How credit card fraud happens

This month, our topic is on scams, examples and what to do if you have, or think you have been scammed. I regularly have subscription customers contact me saying they need to update their credit card details because they have or potentially have fallen victim to a scam.

So, I thought it would be a relevant and useful topic for our Te Atatu Toasted community. When I was discussing this with Sheryl, who helps me with writing our weekly blogs, she asked me if I could go out to my community to see if people would be willing to share their experiences. She then came back to me about an hour later and said, no need, I already have more than enough examples. Sadly, it is so common and can be so devastating or at the very least a real hassle having to cancel cards and get new ones.

How credit card fraud happens

The number of deception and fraud offences - including credit card fraud – reported in New Zealand surged from 288,000 cases in 2021 to 510,000 last year.

And these stats from the New Zealand Crime and Victims Survey are just the tip of the iceberg – the Ministry of Justice says only about a quarter of crimes are reported so the real number of fraud and credit card fraud offences could be much higher.

So, what are the most common types of credit card fraud and scams, and how can we protect our credit card security, given that New Zealanders spent $6.07 billion online last year.

Types of credit card fraud and common scams
Here are just a few of the ways criminals can compromise your credit card.

Overcharging scams – scammers call or send a text or email claiming the victim’s credit card has been overcharged for a product or service. They then offer to organise a refund but the cardholder has to release sensitive information for that to happen. Often, they will pretend to represent a well-known provider such as Netflix or a mobile phone company. Once they have the information, they use it to add fraudulent charges, including cash transfers, to the victim’s credit card.

This is what happened to Stacey*, who describes “feeling sick” the moment she realised scammers had taken $4500 from her credit card. She’d answered her phone to a caller claiming to be from a well-known streaming service, alerting her to the fact that her subscription was being renewed. It was the scammer’s lucky day – Stacey had just asked her son to cancel the family’s subscription to that service. Feeling cross he hadn’t done what she asked, she followed the caller’s instructions to allow the company to process a refund. It involved pushing buttons on the phone which gave the scammers access to her Google Pay account. It was a fairly sophisticated scam – the scammers emailed her a link as a ‘two-step verification’ and she spoke to three different “staff” at the company, including someone from the finance department and, when she began to express concerns that she was being scammed, a more senior manager. By the time she realised it was a scam, hung up and called her bank, they had transferred $4500 from her credit card to a Wise.com, an online service that allows customers to send money to different countries around the world. Fortunately, because Stacey reported the scam immediately and could alert the bank to the fact the money had been transferred to a Wise account, the money was recovered. However, Stacey had an anxious five to six weeks waiting to hear if she would get a refund.

*Name has been changed

Donation scams –the scammer calls, pretending to be from a legitimate charity and asks you to make a donation over the phone. They will ask for credit card details, which they can then use to add fraudulent charges, including cash transfers to your card.

Phishing scams– these are similar to overcharging scams. The criminals pose as a legitimate company or service but provide fraudulent instructions or links to gain access to sensitive information. A common phishing scam might claim account details for a credit card need to be updated, that an account has been compromised and must be recovered or a security check is necessary. The target of the scam may be asked to relay sensitive information over the phone or may be directed to a fake website that allows the scammer to collect this information.

Online shopping fraud
Shopping online has become commonplace in recent years, with online spending reaching record highs during Covid. However even legitimate online retail websites can be hacked by criminals who may be able to extract credit card details of the site’s users. Scammers also create fake shopping websites that look like genuine e-commerce stores but are designed to steal your money. Check out the tips for shopping online safely in the How to Avoid Credit Card Fraud section below.

Malware
Scammers can install malware or spyware on your personal computer – this harmful software can then steal your credit card details or password information and share it with others. Keyloggers are a particularly insidious type of spyware that record everything you type. This includes credit card numbers, passwords, emails, and more, and sends them to the hacker.

Data breaches

Lots of organisations, including Facebook and LinkedIn, have reported data breaches in recent years. A single data breach can expose tens of millions of credit card numbers to hackers. Once hackers obtain the details, they can use them to make fraudulent transactions.

How to avoid credit card fraud

• If you suspect you are being scammed on the phone hang up.
• Never give out personal details or credit card details via email or to someone who has called you. Call the provider on an official number listed on a website to verify it’s a legitimate request.
• Never provide answers to security questions on an unsolicited call, and never tell anyone your credit card pin number.
• Before entering your credit card details online, always check to make sure the address is ‘https’ instead of ‘http’. The ‘s’ shows that site is using an encryption system, scrambling your information and making it hard for hackers to follow your details.
• Use an online payment service such as PayPal. This hides your credit card details from the store or seller you are buying from and reduces your exposure to hackers and fraudsters.
• It’s safer to use a credit card for online transactions than a debit card. You can dispute fraudulent charges on a credit card but it’s harder when you’ve paid with a debit card as the money has come straight out of your personal account.
• Don’t make online purchases or transactions on a public computer or public wifi. Even if you are extremely careful about logging out, hackers may have installed a programme to track your keystrokes which would give them access to your usernames and passwords.
• Trust your instinct. If a website looks poorly designed or contains lots of spelling mistakes, don’t use it. If you have been emailed a link to a great deal, head to the company’s website directly rather than clicking on the link. If a deal sounds too good to be true, it probably is!
• Keep a close eye on credit card transactions. It’s a good idea to check these every few days to ensure you have authorised all the charges that appear.

If you suspect you have been the victim of credit card fraud or a scam involving your credit card, contact your bank immediately. The sooner you alert the bank, the more likely they are to thwart the scammer. Save your bank’s number in your mobile phone to make it easy to call them quickly. Some banking apps allow to you to temporarily lock your credit card from your mobile phone – find out if you have that facility as it can give you peace of mind if you suspect you have been scammed and are on hold waiting to speak to someone at the bank.

This is the first in our series on scams, next week, we will look at how scammers attack your social media.