- Platinum Member
- Posts: 93
- Joined: Wed Aug 17, 2011 10:53 pm
- Location: USA
There have been a lot of threads popping up with questions like, "How do these fraudulent charges happen?" and "How could the person not know it was me when they swiped the card?" and I thought that maybe I could take a moment to address some of these questions and put in my 2 cents.
Owing to previous employment history, I have had perhaps a unique insider's look into the situation which is how I manage to have this information, but also owing to said employment, I am also limited in what I can say.
That said, here are just a few ways credit card information can be 'stolen':
1) Stripe Reader Has Been Bugged to Send Information to an Unauthorized Third Party
This happened to myself, actually. I had my card's mag stripe information unknowingly copied and stolen and sent to a third party who either sold the information or used my card across the country themselves.
I had made a stop at an out-of-town convenience store and had no cash to make my purchase and so I swiped. Within a week, my card was temporarily closed out so my card company could investigate. Within a month or so afterwards, that convenience store got busted for having a bugged credit card processor because apparently, other customers had experienced the same credit card information theft that I had which had traced back to that convenience store.
2) An Internet Purchase Was Not Secure
This is a huge reason not to buy anything from non-reputed places online as you can never be too sure of their credit processing system.
If your credit card company offers virtual throwaway single-use or X-number-of-uses account numbers, use those to make your online purchases with if you're not comfortable sharing your real account number.
3) Internet Stored Information Was Not Secure or Was Secure but Cracked
Be it in your email, on your smartphone in an app, saved in your online shopping account someplace (where the database got hacked into), this is another way credit card information can get leaked out.
4) Thrown Away Credit Card Information Was Pieced Back Together
Most card companies have done away with the whole 'printing the entire account number on the statement' thing, but some have not and simply tossing those sorts of documents without finely shredding or burning is dangerous.
5) Someone You Know 'Stole'/'Borrowed' the Information
Some people laugh at children using their parents' iPhones to make 'accidental' purchases through the App Store and think it's kind of cute, but in reality, there's nothing cute at all about children who can and do 'borrow' their parents' credit information and sometimes even identities and use it without permission.
Listen, YOUR wallet is YOUR wallet and YOUR cards - including ID - are YOURS. If you want to let your kid do his or her own shopping, then let them do so as an AUTHORIZED USER where they have their OWN card linked to yours where you can monitor their activity.
This will save both you, your kid, and the place that you all shop at a LOT of unnecessary drama and hassle. Kids - especially teenagers - being given their parents' credit cards to do some back to school shopping is a fairly 'normal' occurrence on an occasion, but in this day and age where we have ramped up identity theft and credit card theft, it is VERY difficult to figure out who is legit and who is not.
Moving on, here are some situations I have personally seen:
1) Person is Using a 'Masked' or 'Disguised' Card and ID is Real
Bad Person who has a legitimate and 'secure' ID is using a card which matches their name... BUT looks like it's either been printed non-professionally (NOT coming from the company that supposedly issued it) or that the card - numbers and name included - has been 'resurfaced' and given a different look.
2) Person is Using a Real Credit Card but the ID is Fake or Looks Fake
Bad Person is using a legit credit card... BUT shows an ID that may or may not look questionable that upon scanning (if scanned in the first place), scans as non-secure and fake.
3) Person is Using a 'Masked' or 'Disguised' Credit Card AND their ID is Fake or Looks Fake
A combination of example 1 and 2.
4) Person is a Supposed Authorized User or Joint Holder of the Account
This one applies mostly to store accounts where, depending on the store, account information can be retrieved at the POS through a combination of query methods and then utilized if the ID matches the user in question. As fully legitimate Authorized Users or even Joint Holders may not show up in the system when account information is successfully retrieved, some stores will still allow the purchase to go through.
All that said, perhaps it becomes evident how credit card information theft can happen so easily nowadays.
How did Bad Person get away with making all those fraudulent purchases?
It's because 1) card-checking and ID-checking (YES, credit and debit cards AND IDs -can- be checked for security) is not utilized enough - either out of discouragement or even outright hostility, or 2) no one even BOTHERS to check in a situation where card and ID could have been checked, or 3) a check wasn't necessary (at the pump for example where a zipcode is used instead), and 4) the situation falls into the jurisdiction of the actual police along with the credit card company in question and so... the store that processed the transaction just simply kind of shrugs.
And, adding to all of this is the advent of 'Cash for Gift Cards' which has thrown the rate of credit card fraud UP and it is only going to GO -FURTHER- UP over time until a crackdown happens.
In the meanwhile... keep reporting any and all unauthorized purchases and encourage your card companies and the stores in question where the questionable transactions happened to crack down on all of these things.
Owing to all of the, "OMG, NO CHECKING ID EVER!!!111" sentiment and regardless of what actual contracts between card companies and businesses dictate, businesses and their associates either don't check or don't care to check or are scared away from checking. Furthermore, card companies can't agree on how to implement further security measures, either, and so no further security features have been implemented (say, a PIN code for credit transactions in addition to signing).
The end result?
Every last one of the situations I have detailed above - situations that I have seen on a DAILY basis.
And funny enough, many of those situations could have been stopped (at least at that Point of Sale where the Bad Person meets a Sales Associate face to face and reported to Loss Prevention and the Local Police) or at least heavily discouraged, if only.
AMEX: Everyday (MR), Macy's (cobranded)
MASTER: Citibank Dividend Platinum Select (non-World version)
VISA: Chase Amazon Signature, Chase (bank issued)
GE: Care Credit (medical expenses), Macy's (store), JCP (store)
AMEX: Costco True Earnings
VISA: Chase Ink Cash