needing an address verification. A clothing company - same story and they TRIED to order $4000 worth of stereo equipment. Apparently, in addition to my account number, they have my address and cellphone number -what's tripping them up is not shopping to the same address.

    I just don't don't understand how they got this info.

    • Dann Albright
      May 13, 2017 at 5:29 pm

      Sounds to me like the it could be a hack at the bank. Either that or someone with access to your mail is doing it.

  4. Dr Rameshbabu
    April 12, 2017 at 9:13 am

    On 4-4- 2017 a phone call came to my mobile asking is it Dr Rameshbabu? I said yes speaking. Do you stay at such a residence? I said yes. You hold SBI credit card ? yes I said Plan for your card is going to change we are sending new card within 7 days. Your card details remain same. Your card number starts from........yes. Kindly tell details ? I told him, He asked OTP. I told and within seconds Rs 9000/ was debited from my card and phone went silent
    How that person knows abut my card?

    • Dann Albright
      April 22, 2017 at 3:18 pm

      As far as I'm aware, it's impossible to tell from your story how that person got your card details in the first place. It sounds to me like your bank could have been hacked. Is there any evidence of that?

  5. Sheron
    March 13, 2017 at 9:42 pm

    I felt compelled to respond to this article due to ID theft. I'm on round 3. The first one was in 2010 where they had all of my information. Name , address, phone number , date of birth, SSN and accurate bank information. I cancelled everything and opened new accounts. They claimed that I had an unpaid play day loan account and there was a warrant for my arrest. The police came and verified it was a scam after listening to the phone threats. The continued to contact me but I ignored them.
    2013 some one applied for a Cash Call loan during my old address and information from the first ID theft incident. I was alerted by LIFELOCK and my IDentity Guard accounts and was able to stop the account from opening. The good thing is they were going yo do the debits from my old closed bank account from the first incedent so I felt semi safe.
    Fast forward to 2017. Some one had stolen my information again. They now have my new address and information from my credit card. The purchased a security system in Memphis Tennessee which fortunately they included the account number on the transaction list on my statement. I called the company who could only verify where the purchase was made but could not give me the information as to who is doing this. They did ask me the ridiculous question if I was going to press charges? How can I press charges if the criminal had more protection rights than I do. I also had to give information proving that I was not in Memphis at the time of the charges. And needed to explain how it is that they could use my card and access all of my information if the card had been in my procession at all times. The bank claims they verified with the company that the billing information belongs to me. Not exactly something I have not already confirmed. I told them they need to get the information of where the security system is installed which the security system company said could be given to the banks Legal Department because the crime us against the bank and not against me. LOL
    The Internet charges cannot be traced because do not currently have an account with the ISP but the card company wanted a valid letter from the company proving the last time I paid a bill to the. And when my old an out was closed over 7 years ago. There is no information in their system so I'm not sure if I will be stuck paying for cable from a provider that does not offer services in the county I live in.
    What's do frustrating is I only disputed the charges that were not mine not the whole bill. This card is only used for business with recurring automatic debits from the same exact companies. Outside purchases are only made from two other companies and only when office supplies are needed. The card had never been used for retail purchases and had never been used out of state. The company can see who the criminal is but cannot reveal who he is. The companies that I contacted where the purchases were online purchases did not require the security code to complete the transaction.
    I feel that even if a company cannot reveal who the criminal is to me they should flag the account and give the true card holder the option to start a criminal investigation. Regardless of what they say this is a crime against the cardholder echo stands to lose the most.
    Any card company who does not take the precaution to ask for the security code should be forced legally to reimbursed accounts whenever there is a complaint of fraudulent charges. Let that be their hoop to jump through.
    I asking found out that this particular card company sends their cards in the mail ALREADY ACTIVATED. I found that out when I told them that I received but had not activated my new card. I told them that was dangerous and crazy considering that there are companies that are allowing transactions without security codes and if they send activated cards if it is stolen before it gets to the card holder then they would have all they need to do lots of damage before they can be stopped. Seriously why would that be my or any other card holders fault.
    So today I was searching for RFID protection wallets. I'm not sure if they work because there is too much conflicting information.
    Chips are not much protection. This is chip protected.

    • Dann Albright
      March 29, 2017 at 3:28 pm

      That's strange that they ship the cards already activated, and that definitely seems like a security concern. Is there any way you could pick up a new card at the bank? It sounds like someone has figured out that they can use those cards before they get to you. It's also possible that there's someone close to you who's nabbing your cards and using them. Having this happen three times doesn't seem like bad luck; it sounds like there's something going on.

  6. Katie
    January 25, 2017 at 7:54 am

    I just bought bags online and then found out it's fraudulent website. So, I cancelled my order again but I don't know if it will work. I'm afraid if they steal my credit card. So, what should I do?? Please reply me. Thanks!

    • Dann Albright
      February 6, 2017 at 7:12 pm

      Call your bank and tell them to cancel the charge. After that, either immediately close your card and get a new one or keep an eye on your account online to see if anything strange shows up.

  7. scott aidlaw
    January 14, 2017 at 6:57 pm

    I got a text from my credit card issuer stating that my credit card was used at a " gamestop" store in Atlanta for $200 & at an Atlanta Burger King for $12.99. They declined the charges & contacted me. I live in San Francisco & have not been to Atlanta for over 20 years. Glad they caught it, but still a hassle getting a new card and notifying vendors I have accounts with !

    • Dann Albright
      January 18, 2017 at 11:28 pm

      Yeah, that is a hassle. But it's a lot less of a hassle than dealing with thousands of dollars on your bill!

  8. Amabella
    December 30, 2016 at 12:10 am

    I've had all my accounts credit and debit with multiple banks hacked for the last year... I can collect a card Sunday and by Monday midday it's been used online. It was printed and collected in branch, into my purse bought home and stayed in my purse. I have examples of cards being compromised whilst in unopened envelopes, never been online or have had for years and never used suddenly online making purchases. I've had a hack into an iPhone 5 which has been used to call the bank with the fraudster impersonating me, the phone dials the banks by itself...

    Have asked the police to sweep the house but am getting zero support as it's unheard of but by the looks of these posts these compromises are possible and are happening

    Either something in the house zaps a cards details as the mail drops on the floor or a database somewhere with all my changing card details is accessible

    Any advice ?

    Unshared mail box
    New wifi hub
    Security on all pc's
    No visitors help or gardeners
    In a good chunk of cases cards never used online
    New accounts opened with old and new bank

    • Dann Albright
      January 5, 2017 at 4:21 pm

      That's very strange; do you know if other customers of your bank have had similar issues?

  9. Anna
    October 24, 2016 at 12:19 am

    Mine was taken by going through a drive-through. I noted that the girl working had my card longer than she should have and I couldn't see in the window very well. So not too long after this happened, my account was unexpectedly overdrawn with a $700 + purchase for a product seen on an infomercial. I did some sleuthing myself and the person was caught by law enforcement.

    • Dann Albright
      October 26, 2016 at 9:37 pm

      Glad to hear that your issue was resolved effectively! I don't know how many people end up catching the person who nabbed their card, but I can't imagine it's too many. Good job paying attention to where your card was, too. Not everyone (probably including me) would notice that.

      • Martina
        December 3, 2016 at 8:48 am

        I want to know is there any way I can find out the email on the charges that was took from my card

        • Dann Albright
          December 10, 2016 at 12:18 am

          You might be able to get in touch with the merchant where the card was used, but I'm not sure how likely that is to work. It's entirely up to them.

  10. Kath
    September 27, 2016 at 2:24 pm

    I just got my debit card details stolen and it's still in my purse. After getting declined at shop discovered $2 500 purchases made pretty much over night, whilst I was sleeping and in a different state. Think I was hacked after or during online order for Target. Reported to cyber crime and bank will give money back to me. Still the person who did it paid their fines and energy bill with my card so should get caught!

    • Dann Albright
      October 21, 2016 at 8:03 pm

      Did you use that debit card online? If you did, it's quite possible that someone got the details in a hack. And I hope you're right about them getting caught; using it for energy bills doesn't seem like the best way to go!

  11. Vivian Kannon
    August 15, 2016 at 4:23 pm

    Someone made a purchase online at Best Buy with my number. This is a fairly new card and I only use it to shop on line. No one else uses it. The transaction date was 7/08, so I think it was stolen from some online order on or before that date. I had 2 purchases on 7/07. I also had a purchase on 7/02 and 7/01. I should put these on my Must Avoid list in the future, right? I have Malwarebytes on my computer.

    • Dann Albright
      August 16, 2016 at 2:06 pm

      That's strange . . . seems like it could have been stolen from an online order. Companies do have breaches on a regular basis, so it's certainly a possibility.

      • Meg
        August 29, 2016 at 11:02 pm

        Something similar just happened to me also. I got a newly activated card, used it for 3 purchases: a restaurant, a gas station, and an online shop. After the online shop purchase posted, 4 new charges appeared: two $1 then two $40. I changed my card account, checked my credit report, and got the two $40 charges reversed.

        But now what? Do I put a fraud hold on my credit? Do I take action against the online shop? After researching the place, others have had similar experiences with fraudulent charges made after purchasing from there. I submitted a BBB complaint, but not sure what will come of that.

  12. Jona Marie
    July 30, 2016 at 9:32 pm

    I offer an explanation for credit card fraud which cannot be attributed otherwise: it happened before it was in your house and your hands. (Thank you Sherlock Holmes, "when all other explanation are excluded, the remaining must be true.")

    It is theoretically probable that someone wanting RFID information can go to a bank of mailboxes and use one of the illegal readers. It is a felony on several counts, but the rewards are enticing, and made easier since they know your billing address (cards are always sent to the billing address).

    Some mailboxes appear to be metal, but are not. Sometimes not enclosed enough to block RF on all six sides. Or a person with a reader can cruise down the street checking plastic mailboxes, or pulling open the front of the metal ones, especially where they are close together.

    Worse yet, a postal employee could be doing it, in the mail sorting area of the USPS. Of course this would involve a more sophisticated piece of equipment to segregate the signals and data, but once again, rich rewards are quite enticing.

    The solution: ask at work if you can use the company's address on a temporary basis. Be sure to use "? The Company" on the 2nd address line, and put your floor/dept/mail stop in there too. Upon receipt, it will be in a big pile of other mail coming to the company, not sorted locally or delivered where unsecured. Upon receipt, immediately activate and change the billing address to the correct one.

    Those are my thoughts to explain where they get your info if the card itself has been secured since you received it: it had to have happened before it was in your house and your hands.

  13. Illuminated
    July 26, 2016 at 7:34 pm

    As I indicated its Bank of America. And no one else has access to my computer unless they have broken into my house.

    • Dann Albright
      August 11, 2016 at 2:35 pm

      That's pretty weird. Sounds like there's some factor that we haven't considered yet. Especially if you never entered it into your computer. Also, you said that "Google charges appear[ed]"—what did your statement say? Did it give any indication of the account that used the card or what it was used for?

  14. Illuminated
    July 23, 2016 at 4:53 pm

    I've had repeated thefts of my credit card number. The last time this happened I deliberately did not use the replacement card with the new number for anything. I didn't use it in a store, type it in anywhere, assign it to a recurring charge, or save it online. Six weeks later, fraudulent Google charges appear. I don't have a Google pay account or anything else Google. The Bank of America told me I likely had malware that was taking info from my online account but I daily scan with Malwarebytes Premium and my Micro Center diagnostics dept says I don't have a problem. I think it is a BOA breach. How are they getting my info?

    • Dann Albright
      July 25, 2016 at 8:08 pm

      Sounds to me like someone's either accessing your computer or your bank has had a breach. Are you using a major bank, or a smaller, local one?

  15. Emily
    June 12, 2016 at 7:54 pm

    How do credit card hackers get additional information that isn't on the card, like my billing address? Would that have been stolen through an online hack? Do you know the best way to find out if wifi is compromised or if my computer has malware that scrapes my info?

    • Dann Albright
      June 13, 2016 at 7:50 pm

      Hm, that's a tough one. Data leaks or hacks seem pretty likely, but they may also be able to get your billing address through public channels. From what I understand, it's not that hard. To check your wifi and computer, change your wifi password and run an anti-malware scan. That's the best advice I can give you. If you search around the site, you might be able to find a more detailed answer, but that sort of monitoring on your wifi is definitely beyond my own level of expertise. Hope you get it figured out soon!

  16. Ernie
    May 16, 2016 at 2:24 pm

    I just discovered 2 fraudulent charges at Home Depot on a card that I have NEVER CARRIED OR USED. The bank told me it was an on line purchase and they even used my 3 digit security code. OK now how did the thieves get this info. The article does not cover this situation or I missed it.

    • Dann Albright
      May 16, 2016 at 8:43 pm

      That's pretty weird. If you've never carried it or used it, it seems to me like the only possibility is that your bank got hacked, but it seems like there's a pretty low probability of that, too. Hm. Keep us updated on what you find out!

      • dita
        June 3, 2016 at 6:02 am

        same here Ernie, home depot just billed me usd 3000. i never heard of that website after my bank send me a confirmation request. Anyone here know whats gonna happen next? i dont need to pay for that right? im so panic. and well, i did call the bank and c ontact home depot.

        • Dann Albright
          June 6, 2016 at 11:55 am

          Very strange; as far as I understand it, you won't be responsible for that payment. What did your bank and Home Depot say when you called them?

    • Aj
      August 7, 2016 at 3:02 pm

      People are smart and some are's easy to do something when you do it over and over see everyone tells you the same thing, keep the card out of sight, but people hack .... a hacker can rob a back ,anything ....but when they found out that card never been used....great credit gone's no keeping your card save's stop making new cards or pay everything cash....and when shop online make a PayPal send money to PayPal when you wanna shop or be smart put your due credit card payments in your you don't have to get bad credit and make a new account....the only way to get fraud if you let yourself .....think.... Everyone knows how to stop it but don't you think you would be unfruadble if you actually knew how to do it ..... Don't you think you can hack the hackers if you learn/knew how to hack ..... Don't you think if malware can hack your computer.....another computer can hack malware only if you knew how to actually do it

      • Aj
        August 7, 2016 at 3:35 pm

        and people think about that one card that got fraud...but the person that toke your card and billing info could be make way more card with your social!!!!! Dark web my ass??it's right under yo nose .....remember that weird link you pushed and it sent you no where .....that's a set up....some people call your phone looking for the info .....and some really smart people that would actually go in your device...just by you letting them

  17. Samurai Shonan
    May 10, 2016 at 10:33 pm

    They got two of my Japanese cards in the last two weeks. Sucked.

    • Dann Albright
      May 16, 2016 at 8:42 pm

      Oof. Sorry to hear that. Hope you get it worked out!

  18. Bill
    December 22, 2015 at 2:38 pm

    1) Your card number isn't transmitted using ApplePay -- just a pseudo-number which is useless to crooks. 2) Online use of cards usually requires additional info so address and/or phone number verification can be done. 3) While grabbing a card number from an NFC card with a reader is possible, as is using a skimmer, neither of these methods capture address information or the card verification codes (because neither of those are encoded anywhere).

    The worst way to use a card is to hand it to someone else!

    • Dann Albright
      January 2, 2016 at 1:34 am

      All of the things that you point out are true . . . but online credit card fraud does still happen. Keyloggers and wi-fi interception will provide all of the information a fraudster needs to use your credit card, and that doesn't require that they actually get the physical card. Yes, handing your card to someone else is dangerous, but if the card doesn't go out of your sight, it's quite a bit safer than handing it off to someone and losing track of it for a few minutes!

  19. Mike
    December 22, 2015 at 2:14 pm

    I guess I have been lucky so far,but for a number of years now,we have been using chip enabled cards with a pin number,so theft of the card wouldn't help the thief ( my cards don't use NFC,and I have to insert them into a reader). The article doesn't mention the security code on the back of cards. If I make a purchase online,the site often asks for this number,so again,if a thief acquires my card number,he still doesn't have the security code on the back of the card.

    • Dann Albright
      January 2, 2016 at 1:32 am

      That's true, the security code on the back of the card is an important part of making an online purchase, and just having the card number isn't going to get you past that particular security hurdle. If someone actually gets a hold of your physical card, they could easily write down the number, but in other cases, it's going to be more difficult.

      Also, chip-and-pin cards are definitely more secure, and I'm very glad that the US is starting to make the transition. It's moving really slowly, but any change is welcome.

  20. Anonymous
    December 22, 2015 at 10:26 am

    I'm not kidding or making this up here..... but just today (December 21), the day this article was posted, a coworker of mine had his bank debit card hacked and was charged over $800 for purchases he never made, in a city he never visited! (Charleston, South Carolina, USA, to be specific).

    The thing is, his previous bank account from the state he used to live (New York) was also hacked recently! His card was charged in yet another state he's never been to (somewhere in Indiana). That time, it was two, small, separate purchases of around $40 that were flagged by his bank.

    He just started his new (local) bank account here two (maybe three) weeks ago, and now he just got hacked for the previously-mentioned $800+ dollars!

    It's one thing to have your bank account hacked in another state, but to have your new bank account hacked again? That's pretty scary, and as a geek, I'm trying to figure out what this guy is doing that allowed himself to be bank-hacked twice! He doesn't have the internet at home, and claims to have never shopped online. He basically buys beer at the corner gas station, food at the local supermarket, and goes to the local pubs frequently. Apparently, he uses his debit card to do much (if not all) of his purchases.

    I suspect either there's a "skimmer" in an establishment he frequents, or that one of his associates has somehow acquired access to his new account. It seems very odd that his bank account would be hacked only two or three weeks after he opened it!

    The bank told him that the charges are being turned over to their fraud department, so hopefully the culprit(s) will be caught. But this has made me quite paranoid about my own bank cards and charges.

    Thanks to this article, I'm wondering if he got "phished" somehow over the phone. Or "skimmed" at an establishment he frequents. Considering he got hit twice, over a relatively short period of time, on two accounts at two separate banks, seems to indicate he's being targeted somehow.

    • Dann Albright
      January 2, 2016 at 1:30 am

      Wow, that's crazy! Seems likely to me that there's a skimming operation somewhere nearby, especially if he's not shopping online. And he definitely could have gotten phished over the phone . . . that happens to a lot of people. If you find out more about this case, please let us know; I'd be very interested in finding out how this happened.

      Also, this is a great reminder that you should be checking your accounts frequently to make sure that no suspicious activity is showing up!

      • shay
        June 9, 2016 at 8:22 pm

        Hey i just wanted to say I got scammed with a brand new account after me old account was hacked. within two weeks both accounts were hacked and out of new York where I've never been. I am definitely being targeted

        • Dann Albright
          June 13, 2016 at 7:51 pm

          That's rough, Shay. I wonder if they got enough information from the first card to get access to the second one. You may want to open a card with a different bank/provider, and make sure to run anti-malware scans on your computer on a regular basis.