Posts

Credit Card vs. Debit Card Fraud

One difference between a credit card and a debit card is that if there’s an unauthorized charge on your credit card, you just get a little sting. It’s a hassle to straighten out. But no money is taken from you.

2CBut if someone gets ahold of your debit card information, the second they use it, depending on the nature of the transaction, your bank account will be drained. And in some cases, you can kiss that money goodbye; you got scorched. More than ever, crooks are using others’ debit card data and sucking dry their bank accounts via ATMs—in an instant.

An article on blogs.wsj.com outlines the differences between a credit card and a debit card:

  • Federal law protects you from unauthorized charges made with your credit card number rather than with the actual card.
  • In the event the credit card is in a thief’s hands, you’ll be liable, but only for a maximum of $50, provided you report the problem to the credit card company. However, in many cases a “zero liability” policy may kick in.
  • Debit cards fall under a different federal law than credit cards. Regulation E, the Electronic Fund Transfer Act, says after two days, you could be liable for up to $50. After 2 days liability jumps to 500.00. Beyond 60 days, you could be liable for all unauthorized transactions. Otherwise, federal rules are on the bank’s side.
  • Beyond 60 days, there’s likelihood you’ll never see your money again.

How does the thief get one’s card information in the first place?

  • The thief places a “skimmer” in the swiping device of an ATM or other location such as a gas pump or even the swiping device at a checkout counter. The skimmer snatches card data when the card is swiped.
  • The thief returns at some point and retrieves the skimmer, then makes a fake card.
  • Thieves may capture PINs with hidden cameras focused on the ATMs keys. So when entering PINs, conceal the activity with your free hand.
  • A business employee, to whom you give your card to purchase something, may be the thief. He disappears from your sight with your card to swipe it at some unseen location. While away from you, he skims the data.
  • The thief sends out mass e-mails designed to look like they’re from the recipient’s bank, the IRS or retailers. The message lures the recipient into clicking a link inside the e-mail.
  • The link takes them to a site set up by the thief, further luring the victim into typing in their card’s information.
  • The thief calls the victim, pretending to be the IRS or some big outfit, and lures the recipient into giving out card information.

It’s obvious, then, there are many things that can go wrong. Your best solution is to pay close attention to your statements, online or via a mobile app, frequently.

Robert Siciliano is an identity theft expert to BestIDTheftCompanys.com discussing identity theft prevention

Post Holiday Online Shopping Security

When it comes to online security, don’t let your guard down just because the holiday shopping frenzy has passed. In fact, this may be the very time to put your guard up even higher.

4HThough it’s smart to have your radar on for the scammers during the holidays, the scammers don’t exactly go slithering back under their slimy rocks once the New Year is here. So here’s how to be safe online during, and after, the holiday season.

  • Never click a link inside an e-mail. Better yet, delete, without even opening, any e-mails with subject lines promising great offers, gifts, prizes, money or other hyped-up things.
  • If you don’t see the “https” before the Web address in the address bar, the site is not secure. A secure site always has “https” preceded by a padlock symbol.
  • Be suspicious of “too good to be true” offers that are tweeted or messaged through social media.
  • Do you shop on eBay? Then shop on eBay, not through e-mails supposedly sent by eBay. These are scams.
  • Speaking of eBay, always review the feedback of the seller.
  • Another thing to look for is the domain name of anything you received via e-mail. Scammers typosquat or cybersquat on legitimate domains.
  • You can upgrade your protection by doing your online shopping only with reputable, well-known retailers. Though some purchases will be an exception (e.g., home-baked chocolate chip cookies), other purchases like electronics, appliances, linens and consumables should be purchased from trusted merchants.
  • Shop online only when your connection is secure; Unless you use a VPN, never shop in cyberspace from a hotel’s, airport’s or café’s Wi-Fi connection. And make sure your computer’s security is always updated.
  • Never use a debit card online, because if a scammer takes your money, it will be gone that instant from your checking account. With a credit card, at least you won’t have to pay the bill if the fraud is reported within 60 days.
  • Never make an online purchase with your checking account—this means money being withdrawn before you receive the product…that you might never receive anyways.
  • Check credit card statements every two weeks if it’s set up online, and check every paper statement.

Robert Siciliano is an identity theft expert to BestIDTheftCompanys.com discussing  identity theft prevention.

Fear of Fraud trumps Terrorism

Okay, what’s more likely? Getting bombed … or some punk racking up charges on your credit card?

11DThe yearly Crime Poll says that two-thirds of the respondents were edgy about data breaches involving their credit cards, as well as their computer and smartphones getting hacked—far more so than being robbed or taken hostage.

It’s easier to thwart a mugger or burglar than it is to thwart cybercrime. Just because you never click links inside e-mail messages doesn’t mean a cybercriminal won’t still figure out a way to nab you.

Interestingly, many people who’ve been digitally victimized don’t even bother filing a police report, says the survey. But a much higher percentage of burglary and mugging victims will.

Maybe that’s because 1) They know it will be easier to catch the thug, and 2) It’s way more personal when a masked man jumps you on the street and hits you with a brick, versus some phantom from cyberspace whose body you never see, voice you never hear, hands you never feel—even though they drain your bank account dry.

But which would you rather have? An ER visit with a concussion and broken nose from the mugger, or a hacked credit card? The Fair Credit Billing Act allows you to dispute unauthorized charges on your card statement and get other things straightened out. And until you pay the whopping bill, your account isn’t robbed.But if someone hacks into your debit card, they can wipe out your checking account in a flash.

The good news is that often, cyberthieves test the waters of the stolen data by making initially small purchases…kind of like a would-be mugger feeling out a potential victim by initially asking her for the time or “accidentally” bumping into her.

A credit card can have varying levels of alerts that can notify the holder of suspicious activity. An example is a charge over $1,000 nets a text message to the holder about this. However, if you set a much lower threshold, you’ll know sooner that the data or card was stolen. Don’t wait till the thief makes a huge charge to be alerted. The lower that threshold, the sooner the card company will contact you and then initiate mitigation.

You know how to prepare for a mugger (pepper spray, self-defense lessons, etc.), but how do you protect your credit and debit cards?

  • Check your credit card statements thoroughly.
  • Don’t put off contacting the company over a suspicious charge.
  • All of your devices should require a password to log on.
  • Use encryption for all of your devices.
  • Always use your bank’s ATM, never a public kiosk.
  • Never let an employee take your card out of your sight.

Robert Siciliano is an identity theft expert to BestIDTheftCompanys.com discussing  identity theft prevention. For Roberts FREE ebook text- SECURE Your@emailaddress -to 411247. Disclosures.

Stolen Business Debit Cards at Greater Risk

WE DO NOT SELL DUMPS. DO NOT EMAIL OR CALL US.

WE DO NOT SELL DUMPS

A debit card from your business, in the virtual hands of a thief, spells a mountain of trouble. The thief can generate a duplicate of your business debit card, then splurge. A “cloned” card can be swiped in a card reader, appearing legitimate.

2CBanks are not legally required to reimburse a business’s stolen money from the fraudulent debit card purchases. Nevertheless, some institutions do reimburse, but that’s only after the business owner can prove theft.

Banks are reluctant to believe businesses claiming victimship. A business may spend months, even years, using lawyers, trying to convince a bank of the crime.

Tips from creditcardguide.com for preventing business debit card fraud and getting faster reimbursement:

For purchases, use your business credit card. If theft occurs, the card company will immediately remove the fraudulent charges—and then pursue the matter.

Use the business debit card strictly for a withdrawal or a deposit. The card should be sans the MasterCard or Visa logo; it’s for deposits and withdrawals only. If you make a purchase with it on a tampered-with card reader, the thief could use your data to make purchases—that’s instant cash out of your account.

Keep tabs on your account daily; weekly at a minimum, even if your bank promises “anomaly detection” in your purchases.

Set up apps in mobile devices to allow account holders to check activity daily.

Use multi-layered protection. Set up spending limits, set up text/email alerts.

Suspicious events, such as exceeding a specified dollar amount in a purchase, should be alerted via e-mail or text.

Implement limited access by employees to your business’s cards.

Get to know your banker or credit union. Having to convince a bank that your money was stolen will be easier if you have a pre-established relationship with the institution. Does your financial institution know you? Or are you merely one of a million customers? Don’t be just another face in the crowd to your bank or credit union; it might someday save your can.

Robert Siciliano is an Identity Theft Expert to AllClearID. He is the author of 99 Things You Wish You Knew Before Your Identity Was Stolen See him knock’em dead in this identity theft prevention video. Disclosures.

Debit Cards: Signature or PIN, what’s What?

What kind of debit card do you have? The two types are direct debit cards and deferred debit cards.
2C
Direct debit

  • Use of a PIN (personal identification number), which the bank issues or you choose. Card purchases require entering the PIN, and money is taken out of your checking account on the spot.
  • PIN-based transactions cost retailers less to process, and many banks pass the transaction fee onto the cardholder.
  • Bank fees range from 25 cents to $1.50 per every PIN direct debit purchase. Not all banks blatantly notify the consumer of this, but this should be visible on the checking account statement.
  • Usually safer than the deferred version, as a thief needs to know the PIN to use the card. For obvious reasons, direct debit cards are safer for online use than are deferred debit cards.
  • Cannot be overdrafted unless you opt into overdrafting at the time of account creation.

Deferred debit

Think of a fusion between a traditional credit card and a direct debit card. Rather than on the spot of a purchase, money is withdrawn from your checking account within two or three days of the purchase.

  • No PIN required; only the signature of the cardholder.
  • Has potential for an overdraft, resulting in a fee. The purchase will get cleared even if you don’t have sufficient funds in your account.
  • The overdraft fee could be $30 or more.
  • Tend not to have any transaction fee.

Both of these cards provide a degree of protection for the consumer. With each it is essential the consumer checks their statements frequently as federal law requires banks to refund stolen funds when reported in less than 3 days and up to 60 days depending on the nature of the card.

Robert Siciliano, is a personal security expert contributor to Just Ask Gemalto and author of 99 Things You Wish You Knew Before Your Mobile was Hacked! . Disclosures For Roberts FREE ebook text- SECURE Your@emailaddress -to 411247.

Top 5 Credit/Debit Card Skimming Attacks

Credit card fraud is a multi-billion dollar industry. Skimming is one of the financial industry’s fastest-growing crimes, according to the U.S. Secret Service. ATM skimming alone is responsible for $350,000 of fraud daily exceeding a billion dollars in losses annually.

Skimming can occur in a few different ways;

Wedge Skimming

The most common skim is when a store clerk/waiter etc. takes your card and runs it through a card reader device that copies the information from the magnetic strip. Once the thief has the credit or debit card data he downloads it to his PC then he can burn the data to a gift card or blank “white card” or place orders over the phone or online.

POS Swaps

EFTPOS (electronic funds transfers at the point of sale) skimming occurs when the point of sale terminal is replaced with a skimming device. People commonly swipe both credit and debit cards through the in-store machines to pay for goods and services at these outlets. This is what happened to Stop and Shop. In Australia, fast food chains, convenience stores, and specialty clothing stores are bearing the brunt of the crime. McDonald’s is among the outlets whose EFTPOS machines have been targeted.

ATM Skimmers

Criminals can also place a card reader device on the face of an ATM, which appears to be a part of the machine. The device may have wireless Bluetooth or cellular technology built to obtain the data remotely.   It’s almost impossible for civilians to know the difference unless they have an eye for security, or the skimmer is of poor quality. Often, the thieves will hide a small pinhole camera in a brochure holder, light bar, mirror or car stereo looking speaker on the face of the ATM in order to extract the victim’s pin number. Gas pumps are equally vulnerable to this type of scam.

Data Interceptors

Another type of gas pump skim is pulled off due to a common set of keys that will open almost any gas pump. Criminals pose as fuel pump technicians and access the terminal with the master keys. Once inside they access the wires that connect the key pad/card reader and piggyback a device inside the pump that reads all the unencrypted card data.

Dummy ATMs

In some cases an ATM is bought off of eBay (do a search) or elsewhere and installed anywhere there is foot traffic. The machine is set up for one purpose; read/copy data. The machine might be powered by car batteries or plugged in the nearest outlet. I bought one off Craigslist for $750 from a guy named Bob at a bar. How you like them apples.

When credit card information is skimmed, hackers can copy the data on blank cards, gift cards, hotel keys, or “white” cards. White cards are effective at self checkouts, or when the thief knows the clerk and is able to “sweetheart” the transaction. A white card can also be pressed with foils to look like a legitimate credit card, as seen in this video.

To help combat ATM Skimming, ADT unveiled the ADT Anti-Skim ATM Security Solution, which helps prevent skimming attempts and detects skimming devices on all major ATM makes and models. ADT’s anti-skim solution is installed inside an ATM near the card reader, making it invisible from the outside.

Consumers must check their statements online weekly or at least their papers ones monthly. Refute unauthorized charges immediately. Federal law allows up to 60 days to dispute a charge. After that you may be paying for an identity thief’s Vegas bender. Whenever entering a PIN always cover the keypad with your other hand.

Robert Siciliano personal security expert to Home Security Source discussing ATM skimming on Fox Boston. Disclosures.