Credit Card or Debit Card fraud is basically a theft of identity. Once the scamster has this information, it is then used to make ATM cash withdrawals or make online purchases. The ease of doing eCommerce or online bill payment has made the job of fraudsters easier as identity theft can be carried out on computer or a smartphone. This can happen in various ways.
Skimming - Here a data skimming device is attached in the card reader slot to copy information from the magnetic strip when you swipe your card. A camera is also placed to capture the PIN in the vicinity of card reader or ATM machine.
Shoulder Surfing - In this technique, someone is already present near the machine on some pretext and when you operate the ATM machine, he tries to read your PIN and collects data.
Pharming - Here you are routed to a fake website which looks similar to the original and when you make online payment, this data is captured in the backend servers of the fraudster.
Keystroke Logging - This is a piece of software which once downloaded captures the keystrokes and the websites you surf. This data is transmitted back the servers where it is decoded and used for fraudulent transactions.
Public Wi-Fi - Surfing websites and doing online transactions on free wi-fi networks is a good place for hackers to steal your data.
Malware - This again is a piece of malicious software code which penetrates the banking systems or your local computer and allows fraudsters to access confidential card data.
Data Copy - This is one of the simplest and most effective form of data theft where your card is taken by the salesperson for swiping and the information from the magnetic strip is copied for later transactions.
Phishing or vishing - Here spam emails or SMS messages are sent to users and which appears to be from a genuine source. These messages are designed to fool you in getting your card number, username, password, etc.
SIM Exchange - Using the fake identity proof, a duplicate SIM card is issued by the mobile operator and the original one is deactivated. Once the fraudster has access to duplicate SIM, he generates the OTP and performs illegal transactions.
Unsafe apps - Mobile apps from unknown sources is another way of stealing your personal information.
Card Interception - In this technique, the card is intercepted before it reaches you.
Documents Misuse - This is similar to SIM exchange where the data stolen from application forms is used to get new cards issued using your personal information and identity documents.
Prevention and safety measures
ATM Machine - Do not use ATM machines if you something unusual like some additional device attached or the card slot is loose or damaged. There is a high possibility that a skimming device is attached to the machine. Also try and always use the ATM where a security guard is deployed and never take help from any stranger.
Cover Keypad - Cover the keypad with one hand while you enter your PIN. Also look around to see if any camera is installed near the machine.
Safe Sites - Always use well known shopping sites and confirm the legitimacy. Make sure the site uses Secure Sockets Layer (SSL) by looking at the browser url and it should start with https://. There is small green padlock appears in the address bar which you can click to see its legitimacy. Also do not select the option which says store card details for future use or faster checkout.
Anti-virus software - Always use a genuine antivirus and antimalware software on your PC or smartphone and enable a remote wipe feature in smartphone in case it gets stolen.
Hide CVV - Try and use virtual keyboard to avoid keystroke logging. Also the site accepting card details should show up asterisk while entering details.
Public Wi-Fi - Always try and avoid making any transactions in publicly available free wifi networks.
Bank Alerts - Register for banking alerts as they notify you everytime a transaction is done using your credit card.
Log Out - After completing transaction, log out from the site and close down all browser windows. You should always use the browser incognito mode as an additional safety measure as nothing is stored locally once you close down browser windows and it does not store user name and passwords.
Change Passwords - Periodically change your passwords and don't keep one password for all your banking systems.
Virtual Cards - If you do not shop frequently then you can even use virtual cards or prepaid cards. This reduces the risk to a great extent as the value is limited. Also do not use debit cards for online transactions as your entire cash is at risk if the information is compromised.
Never Disclose any details like your username, card number, PIN, CVV, etc. to anyone. If you happen to get any email or message to update your information, simply delete it as this is certainly a phishing message. You may call your bank to check the legitimacy of such a message.
Check Statements - Periodically check your bank or card statements and inform the bank immediately in case you see any fraudulent charge.
Merchants & POS - Make sure your card is swiped in front of you and not taken by the salesperson to a room or distant location. If he says that the machine is located in office then go along with him and check if any additional devices are not installed in the machine. Punch your security code by placing other hand on the keypad.
In case you are cheated, then inform the bank immediately and lodge a police complaint. Remember prevention is always better than post mortem. Do share your thoughts using the comments section below.