Credit Card Fraud & subsequent Loss Prevention

This report is presented as part of the MPD 2nd District Citizens Advisory Council meeting on April 6th 2021. In this report, types of credit card theft and fraud, followed by strategies to prevent the same are discussed.

Types of credit card theft and fraud:

1. Theft of wallets and purses e.g. in a grocery store followed by rapid charges at luxury stores or online stores in same/other cities.

2. Phishing scams such as fraudulent phone calls/emails posing as financial institutions/online shopping platforms asking to verify credit card information on file

3. Hack on online login passwords through phishing emails designed to be identical to financial institutions

4. Advance fee scams such as Nigerian 419 scams asking for a small portion of fees in advance in advance for substantial financial gain/vehicle/pets to be transported to the buyer then recurring charges on credit card.

5. Card skimmers at gas stations or atm machines that copy and transmit credit card information

6. Credit card RFID scanners at high traffic areas to wirelessly download credit card information without knowledge of the victim

7. Database leak of credit card information at medical offices/labs/department stores

8. Database leak of credit card information from the financial institutions themselves.

9. Sale of credit card information on the dark web

Can credit card fraud be prevented? Likely not

Can one prevent losses due to credit card fraud? Yes

Strategies to prevent losses from credit card fraud:

1. Use payment apps such as Apple Pay/Google pay instead of physical cards on phone/watch

2. Use RFID Wallets to protect credit card information from scanners

3. Set up 2 factor authorization with your phone as second level of authorization instead is Sms or email. Sms can be rerouted to another device via voip forwarding.

4. Use chip based usb/micro usb/lightning/nfc security keys that connect to phone/Pc that also detect if the website requesting 2 factor authentication is genuine or a phishing scam.

5. Use VPN on your phone and other internet connected devices. VPN can detect fake https protocols used in phishing.

6. Check to ensure there are no additional devices installed on top of the card reader at gas stations and public atms. Older devices used the Bluetooth (short range) protocol and the thieves would wait in an nearby car. Newer devices use data networks and cannot be deterred using Bluetooth protocols.

7. Never provide verification of credit card information over the phone or using web links in emails. Always verify with original merchant/vendor/service provider website.

8. Set up notifications for every transaction on your credit card

9. Frequently monitor credit card transactions (at least once a week, preferably at the start of the week)

10. Frequently change online banking passwords

11. Use virtual credit card numbers with limited transaction value and short expiry dates for online transactions

12. Set up credit monitoring using free services such as Credit Karma and Wallet Hub

Report credit card fraud to MPD and the FBI where applicable.

Kishore Raheja, Technology and Social Media Committee, MPD 2D CAC, Washington DC

The author is a member of MPD 2nd District Citizens Advisory Council in Washington DC and part of it’s Technology and Social Media Committee.