Fraud and Abuse with Online Credit Cards

A Credit Article Contributed by Mark Mcclelland

Online Credit Card Fraud? How's This Possible?

Actually perpetrating credit card fraud through online means is relatively easy, and the perpetrators themselves are incredibly clever and inventive.

You've probably heard about this, but in November 2003, a whole series of e-mails were sent out to eBay customers saying, in essence, that their account may have been used in fraudulent activity by a 3rd party and that to reinstate their account they'd have to provide all the usual data online... credit card data, ATM personal identification number(PIN), social security number, date of birth, etc. The e-mail provided a hyperlink that would sent them to a web form they had to fill out and submit online.

Unfortunately, the e-mails didn't originate from eBay but were actually a clever bit of fraudulent activity called "phishing", as in "fishing for someone to catch". And this isn't the only, or most recent bit of phishing. Customers of some of the largest, and one would think securest, companies have been unwary victims; customers of Citibank, PayPal, C2iT, and Visa have all been hit.

So far, the number of schemes for perpetrating online credit card fraud seems to be limited only by the schemers creativity... and their threshold for risk taking. For example, an outsider installed small bits of applications called "spyware" on workstations at 13 Kinko's stores and was able to collect enough information to compromise the bank accounts of more than 400 honest consumers over a period of two years before the scheme was discovered.

Credit Card Fraud and Abuse Online

In a phishing scheme like the one described above, consumers are sent to some bogus Website that looks and behaves just like the the real one, and asks them to provide identity, bank account, credit card, and other data that can be be used to - in essence - take over the account, to make purchases online or otherwise.

While phishing, worms, hackers, hijacking, and spyware are five of the most common schemes currently used to gather consumer information online for subsequent fraudulent use, there are also programs called keyboard loggers that steal every name, user ID, password, all financial account information, and everything else typed in through a PC keyboard. And with increasing numbers of PCs going online through "always-on" DSL and cable modems, and increasing numbers of purchases being online, which require the entry of credit card data,attacks are even more frequent and successful.

Protecting Yourself from Online Credit Card Fraud

But although the story appears grim, all is not lost. There are a variety of measures being taken by VISA, MasterCard, the credit card issuers, and technology vendor (both hardware and software) to help protect your from online credit card, and other types of fraud. And among the many things you can do to help protect yourself from falling victim to online credit card fraud, two of the most important are:

* Make sure your online credit card purchases are made ONLY through a secure Web site, as indicated by an icon picture of a padlock or a solid key at the lower section of your browser window,and

* Only give out your credit card information if you initiate the transaction and you are comfortable that the company you are dealing with is reputable.