Credit Card Fraud booming

Online credit card fraud is flourishing, according to the U.S. Retail Fraud Survey 2014. One of the reasons is because online sales are ever on the increase, currently accounting for 6 percent of total sales, says the report, the most extensive of its kind. The projection is that within three years, retailers will be getting 15 percent of their sales online.

2CThe survey was carried out between April and May of 2014, and dealt with primary research into the processes, systems and strategies that were used by 100 of the U.S.’s leading retailers, representing 126,000 stores in the U.S.

The loss prevention manager or director for each retailer went through a detailed interview. Also interviewed was the e-commerce manager or director (if the loss prevention leader wasn’t available) regarding their prevention tactics for online fraud.

The survey has a few changes this year. Only the retailers who participated can see the detailed results. Plus, the report has an anonymous portion to help with quality and availability of the most critical data. These tweaks will assist retailers with their war against fraud.

Online fraud is higher on everyone’s radar due to so many high profile hacks. In fact, the study indicates that spending on online fraud prevention has gone up by 50 percent. Though this is good news, it hardly crushes the reality that credit card fraud continues to demonize retailers, requiring detection, prevention and management.

Protect your data:

  • Maintaining updated operating systems, including critical security patches
  • Installing and running antivirus, antispyware and antiphising software and a firewall
  • Keeping browsers updated with the latest version
  • Updating all system software, including Java and Adobe
  • Locking down wireless Internet with encryption
  • Setting up administrative rights and restricting software, such as peer-to-peer file sharing, from being installed without rights
  • Utilizing filtering that controls who has access to what kind of data
  • Utilizing Internet filters to block access to restricted sites that may allow employees or hackers to upload data to Cloud-based storage
  • Possible disabling or removing USB ports to prevent the downloading of malicious data
  • Incorporating strict password policies
  • Encrypting files, folders and entire drives

Robert Siciliano is an Identity Theft Expert to AllClearID. He is the author of 99 Things You Wish You Knew Before Your Identity Was Stolen See him knock’em dead in this identity theft prevention video. Disclosures.

Prepaid Cards risk of Fraud

Somewhere out there is a dictionary that when you look up the term wire money, the definition says scam! Even though legitimate money-transfer businesses exist like Western Union, a request to wire money for that new car or vacation package is most probably a rip-off.

2CAnd the crooks behind these rackets are figuring out ways to overcome the increased awareness of consumers to the money-wiring scams. They’ve come up with yet another way to steal your money. Thieves are requesting reloadable prepaid cards.

Would you hand a well-fed-looking masked man on the street your wallet? (Let’s pretend for a moment he’s not pointing a gun at you and is simply asking for your money). Of course you wouldn’t give it to him.

But this is what people essentially do when wiring money or sending in the prepaid cards.

Here’s how it works: The thief makes a request to load your cash onto your card (to pay for whatever), and then send over the card number and PIN. This way, the crook can put your money onto their own cards. They then can go to an ATM and take out cash or spend your money at a store. Meanwhile you never receive the item you thought you were purchasing, like that adorable pedigree puppy you saw online.

But the scams don’t stop at buying puppies, vacation packages, cars or other common items. They can also come in the form of a notice that you won a prize, and that you need to send in a prepaid card to pay a processing fee. Sometimes the scam comes in the form of a utility company payment or even government payment.

Bottom line: Don’t send anyone prepaid cards!

In that same dictionary after the term prepaid cards is scam!

Robert Siciliano is an identity theft expert to BestIDTheftCompanys.com discussing  identity theft prevention. For Roberts FREE ebook text- SECURE Your@emailaddress -to 411247. Disclosures.

10 simple Ways Identity Thieves steal your Credit Card

There are 10 basic ways a crook can easily rob your identity by getting at your credit card or open a new credit card in your name, but there are also ways you can prevent this from occurring.

2CSimple Thievery

Leave a window open and a thief can slide through, then steal your stuff. He can even slide an arm through your car’s open window while you’re filling the tank at a gas station. To prevent this, keep house windows closed as much as sensibly possible; keep important documents locked up; keep car windows rolled up and doors locked when you’re out; and keep your wallet/purse hidden.

Employee Records

Your employer has your private information and in some cases a credit card number, which an identity thief could get access to. To prevent this crime, ask your employer how your personal information is stored. Be on the lookout for things you’d never expect.

Change of Address

An identity thief may file a change of address form in your name. He’ll get all your credit card related mail or your Social Security number. To prevent this, watch for change-of-address notices in your mailbox. If you stop receiving credit card statements, call the company.

Social Media

Your online profile may have all the information a thief needs to steal your identity. Prevent this by deleting personal information. Give answers to the security questions of financial accounts that don’t appear on your social media pages.

Mailbox Theft

A crook can easily abscond with mail (incoming and outgoing) relating to your credit cards and bank account. To prevent, get a locking mailbox and don’t delay retrieving new mail. When mailing letters, use an official Post Office mailbox or go to the post office.
Dumpster Digging

If you see someone foraging through the trash, they’re not necessarily looking for food or cans or metal. They can be searching for paper: a credit card statement, credit card offer or anything with your important numbers on it. To prevent, use a shredder, and go to electronic statements when possible.

Shoulder Snooping

The thief will peer over your shoulder to see your transaction (credit card number, password, whatever data is there). To prevent, cover your card number at a cash register and mask your PIN as you enter it in a keypad or ATM. When using your laptop for ecommerce, sit against a wall. If this isn’t possible, keep the screen at an angle that only you can view or get a 3M Privacy Filter. Google it.

Phony Call

The thief calls you, claiming to be a rep from your credit card company, asking you to confirm personal information. The thief then contacts your credit card company and poses as you…Please just HANG UP!! Call back the credit card company using the number on the back of your card to confirm any potential issues. Never give personal information over the phone if that person has called you.

Pickpocketing

These snakes slither in and out of crowds, often without being noticed, non-violent but very efficient. Prevent being their target by keeping your wallet hidden and not easily accessed.

Cloned Cards

Once all the damage is done and your card number is stolen, criminals can create exact duplicates of your card using foils and laminators burnt onto blank cards that can be purchased online.

Robert Siciliano is an identity theft expert to BestIDTheftCompanys.com discussing  identity theft prevention. For Roberts FREE ebook text- SECURE Your@emailaddress -to 411247. Disclosures.

Credit Card Fraud Security Bleak

The U.S. is no Superpower when it comes to card payments: the card hacking headquarters of the world.

2CDon’t count on credit card fraud going away too soon. After all, Americans practically sleep, eat and breathe credit card use. And it’s those doggone magnetic strips on the cards that keep getting consumers, retailers, banks and the card companies in a fix. The strips make it so easy for hackers—and they know it.

It’s high time that the U.S. switch to encrypted chips in the cards—ready to be launched soon, but security experts aren’t breathing easy yet. The squabbling among banks, card companies and retailers over who’s responsible for protecting consumers isn’t helping, either.

Recently Congress demanded that the financial and retail industry leaders come up with plans for securing customer data. And they’d better act soon or consumer trust in these cards that drive the U.S. economy will take a big dive.

“This has the potential for people to question the viability of our payment system,” points out Venky Ganesan, venture capitalist with Menlo Ventures. Cards are the bread and butter of America, responsible for about 70 billion payments last year, worth $4 trillion (Nilson Report).

Only 11 percent of merchants are sufficiently compliant with the credit card security standards, says a study from Verizon Enterprise Solutions.

The magnetic strip, as innocuous as it appears to the typical consumer, stores that consumer’s personal financial information. Most other nations ditched this “antiquated” system years ago, using instead the EMV: based on chip technology, securing payment transactions.

The payments industry, however, has named 2015 as a deadline to get the chip technology going. But all things considered, that’s still a long ways off. And retailers are whining over the many billions of dollars it will take to replace point-of-sale technology.

Robert Siciliano is an Identity Theft Expert to AllClearID. He is the author of 99 Things You Wish You Knew Before Your Identity Was Stolen See him knock’em dead in this identity theft prevention video. Disclosures.

Older Technologies Facilitate Credit Card Fraud

America the Superpower is also the super choice for criminals wanting to steal credit card information. Security experts warn that this problem will get worse before it improves.

1CThat ancient technology of the magnetic strip on the back of credit and debit cards is a godsend to criminals. The easy-to-copy band stores account information using a technology the same as that of cassette tapes. U.S. credit card technology has not kept up with fraudsters. One challenge facing the industry is that it is very expensive for companies to upgrade their credit card security.

When a card is swiped, the strip allows communication between the retailer’s bank and the customer’s bank: 1.4 seconds. That’s enough time for the network to record the cardholder’s information on computers controlled by the payment processing companies.

Hackers can snatch account data (including security codes) as it crosses the network or steal it from databases. Though the security code is required for most online purchases, thieves don’t care as long as the magnetic strips are easily reproducible and placed on fake cards—which they then use for purchases or sell the card data online. Three bucks will get you a fraudulent card with limited customer information and a low balance.

You’ll have to wait at least until the fall of 2015 for U.S. credit card companies to ditch the magnetic strips for digital chips. Retailers want more: each transaction to require a PIN rather than signature.

What can retailers do in the meantime?

  • Internet-based payment systems should be protected from hackers with strong firewalls.
  • Data should be encrypted, so that hackers see gibberish.

This may be easier said than done, because implementing these safeguards isn’t cheap. The U.S. lags behind most other nations when it comes to credit and debit cards; most countries’ cards use the digital chips that contain account information.

Every time the card is used, the chip generates a code that’s unique. This makes it a lot harder for criminals to duplicate the cards—so difficult, in fact, that usually they don’t even bother trying to replicate them. It would really be great if the U.S. could catch on to this technology.

Robert Siciliano is an Identity Theft Expert to AllClear ID. He is the author of 99 Things You Wish You Knew Before Your Identity Was Stolen See him knock’em dead in this identity theft prevention video. Disclosures.

Protecting Yourself from Debit Card Fraud

A thief got ahold of woman’s debit card information and raided her bank account. This true story is described in a recent St. Louis Post-Dispatch article.

9DThieves can wire money over the Internet and get the cash by showing a false ID, says the article. This kind of fraud is more common than people think. In the woman’s case, Visa detected the theft quickly and she got her money back. Many victims, though, learn they were robbed only after a check bounces.

You can’t 100 percent prevent card fraud because thieves hack into computers at banks and retailers to get card information. A clerk, even, can run your card through electronic skimmers to duplicate it. Skimmers are then swiped through ATM machines or gas pumps, ripping you off. However, there are ways you can reduce the fraud.

Don’t be phishing bait. An e-mail comes to you claiming you must make a payment and includes a link where to do this. These scam e-mails make gullible people think they’re from banks, retailers, even what seems like the IRS. The link to a phony website entices victims into typing in their bank account or credit card numbers: a done deal for the thieves.

Review bank and credit card statements promptly. Reporting something suspicious within two days means minimal liability with bank accounts. Wait too long and you may never recover your loss.

Never lose sight of your debit card. Always watch clerks swipe it. Don’t hand it to anyone else at the store.

Consider ditching the debit/credit card. Use an ATM card and a separate credit card rather than the combo.

Never give your card to anyone. This means a caregiver, nanny, dog sitter, relative—you never know what they may do.

Never give your card or account information to someone who phones you.

Never leave your checkbook around where someone can get at it. The St. Louis Post-Dispatch article reports the case of a man whose girlfriend’s heroin-addict son found his checkbook and wrote checks totaling $40,000 before he realized he’d been robbed.

Robert Siciliano is an identity theft expert to BestIDTheftCompanys.com discussing  identity theft prevention. For Roberts FREE ebook text- SECURE Your@emailaddress -to 411247. Disclosures.

Debit Cards: Signature or PIN, what’s What?

What kind of debit card do you have? The two types are direct debit cards and deferred debit cards.
2C
Direct debit

  • Use of a PIN (personal identification number), which the bank issues or you choose. Card purchases require entering the PIN, and money is taken out of your checking account on the spot.
  • PIN-based transactions cost retailers less to process, and many banks pass the transaction fee onto the cardholder.
  • Bank fees range from 25 cents to $1.50 per every PIN direct debit purchase. Not all banks blatantly notify the consumer of this, but this should be visible on the checking account statement.
  • Usually safer than the deferred version, as a thief needs to know the PIN to use the card. For obvious reasons, direct debit cards are safer for online use than are deferred debit cards.
  • Cannot be overdrafted unless you opt into overdrafting at the time of account creation.

Deferred debit

Think of a fusion between a traditional credit card and a direct debit card. Rather than on the spot of a purchase, money is withdrawn from your checking account within two or three days of the purchase.

  • No PIN required; only the signature of the cardholder.
  • Has potential for an overdraft, resulting in a fee. The purchase will get cleared even if you don’t have sufficient funds in your account.
  • The overdraft fee could be $30 or more.
  • Tend not to have any transaction fee.

Both of these cards provide a degree of protection for the consumer. With each it is essential the consumer checks their statements frequently as federal law requires banks to refund stolen funds when reported in less than 3 days and up to 60 days depending on the nature of the card.

Robert Siciliano, is a personal security expert contributor to Just Ask Gemalto and author of 99 Things You Wish You Knew Before Your Mobile was Hacked! . Disclosures For Roberts FREE ebook text- SECURE Your@emailaddress -to 411247.

Merchants: Do you know where you Card Data is?

Card fraud affects merchants, not just shoppers. The Data Security Standard 3.0, released by the Payment Card Industry (PCI), urges companies to create a data flow diagram. This diagram would reveal all the systems, applications and employees who have access to cardholder data.

1D“In the majority of compromises we’ve seen over the past few years, the merchant was trying to do the right thing but was unaware that cardholder data existed in a location that was not being protected,” states Troy Leach, PCI’s Security Standards Council chief technology officer, to StorefrontBacktalk.

Data flow diagrams include all types of data pertaining to users, suppliers and customers, and businesses should do a full analysis of their systems to know what’s what.

Businesses should also learn details about security levels at all stages, and figure out whether different data is covered under PCI jurisdiction or the protocols of foreign entities.

Data must be “overlaid with a diagram of servers on- and off-premise, and all mobile devices, including those owned by employees,” reports PaymentsSource.

Merchants should know where all their cardholder data is; how their organization operates; and “how their customer’s cardholder data moves throughout their environment,” says Leach, so they can formulate decisions that will minimize risks and costs.

PaymentsSource recommends mapping the application of data flows, since businesses today are “super-interconnected” to other networks.

January of 2015 is when PCI’s Security Standard 3.0. will be in full effect. In the meantime, retailers should promptly start creating data flow diagrams.

Oregon-based iovation Inc. has created an exclusive network of global brands across the retail industry and others, with thousands of fraud professionals reporting more than 10,000 fraud and abuse attempts each day.

iovation’s shared database contains more than 1.6 billion unique devices including PCs, laptops, iPhones, iPads, Android, Blackberries—practically every Internet-enabled device that exists.

Many big brand retailers use this device reputation service to detect fraud early by not only customizing their own real-time rules to set off triggers, but by leveraging the experiences of other fraud analysts to know if the device touching them at this moment has been involved in chargebacks, identity theft, bust-outs, and any other kind of online abuse you could imagine.

Robert Siciliano, personal security and identity theft expert contributor to iovation. He is the author of 99 Things You Wish You Knew Before Your Mobile was Hacked! See him knock’em dead in this identity theft prevention video. Disclosures. For Roberts FREE ebook text- SECURE Your@emailaddress -to 411247

8 Tips to prevent post Holiday Credit Card Fraud

With your cards being used online, over the phone and in person it’s easy to lose track of purchases. The key is keep good records and be diligent about your security. Here are eight great tips that will go a super long way in preventing post holiday account takeover in the form of credit card fraud.

2C#1. To ensure your best chances of escaping fraudulent activity involving your credit card (which can occur even if the card isn’t stolen), follow these tips:

  • Go over every transaction online and account for it. Inquire about unfamiliar purchases with family members who are permitted to use your card.
  • Immediately phone the card issuer if you spot a suspicious transaction.

#2. Document order confirmations. Screenshot the final confirmation page of your purchase, and save the confirmation e-mail.

#3. Personal information protection. Before you buy online, review the website’s privacy policy regarding personal information requests and how this will be used. Consider it a red flag if you can’t find this information.

#4. Online purchase security. A secure website will have an icon of a padlock, followed by https:// before the website address in the URL. There are also many toolbars that offer a greet/red color code this is usually a feature in most browsers.

#5. Phishing scams. If any e-mails come your way requesting your personal or financial information, don’t click the malicious link inside; delete immediately. Some scam e-mails try to convince you there’s a problem with your order. Contact directly the site of purchase to verify whether or not there’s an issue with your order. Do not investigate this through the e-mail message.

#6. Beware of skimming. Carefully observe employees whom you hand your credit card to for purchases. A crooked employee may scan the card to obtain your number.

#7. Always take the credit card receipt, no matter how small the purchase.

#8. If you think your identity has been stolen in regards to new account fraud then you need to step it up.

  • If you suspect fraud, contact Equifax, Experian and TransUnion to issue a fraud alert on your credit reports.
  • Pull your credit reports from these three bureaus to check for any suspicious accounts in your name. Check your credit reports again in six months.
  • Pull your credit reports for inspection (it’s free) every 12 months as a smart measure.
  • Get a credit freeze
  • Invest in identity theft protection.

Robert Siciliano is an identity theft expert to BestIDTheftCompanys.com discussing  identity theft prevention. For Roberts FREE ebook text- SECURE Your@emailaddress -to 411247. Disclosures.

Card Not Present Transaction Fraud can be stopped

Credit card fraud, despite measures to stomp it out, still runs rampant in America. Forty-seven percent of credit card fraud consists of card-not-present (CNP) fraud. This includes payments via snail mail, phone and Internet.

2CThe U.S. is headed towards EMV (chip) card technology, notes Scott Zoldi in FICO’s Banking Analytics Blog. Though chip-based authentication technology may cause non-CNP fraud to decline, don’t count on this same effect for CNP fraud, adds Zoldi.

There’s light at the end of this tunnel, however. Attempts at card fraud have risen, but the average loss per compromised account dropped by 10 percent. The ratio has been the same for fraud to non-fraud spending. The volume of card fraud that has increased correlates to the volume of increase in shopping with credit cards in the first place, writes Zoldi.

How can you spot CNP fraud? Visa offers the following warning signs for this type of crime:

  • Orders consisting of several of the same product
  • Orders full of big-ticket merchandise
  • Transactions that have similar account numbers
  • Shipping that goes out to an international address
  • Transactions placed on several cards, but the shipping goes to a single address.
  • Multiple cards that are used from one IP address

Oregon-based security firm iovation can stop fraudsters and keep them out for good. Reputation Manager 360 goes beyond personally identifiable information (PII) to prevent fraud. By identifying the devices connecting to the retailers site and assessing their reputation, their service instantly gives businesses the full story about any card-not-present (CNP) transaction.

Robert Siciliano, personal security and identity theft expert contributor to iovation. He is the author of 99 Things You Wish You Knew Before Your Mobile was Hacked! See him knock’em dead in this identity theft prevention video. Disclosures. For Roberts FREE ebook text- SECURE Your@emailaddress -to 411247