Cybercriminals have a small time window within which they can use (or misuse) your credit card information before your bank cancels it. They have to get going quickly to take full advantage of their loot. Here’s a look at the modus operandi typically followed by credit card thieves and the precautions you can take to safeguard your money and reputation.
Usually, the thieves are in the ‘business’ of stealing credit card data from several unsuspecting victims. So they will first add your stolen card data to their reserves. Then, they will sell your card number to cybercriminals on websites that have been set-up to process such transactions. The buyer may immediately start using your data at online retailers or resell the data to another party. Cybercriminals have also been known to print fake credit cards with stolen data for use in brick and mortar stores. Many a time, the intention is to purchase goods in bulk that they can resell for cash.
Not every stolen credit card is worth the same price!
Some credit cards are more valuable to cybercriminals than others. For starters, the card must be active, allowing them to make transactions from the get-go. If credit card thieves sell the card along with the victim’s address, and more information can be affixed to it such as date of birth, Social Security Number, etc, the card is deemed more valuable.
Sometimes, the thieves are also familiar with the victim’s purchasing behavior. This information is useful for cybercriminals who can then impersonate the victim and mimic his/her buying behavior to increase the chances that a fraudulent charge may go unnoticed by the victim or financial institution.
What measures can you take to prevent credit card theft?
Most people realize that their credit card data has been stolen only after their bank intimates them about fraudulent activity with their card. What if cybercriminals have already created fake cards with your data and shopped like there’s no tomorrow?
There is no guarantee that you will not fall victim to credit card theft even with safety mechanisms in place. What matters is that you spring into action immediately to prevent rampant misuse of your card data. To do that, you need to catch fraudulent charges as soon as they occur, and the only way to do it is to stay on top of your bank and credit card statements. Check your credit card reports frequently to identify unfamiliar accounts and have them closed down.
If you are a business owner who gathers credit card information from customers, going beyond Payment Card Compliance to secure customers’ credit and debt card data can help you more effectively address the risk of data breach.
Wireless is a simple way that attackers use to get into networks. Make sure that the computer privileges on your network and passwords are deployed to resist attacks. An example of poor security would be an exposed server that doesn’t require a password for entry, allowing easy access to the backend where files containing credit card numbers are housed. Similarly, remote access to your business network must not contain a side door leading potential hackers to credit card data.
Teach your employees to recognize and avoid suspicious email. In particular, cybercriminals use phishing scams to gain access to a company’s network or personally identifiable information. Phishing scams can be identified by watching out for spelling mistakes and threats like ‘act now or your account will be disabled’ in emails asking for credit card details and confidential information. Employees must also be instructed not to open suspicious links. For instance, if the link is for a financial website but upon hovering upon it, it shows a different domain, then a phishing scam can be confirmed.
Have you been a victim of a data breach? Tell us your story and we’ll post it on our blog. Otherwise, if you have and you want to ask some questions about protecting your identity we can put you in touch with a few amazing companies.