It’s the call or text you absolutely don’t want to get: the one from the bank that says, “Your credit card is restricted due to suspicious activity.” Panic sets in immediately: what should you do? Who can you turn to? How did this happen?
First and foremost, you need to make sure this isn’t a scam, so the answer to those first two questions is the same: Call your bank. Don’t click on any links, and don’t use any phone numbers provided in the message. If it’s an actual phone call, say you’ll check into it and hang up. Then find the credit card in question and call the number on the back.
If it turns out to be a legitimate case of fraud, the bank can guide you through what you need to do. As to how it happened, well … there are many different ways, ranging from a lost card to a data breach to fraudsters who simply try numbers at random.
It’s a huge problem, but it’s not just you: reports show that credit card fraud increased by 18.4 percent in 2018, and it’s still climbing. With the rise of eCommerce, thieves have an found an entirely new playground in which to work their dirty tricks. But does that mean physical, “card-present” environments are safe?
Unfortunately, no. And that means consumers need to educate themselves on fraud: knowing how and where fraudsters work is one of the best ways to thwart their efforts. To get you started, here are five of the riskiest places to swipe your credit or debit card.
Automated Teller Machines are a huge convenience, but using them can be risky. We’re talking less about the ones at your bank, and more about the ones in out-of-the-way places like convenience stores or hotel lobbies. Banks have no control over these, which means the machines aren’t always monitored as closely as they should be.
Thieves take advantage of this with a practice known as “skimming,” which involves placing an inconspicuous skimming device on the card slot of the ATM. A credit or debit card is swiped through a skimmer during an otherwise legitimate transaction, giving thieves access to all the details stored in the card’s magnetic stripe. In fact, so-called “chip” cards were largely developed to address this risk. Unfortunately, fraudsters adapt, and some now have the ability to steal the information from chips, as well.
The same types of devices thieves use on ATMS can be installed on gas pumps, as well. Think about it: strangers are always standing around pumps, right? And the view from the cashiers inside is blocked, giving crooks plenty of opportunities to put a skimmer—or in some cases, a tiny spy camera—in place.
In the case of pumps and ATMs, make it habit to gently tug on the card terminal before you insert your card. Skimmers can be almost undetectable to the eye, but they’ll usually be a bit wobbly to the touch—in some cases, the device come right off in your hand. If the reader feels in any way insecure, try a different pump (or a different station).
When was the last time you just handed your credit card to a complete stranger and trusted them not to take advantage of the opportunity? Probably the last time you dined out. And in truth, the vast majority of wait staff would probably never think of stealing your card info.
But it’s not unheard of. In some locations, fraudsters run organized operations that pay restaurant workers a small amount to collect credit card data. The money may seem great to a struggling waiter, but it’s pennies compared to what can be gained with the stolen information.
It’s not as common, but as self-checkout kiosks have become increasingly common, fraudsters have started plying their trade there, as well. During busy periods, thieves may work in teams. One person will have a “problem” that requires the attendant’s attention, while a second snaps a skimmer onto a different machine. There may even be a third party involved, who blocks the installer’s activity from cameras or customers.
Unlike skimmers at gas pumps or remote ATMs, federal reports indicate that fake skimmers at larger retail stores tend to get discovered relatively quickly. Unfortunately, thieves can gather a lot of information in just a few hours or days, especially since Bluetooth technology allows them to start retrieving card data immediately.
Mobile payment card apps like Square and PayPal Here now allow merchants to accept credit and debit card payments just about anywhere: at trade shows and other events, at temporary shops, or even right in the customer’s home. It’s fast, easy, and convenient…so as you might imagine, fraudsters are all over it.
Thieves can present themselves as legitimate vendors, swiping your card for services that are far less than presented, or merchandise that is promised but never delivered. Skimmers can come into play here, too, capturing personal data that ends up for sale on the dark web.
What Can You Do?
Fraudsters are smart, and they’re constantly devising new and clever ways to steal your personal information. As we move toward an increasingly interconnected payment environment, it’s unrealistic to think we can eliminate the threat of credit and debit card theft altogether. Having said that, there are steps consumers can take to better protect personal card data.
- Stick to high-visibility ATMs, preferably ones that are bank-operated
- Always check for skimmers by tugging on the card slot
- Visually compare the card reader you are about to use to others nearby
- Use chip cards whenever possible—or use cash
- Check your bank account at least weekly and immediately report any suspicious activity
Remember: ultimately it’s your responsibility to protect your credit card information. Trust your instincts: if something seems suspicious, move on. No matter where you are or where you’re shopping, being aware of your card’s physical location and taking time for a closer look at your surroundings are the best ways to protect yourself from on-site fraud attempts.