Credit Card Fraud is on the Rise — Are Your Customers Safe?
Written By: ATM Marketplace
It's no surprise that due to the coronavirus pandemic and lockdown, more people were ordering, shopping and paying online than ever before. And due to this digital migration, it's also no surprise that credit card fraud significantly increased as well.
For those aged 20-69 claiming to be a victim of fraud, the majority indicated an online site, email or company as source of the fraud. This included email phishing, fraudulent websites, unsecured public wifi networks, and online scams. Businesses and individuals should not discount any suspicious activity. Some of the most high-profile data breaches in the past decade started with a phishing email.
Train and inform staff and customers
Customers as well as staff need to be educated that any unsolicited email from a coworker, online store, bank or government agency should be treated as suspect until the sender can be verified. That sounds like common sense, but it's often these emails that get opened and are responsible for allowing fraudsters in.
Customers should be aware that phishing emails have become extremely advanced and sophisticated, using personal information, logos and company names that make it harder to realize the email is a scam. Clients and staff should be trained to realize that anytime sensitive information such as account numbers, credit card numbers, fund transfers or passwords are requested, even if it seems to be from a legitimate source, should be verified by another form of contact such as a phone call or text.
During the height of the pandemic, the vice president of accounts payable for a large overseas company received what looked like an email from his CEO requesting the transfer of funds to another overseas recipient. The email had come through the company intranet, had the company logo on the top of the email and looked, by all mean to be a legitimate email. Given that the majority of his team were working remote, the vice president was about to approve the transfer when he decided at the last minute to verify the transaction with the CEO. The email turned out to be a scam and the man saved his company significant embarrassment and money.
An old adage goes, " If a deal seems too good to be true, it probably is,' which is great advice to give to clients. If offers come in claiming amazing savings on specific items or services, customers can use a variety of apps to verify the savings, but a good rule of caution is to stick to well-known online retailers that provide data protection, encryption and safety precautions.
Physical Card Fraud
While online card fraud is an ever-growing threat, physical fraud tactics such as card skimmers, RFID skimmers, and simple card theft are still dangerous, and should never be overlooked. The magnetic stripe on a card makes it vulnerable to skimming devices and skimmers often turn up at unattended locations such as an ATMs or self-serve gas pumps. A close inspection of card readers, even if they are within a branch lobby, should be inspected regularly.
Protect customers by using security tape properly and ascertain it hasn't been tampered with. Avoid using generic security labels that can be purchased online; a branded tamper-evident tape is a better option. Instruct technicians and employees to place security tape in a place where it will actually work, all too often security stickers are stuck to a flat surface of a gas pump, no where near an opening, a PIN pad or a card readers.
Good places to apply security tape include over a card reader so externally-placed skimmers would cover or damage the tape; over the PIN pad border so that fraudulent PIN overlays would cover or damage the tape; and across any keyholes, service doors, panels. Internally placed skimmers pose a significant threat, as there's no way for a consumer to know that one has been installed, however, as the infrastructure is updated, it's more common to see silent alarms and deactivations in the event of unauthorized opening of equipment. Today's gas pumps can indicate electronically on the screen the addition of new security measures, which can deter fraudsters.
Credit card security
The FTC will go after fraudsters and litigate in an attempt to return money to victims. In 2019 alone, the FTC returned $232.4 million back to victims of fraud and identity theft.
Unfortunately, even when litigation is successful, victims may not get back all of the money they lost due to fraud. The cost of fraud is not only felt by consumers, but also by card issuers and banks who must, by law, reimburse fraudulent charges to consumers. Many go beyond the law's requirements and offer zero fraud liability for consumers, meaning as long as the bank can verify the charge is fraudulent and is reported in a timely fashion, the customer is not on the hook for the charge.
Consumers provide the first line of defense against fraud. Again, any request for personal information should be avoided and clients and companies should be mindful of online transactions and monitor accounts accordingly to detect fraud quickly. However, merchants also share a responsibility to protect customers from fraudsters. Merchants know their equipment and are better equipped to notice when something is wrong. By taking the threat of phishing and other online attacks seriously, a company can help to prevent large-scale theft of customer data.