Credit card fraud is a subject that most people want to avoid, and understandably so. However, a basic understanding of what constitutes credit card fraud, how it occurs and how to prevent it can help merchants and consumers protect themselves and keep their financial information safe.
A good working definition of credit fraud that applies to both credit and debit cards is that it’s a form of identity theft involving unauthorized taking of a person’s credit or debit card information for the purpose of charging purchases to the account or removing funds from it. According to the website FindLaw®, this can occur in a number of ways:
- A person fraudulently obtains, takes, signs, uses, sells, buys, or forges someone else’s credit or debit card or card information.
- A person uses his or her own card with the knowledge that it is revoked or expired or that the account lacks enough money to pay for the items charged.
- A person sells goods or services to someone else with knowledge that the credit or debit card being used was illegally obtained or is being used without authorization.
There are two basic categories of credit card fraud — application fraud and account takeover. Application fraud occurs when an unauthorized person opens a credit card account in another person’s name. They accomplish this by obtaining enough sensitive personally identifiable information (PII) about the victim to complete a credit card application, or they create convincing counterfeit documents. Basically, they steal the victim’s identity to commit credit fraud and other crimes; this is commonly known as identity theft. Application fraud is especially serious because the victim may never learn about the fraud until it’s too late to prevent it.
An account takeover usually involves a hijacking of an existing credit or debit card account by a criminal who has gathered enough PII about a victim to change the account’s billing address. The perpetrator then reports that the card has been lost or stolen in order to obtain a new card and make fraudulent purchases with it. Another method fraudsters use to take over an account is by “skimming”, which occurs when a business employee accesses a customer’s card information illicitly by sliding it through a simple handheld card reader that records the data. They then either sell the information to thieves who use it to clone cards or use it themselves for unauthorized purchases.
Sensitive PII includes date and place of birth, Social Security and passport numbers, financial information, driver license numbers and other demographic, employment and education information. Credit thieves get their hands on it in a variety of ways, including stealing it from your mailbox, searching through trash for account statements, sending an unsolicited email (known as “phishing”), making a false telephone solicitation that tricks you into revealing the information, or breaching your personnel or medical records.
The Federal Trade Commission advises consumers to incorporate some common sense “best practices” into their everyday routine to help protect against credit card fraud. They include not giving account information to anyone on the phone unless you’ve initiated the call and you know the company is reputable, carrying your cards separately from your wallet to minimize your losses if a theft occurs, and keeping an eye on your card at the point of sale and making sure that it is returned to you at the end of the transaction.
Finally, if your card is lost or stolen, call the issuer immediately to report it. Once you’ve done that, you have no additional financial responsibility for charges you did not make, and your liability for each lost or stolen card is limited to $50.