Wherever there is money, there are people looking for ways to steal it.
And there is a lot of money in scamming credit cards.
Ever since the first one was issued by Diners Club in 1950, (technically it was a “charge card” since you had to pay in full every month), this soon-to-be ubiquitous financial tool has been targeted by scammers, hackers, and thieves.
Before 1996 when credit card thieves started to use the internet, they relied on old-school techniques to get credit card information. In addition to skimming, dumpster diving, mail theft, and actual theft of people's cards, they also used application fraud.
In the case of stolen cards, they’d take the card to a gas station to see if it was still active by using it to buy a gallon of gas at the pump. If the charge went through, they then went on a shopping spree. Now they simply do the test online.
Today, those schemes look almost quaint. Thanks to technology, the most common scams have escalated into big business theft. . According to a 2020 identity theft study from Javelin Research, scammers have left counterfeiting credit cards behind and gone on to commit more serious crimes like identity theft and savings account takeover. The future is even scarier with could even more complicated scams like synthetic identity fraud and takeovers of investment accounts being put at risk instead of just checking and savings accounts.
Before you cut up all your credit cards and stuff your savings under the mattress, there are ways to identify scams and protect yourself. The experts say a major way to avoid becoming a victim of fraud is to use safer methods to protect your personal and financial data.
1. Credit card interest rate reduction scams.
When you’re carrying a balance and paying 15% to 22% interest on it, the financial pain is real. This is why it’s so tempting when someone calls and tells you that they can reduce the interest rate on your credit cards.
The scammer usually implies that their company can help secure a lower interest rate because they have a “special relationship” with the credit card issuers. They may also claim they can:
If you get a call like this, the Federal Trade Commission (FTC) advises that you “should listen to them with extreme skepticism, and delete them.”
It would probably be smart to skip the listening part since, in the vast majority of cases, robocalls promising to lower your interest rates are always fraudulent.
Regardless of what anyone claims, no one can do anything to lower your interest rate that you can’t do yourself. And it really isn’t that hard. All you have to at least try to get a lower interest rate on your credit card is to call your credit card company and ask for one.
Unless your payment history is horrible, chances are they’ll knock a few points off. According to the FTC, people who fall for the scam and pay third parties to get a lower interest rate never see the savings. And as far as trying to get a refund for the fees? Good luck with that.
Worse yet, because you have to give the scammers your credit card number to work with them opens the door to other abuses. Once they have your number, they can go on to make all kinds of fraudulent purchases.
The best thing to do when you hear the phrase “lower your credit card interest rate” on a robocall is to hang up.
2. Phishing scams
In case you didn’t know, phishing is the fraudulent practice of sending an email, text, or making a phone call that seems to be coming from reputable companies in order to get people to reveal personal information, such as passwords and credit card numbers.
According to experts in the field of financial fraud, phishing scams have been around for a long time. The first phishing attacks seem to have happened in the mid-1990s. At that time a group of scammers posed as employees of AOL and used instant messaging and email to steal users' passwords and hijack their accounts. Later, in the early 2000s, phishers started attacking financial systems, including those on the digital currency site E-Gold in 2001.
By 2003, hackers got even more devious. They started registering domain names that were slight variations on legitimate commerce sites, such eBay and PayPal. They sent mass emailings that asked customers to visit their fraudulent sites. There they were asked to enter their passwords and update their credit card information -- which the hackers promptly started using to commit fraud.
While phishing can take on several different forms, it usually occurs when a scammer contacts the potential victim by phone, text, email, or increasingly, through some social engineering scheme in order to extract card, account or banking credentials or other personal details. They use this information for e-commerce transactions, move money via online banking, or open credit card accounts in the victim’s name.
Although these types of schemes often target vulnerable senior citizens who may be less familiar with technology, plenty of people who consider themselves pretty savvy have been “hooked” by these phishing expeditions.
3. Application fraud
Application fraud takes place when somebody uses your Social Security number, stolen personal information, or fake documents to open a credit card or other account in your name. Scammers may steal documents out of the trash or from other sources to create fake documents such as utility bills and bank statements to create a personal profile.
After an account is opened using these fake or stolen documents, the scammer could then withdraw cash or obtain credit in your name. To protect yourself, keep your details private and store sensitive documents in a secure place and be careful how you get rid of personal, identifiable information. You bought that paper shredder for a reason -- use it.
4. Account takeover frauds
With this type of fraud, a scammer gets a hold of your personal n or your log-in information and uses it to access and take over your bank, social media, or accounts.
Some of the most common methods include proxy-based "checker" one-click apps, brute-force botnet attacks, phishing, and malware. Others include going through trash or paper recyclables to find personal information in discarded mail. They can also do something called buying lists of 'Fullz,' a slang term for full packages of identifying information that are sold on the black market.
Once they have your info, scammers might change your address and contact information in order to make it difficult if not impossible for you to lock them out -- or even regain access to your account.
These people are tricky. They can intercept communication about the account to keep you blind to what’s going on. The first time you detect account takeover may be when you discover charges on monthly statements you didn’t authorize or notice multiple questionable withdrawals. Interestingly, it seems there has been an increase in the number of account takeovers since the adoption of EMV technology, which makes it more difficult for criminals to clone physical credit cards.
According to the experts, account takeover fraud is one of the hardest types of fraud to identify. That’s because of the “multichannel account access and the desire to reduce friction in the consumer experience”. In other words, consumers don’t like the hassle of complicated verification processes and don’t use them.
Your accounts may be more susceptible to this type of fraud if you don’t personally take extra precautions to make them harder to access, such as adding a layer of multi-factor authentication. It’s a pain, but worth doing.
5. Person-to-person fraud
The internet makes scamming easy. However, experts say you should still look out for old-fashioned person-to-person fraud that involves credit cards and other accounts.
For example, somebody may contact you via email or text and ask you to send them money via an app like Zelle or PayPal to buy a product or service, then not deliver the goods. Other times someone might contact you pretending to be a family member or friend who says they are in a tough spot and wants you to send them money using your credit card or an online person-to-person payment platform.
Also, beware of “charities” who call asking for a donation via credit card. Again once they have your information they may give your “gift” to themselves.
6. Synthetic identity scams
This happens when a scammer uses fabricated credentials to create a fake identity and open new accounts in their name. LifeLock, an identity theft protection company, says even though they are not creating an account in your name, synthetic identity scams can still be a serious issue. Since scammers often use fragments of real identities like a partial Social Security number or address to create a fake one,
If an identity thief uses your actual Social Security number to create a fraudulent profile and open new accounts, it could damage your credit score and make it difficult for you to recover your accounts or open new ones.
7. Social engineering scams
Social engineering fraud sounds high-tech, but it’s one of the oldest scams in the book. This happens when a scammer poses as someone in authority persuades you to voluntarily transfer money or give them information. Think of Andy Dufresne posing as Randall Stephens to withdraw Warden Norton’s money in the movie The Shawshank Redemption.
Similar to phishing, social engineering fraud often involves spoof emails or a telephone call from someone impersonating a senior member of staff who tries to deceive employees into transferring money to a fraudulent bank account.
As a business, you can protect yourself with a dual authorization process for the transfer of funds, This means that the transfer requires authorization from at least two persons, and a call-back procedure to a previously established contact number, instead of any contact information included with the payment request.
Skimming is a scam that involves the theft of personal information being used in an otherwise normal transaction. The scammer gets a victim's card number by simply photocopying receipts. More recently they’ve been using the more advanced method of employing a small electronic device (skimmer) to swipe and store hundreds of victims' credit card numbers.
Common sites for skimming scams are restaurants or bars where the skimmer takes your credit card and has it in their possession out of your sight. In addition to stealing the number, the scammer may also use a small keypad to copy down the three or four-digit card security code on the back of the card.
Skimming scams can also occur at merchants like self-serve gas station pumps when a third-party card-reading device is installed outside a card-swiping terminal. This device captures a customer's card number including their PIN, with each swipe.
Even scarier instances of skimming scams have been reported where the device has been put over the card slot of an ATM that reads the magnetic strip as the user unknowingly passes their card through it. Miniature cameras used with these devices are used read the user's PIN at the same time.
9. Unexpected repeat billing
Online bill paying or internet purchases like signing up for a subscription that uses a bank account to pay on a periodic basis are known as "recurring bank charges".
With E-commerce companies, a merchant can receive payment by direct debit through the ACH Network. While many payments or purchases are valid, and the customer is fine with paying the monthly bill, others are not.
Known as Rogue Automatic Payments, these are recurring automatic payments that continue after you ask the biller to stop deducting money from your account. Once a financial institution has been told that the
authorization is no longer valid, it must block all future payments. If it doesn’t you may be due a refund.
What you can do to protect yourself from credit card scams.
As you can see there are a lot of credit card scams out there. Fortunately there there are also a lot of ways to protect yourself from scams that could cost you and your business thousands.
Aside from big glaring errors or unexplained withdrawals, keep your eye out for tiny charges like .01 or very low dollar amounts. This is a common way for scammers to confirm your account. If the charges aren’t disputed then they’ll go back to charge higher amounts.
Companies like AnnualCreditReport.com let you look at your credit reports from all three credit bureaus for free once a year and check for irregularities. What’s more, the three major credit reporting bureaus are offering free credit reports on a weekly basis through April 2022 because of the COVID pandemic.
Do this and you’ll be notified when a purchase is made on the account you’re monitoring. If you didn’t make the purchase, let your bank know immediately, and then cancel and secure your account as soon as possible.
It might be nice to surf the web while you’re eating your burger at McDonald’s, but resist the urge. Unsecure internet connections will your personal information at risk of being stolen. Scammers may capture your information by creating a pop up on your screen for you to input your card information or even worse steal your saved card information off your computer. If you need to have internet access away from home or the office, it’s wise to pay for a virtual private network (VPN).
It can be annoying to have to take an extra step to access your credit card accounts and other financial accounts with multi-factor authentication, but it can protect you from fraud. You’ll have to enter a code that they’ll send you via text or email. This extra step is worth it because it makes your accounts more secure.
If you’re in a situation where you are really concerned about someone hacking into your credit, you can put your credit on ice. When you freeze your credit report with each of the three major credit reporting bureaus, Experian, Equifax and TransUnion. When you do that NOBODY can open new accounts in your name—not even you. It’s a nuclear option that you can put in place for as long or as short a time as you like. And you can do it free of charge.
What to do if you believe you’ve been scammed.
Don’t panic. Consumers are typically not responsible for charges connected to most types of credit card fraud. Although the Fair Credit Billing Act (FCBA) limits consumers to $50 in liability for fraudulent charges, most credit cards come with $0 fraud liability protection.
Naturally if you think you’re the victim of a credit card scam or believe your information has been stolen, let your card issuer know about it as soon possible. The customer representative at your credit card company has the power to freeze your account or cancel your card immediately.
After that, you’ll need to keep a close eye on your credit reports to make sure nobody is claiming your identity and opening up fake accounts in your name.
If you find a problem on your credit reports, the Consumer Financial Protection Bureau (CFPB) recommends that you place a fraud alert on your credit reports from all three bureaus or freezing them all together.
Credit card scams are a major problem in the US and around the world. They can be tricky to identify at first, but if you know what to look for, it becomes much easier. This week's blog post has given an overview of how credit cards work and some tips on how to spot scammer before they get away with your money or personal data. Check back at the blog soon for more information, tips, and financial advice for your business.
The average small business has 5 credit cards with a balance of about $32k that they have to keep track of. There’s a better way than rotating through dozens of low-limit credit cards to get the funding you need to scale when you can get it all with AdCard — the best card for Facebook ads with the high limits and more you need to grow your business.
Exclusive Cardholder Benefits