Credit and debit card fraud and identity theft are at an all time high. It was reported by the 2012 Nilson Report that Credit card and debit card fraud resulted in losses amounting to $11.27 billion during 2012.
While the losses are mostly to by card issuers and merchants, the consumer ultimately pays for this through increased costs of products and services. The consumer is also affected by this fraud in other ways as well, including at minimum, the inconvenience of having to notify the card issuer and all of the merchants that have re-occurring authorizations on file.
Worst case, the consumer has a much bigger problem, identity theft, whereby the the thief assumes their identity, get’s a driver’s license and opens additional accounts in the cardholder’s name, charging up thousands of dollars of debt in the cardholder’s name, and sometimes wracking up legal trouble in the cardholder’s name as well. This can ruin someone’s life and cause them countless hours of grief to convince government entities, courts, and creditors that they weren’t the ones that charged up the debt and crimes, and to repair their legal record, credit record, and credit score. Many victims also are denied jobs, licenses, insurance, mortgages, and other opportunities that are dependent on a good legal record and/or credit score. Even when not denied these opportunities, they are paying more for interest on loans and credit cards because those rates are dependent on credit scores.
Here are 10 important steps that you can take to protect your credit.
1. Never e-mail or text credit card info. Why? Neither is a secure method to transmit such sensitive information because e-mail and text messages flow throughout many communication routes un-encrypted, plain for anyone to view along the way. Additionally, email accounts are particularly vulnerable to hacking for a number of reasons mostly due to weak or easily guessed passwords used. Viruses often come via email messages that compromise the computer, which allows a malicious user to easily log into email accounts whose login info is set to auto-login. If either your email account or the recipients email account is hacked, the hacker can simply search the email account for certain keywords such as “credit card” or a 16 characters string (the length of a VISA, MasterCard, or Discovercard account number), etc. to quickly find emails with credit card info in them.
2. Shred with a micro-shredder all discarded credit card offers, statements, account information, etc. Why? Identity thieves go through garbage and use this information to perpetuate fraud in your name.
3. Monitor your credit for unauthorized activity. Why? Catching the fraudulent activity sooner may minimize debt charged up in your name and further exposure for the fraud to grow, and allows you to repair your credit before you need to apply for credit.
a. This includes looking at your monthly statements timely. Does the transaction history look correct?
b. Review your credit report 3x’s per year (free through https://www.annualcreditreport.com).
c. Consider using a credit monitoring service whose main value is sending an alert that a new credit account(s) was opened (after-the-fact) to allow you to contest quicker.
4. Place a “Fraud Alert” or a “Credit Freeze” on your credit file. Visit the credit reporting bureaus (Equifax, Experian, and TransUnion) web sites for more information about the options of these two different steps that you can take. Why? These steps makes it harder for identity thieves to open new credit accounts in your name. If you are currently a victim of identity theft, this should be a must, and an option to consider for those concerned about becoming victims.
a. A Fraud Alert is a cautionary flag, which is placed on your credit file to notify lenders and others that they should take special precautions to ensure your identity before extending credit.
b. Security Freeze (also known as Credit Freeze) is a more dramatic step to protect your credit. Placing a Security Freeze will prevent lenders and others from accessing your credit report entirely, which will prevent them from extending credit. With a Security Freeze in place, even you will need to take special steps when you wish to apply for any type of credit.
5. Opt-out of offers of credit or insurance at the official consumer credit reporting industry website https://www.optoutprescreen.com. Why? In doing so, invitations for pre-approved credit and insurance should stop. This should reduce your exposure to identity theft because identity thieves regularly use these invitations (stolen from mailboxes or trashcans) as step #1 in the perpetuation of the crime.
6. Secure your computer. Why? To protect you against unauthorized access of your data stored on your computer by individuals. This can also occur by mal-ware (malicious software), such as spyware, that records and transmits your keystrokes (what you have typed) to a malicious third party, or allows remote control of your computer to a malicious 3rd party, either of which may be used to gain access to personal information such as bank and credit card info and/or accounts, user names, and passwords.
a. Make sure your computer has a system password.
b. Keep your operating system patched. (ie Windows updates turned on to automatic)
c. Make sure your computer has anti-virus software installed, definitions are up to date, and the subscription active. Scan entire hard drive daily.
d. Only open e-mail file attachments from those that you know, trust, *AND* would expect a file attachment from. (Their computer could be infected and sending out mal-ware). Computers are frequently infected by mal-ware through the opening of malicious file attachments. And commonly, infected computers act as a host to spread the infection to other computers by e-mailing out mal-ware file attachments to those in the infected computer’s address book.
e. DO NOT let your browser save (aka “cache”) passwords. They usually do not store them in an encrypted form, and their location is readily accessible to mal-ware, as well as other people accessing your computer for easy access to banking and credit card websites.
f. Only visit reputable websites. Computers are frequently infected by mal-ware by visiting infected websites.
7. When making web purchases, make sure the browsing session is encrypted and the SSL certificate is valid with no errors.
a. If you see “https” at the very beginning of the web site’s address and the lock symbol in your browser’s address bar, your session should be encrypted. The “s” in the https and the padlock icon mean it’s a secure and encrypted web session. Why? Internet traffic flows throughout many routes over the internet. Along the route, the information that is transmitted back and forth is plain for anyone to view. Encryption scrambles your information as it flows over the internet and then it is only de-crypted (un-scrambled) at the merchant’s server.
b. Make sure your browser is not indicating any SSL certificate errors. The SSL certificate insures that the web traffic is being routed to the appropriate server, not being diverted. Why? You wouldn’t want to be providing your payment information through hijacked / re-routed path to another server, most likely for malicious purposes.
8. Take care when creating and storing passwords.
a. Use strong passwords, which means: at least 8 characters in length, at least 1 upper case letter, at least 1 lower case letter, at least 1 numbers, and if allowed, at least 1 symbol.Try not use passwords easily guessed.
b. Avoid using the same password for more than 1 site.
c. Avoid using words found in the dictionary for passwords.
d. Construct passwords from elements of phrases.
e. Change web password periodically, including your e-mail account.
f. Use a password manager like RoboForm to keep track of and store your passwords in a secure and encrypted manner.
9. Consider your payment method.
a. Consider using Paypal as your payment method for online purchases, because you are not giving out any of your payment information to the merchant. Paypal insulates the payment info from the transaction so the merchant never gets your card information. This will reduce the number of people who have access to your card information.
b. Avoid using a debit card. While your liability with fraud is typically zero with most credit and debit cards, avoid using a debit card. Why? With a credit card, fraud reported puts the charges in dispute immediately, and while the process may be inconvenience you for for a week while a replacement card is being sent with a new account number, you are not out any of your own money. However, if fraud happens on a debit card, your money is deducted from your bank account when the purchase was made, and may take considerable time to get replaced by your bank, which may cause you to bounce an important check or ACH transaction such as your mortgage payment.
10. Be careful when giving out personal information on applications and by telephone.
a. Only provide information to those who you can verify their identity. For instance, if an representative is requesting information, tell them that you will contact them back, then look up and calling their main office main office phone number to reach them, don’t just call the number they provide.
b. Only provide necessary information. For instance, at my vet’s office, their intake sheet asked for social security number and driver’s license. I asked the tech, “What do you need that for?”. Her response was, “For payment by check, and we don’t accept checks anymore, so I guess we don’t need it”. I don’t need to provide the vet and all of his staff all the info that an identity thief needs to assume my identity.
Here are some additional considerations: https://www.thesimpledollar.com/protecting-your-credit-cards
Source: http://www.nilsonreport.com/publication_chart_and_graphs_archive.php?1=1&year=2013
Source: https://www.optoutprescreen.com
Source: http://krebsonsecurity.com/2014/03/are-credit-monitoring-services-worth-it/
Source: http://www.transunion.com/personal-credit/identity-theft-and-fraud.page