The Ever Present Credit Card Scam

Saturday, March 19, 2011

Robert Siciliano

37d5f81e2277051bc17116221040d51c

When people ask me, “How do I protect myself from credit card fraud?” I tell them, “Cancel the card, or never use it.” Because that’s the only way.

Otherwise, all you can do is hope the merchant has a sophisticated system in place to mitigate the fraud.

The FBI’s Internet Crime Complaint Center’s Annual Report determined that the total dollar loss from all cases of fraud in 2009 that were referred to law enforcement by IC3 was $559.7 million; that loss was greater than 2008 when a total loss of $264.6 million was reported. Some estimate identity fraud in total at over $50 billion.

Flaws in the system used to issue credit facilitate new account fraud, since creditors often neglect to fully vet credit applicants with technology as essential as device reputation.

Account takeover requires nothing more than access to credit card numbers, which can be accessed by hacking into databases or skimming cards at a point of sale terminal, ATM, or gas pump.

You should be aware of these common scams:

Micro Charges: Micro charges are fraudulent charges ranging from twenty cents to ten dollars. The idea is to keep the amounts low enough to go unnoticed by cardholders.

ATM Skimmers: Criminals can place a card reader device on the face of an ATM to copy your card data. The device, which appears to be part of the machine, may use wireless technology to transmit the data to the criminals.

In many cases, thieves will also hide a small pinhole camera somewhere around the ATM (in a brochure holder, mirror, or speaker, for example) in order to record PIN numbers as well. Always cover the keypad with your other hand when entering your PIN.

Dummy ATMs: ATMs can be purchased through eBay or Craigslist and installed anywhere. (I bought one from a guy at a bar for $750.) A dummy machine has been programmed to read and copy card data.

Phone Fraud: The phone rings and it’s a scammer claiming to be calling from your bank’s fraud department. The scammer may already have your entire card number, which could be stolen from another source.

You might be asked about a fictional charge you supposedly made, and when you deny it, you’ll have to provide your three to four digit CVV number in order to have the charge removed. Never give out this type of information over the phone.

Phantom Charges: When searching for something on the web, you come across a great deal. In the process of ordering, the website informs you that a discount is available along with a free trial of another product.

Thinking you’re saving money, you take the bait. The next thing you know, your card is being charged every month and the company makes it very difficult to cancel the charges.

Look for and do business with companies that have a comprehensive, defense-in-depth approach to protect consumers against identity and financial fraud.

Check your credit and banking statements carefully. Scrutinize every charge and call your bank or credit card company immediately to refute any unauthorized transactions.

(Be sure to do it within 30 or 60 days at most, depending on the type of card.)

Robert Siciliano, personal security and identity theft expert contributor to iovation, discusses ATM skimming on Extra TV. Disclosures.

Possibly Related Articles:
11947
Impersonation
fraud scams Skimming Credit Cards Account Fraud Micro Charges
Post Rating I Like this!
Default-avatar
Emilia Adcox The three major credit bureaus offer their own proprietary models but usually provide the FICO score to lenders. The VantageScore was created as a consistent credit score model across the three bureaus and factors in option kinds of information to allow millions credit who have been denied in the past. Get a short term loan to help boost your credit score.
1395296356
The views expressed in this post are the opinions of the Infosec Island member that posted this content. Infosec Island is not responsible for the content or messaging of this post.

Unauthorized reproduction of this article (in part or in whole) is prohibited without the express written permission of Infosec Island and the Infosec Island member that posted this content--this includes using our RSS feed for any purpose other than personal use.