loves company, and those miserable after their credit cards were stolen
have a whole lot of company.
A little over one-fourth
of American adults say they’ve had a credit card number stolen, an April 2018 survey by
the American Institute of CPAs
found. About the same number of adults say they’ve been the victim of an email “phishing”
employ a number of tactics to capitalize on credit card data, and they find
that data in an array of places.
follows is a rundown of seven hot spots for your credit card information to be
stolen and advice on what you can do to protect your personal info.
Your car (wherever it’s parked).
Thieves who break into your car are hunting for
anything valuable, and they often come across wallets or purses that contain
The crooks then will take off and almost
immediately start running up charges, oftentimes by buying gift cards so they can
essentially convert stolen credit cards into cash.
While thieves often break into locked vehicles via “smash
and grabs,” leaving a wallet or purse in an unlocked car is an open invitation.
Hot spots for card theft from cars: Vehicles parked
at shopping centers, hiking trails, gyms and other public places where the
owners are likely to be gone for a while.
How to protect
yourself: Don’t leave wallets or purses (or loose credit cards) in your
car or lock them in the trunk, away from prying eyes.
Gas pumps and ATMs.
Card skimmers at gas pumps and ATMs have
been on the rise. In Florida alone, authorities expect to uncover
skimmers at 1,000 gas pumps this year, compared with more than
650 in 2017.
With skimmers, criminals steal, or “skim,” your
credit card or debit card information, and then use that data to produce
To check the gas pump or ATM, gently nudge and pull
both the card reader and keypad to see whether it doesn’t fit well, says Paige Hanson, chief
of identity education at LifeLock, a provider of identity theft protection
This could signal a scammer has installed a
“It’s important to note that
inspecting an ATM or gas station pump will not help you identify the skimmers
that are placed inside the terminals,” Hanson says.
Don’t use the gas pump or ATM if you come across
something that’s loose or that looks as though it’s been tampered with, says Ken Allen, senior vice president of
identity and fraud at Equifax.
How to protect yourself: If
you’re buying gas and suspect a skimmer may be installed at a pump, go to
another pump, drive to a different gas station or consider paying with cash. If
you’re trying to use a card at an ATM, head to a bank branch and do a
face-to-face transaction with a human teller, or pick another ATM.
For ways you can cut your fraud risk by using your eyes, your fingers, a free app and even your common sense, read how to spot a gas station or ATM skimmer.
Restaurants and bars.
you’ve savored a steak-and-lobster dinner at a four-star restaurant or sipped
on a couple of martinis at a trendy bar, it’s time to pay the tab. That’s when
the chance for card theft increases.
“We hand our credit cards over to total strangers numerous times
a day without thinking twice about it,” Hanson says. “However, unlike most transactions,
servers at restaurants and bars take
your credit card out of sight. We’re instilling a lot of trust in them.”
Most servers are honest, Hanson says, but you might be handing over your card to an employee
who is capturing your data with a mobile skimmer – like those at a gas pumps or
ATMs – or by simply jotting down your card info.
How to protect yourself: To stop
a bar or restaurant worker from feasting on your credit card information, pay
in cash or use a credit card instead of a debit card. When you pay by credit
card, you have stronger consumer protections under federal law than if you use
a debit card. Increasingly, restaurants are trying to protect your card information by installing tabletop payment terminals.
Data breaches are the new normal at stores, hotels,
restaurants and other businesses. In 2018 alone, retailers such as Best Buy and
Sears have reported that consumer data has been compromised.
In a typical data breach, a hacker accesses
a retailer’s point-of-sale system, installs malware and steals information captured
via the magnetic strips on the back of credit cards.
Personal information stolen can
include names, credit card numbers, expiration dates and security codes.
How to protect yourself: Dip your
chip card, don’t swipe your magnetic stripe card.
Chip cards are “more secure, as each
transaction creates a new, unique code to confirm the purchase and share the
cardholder’s information with the store,” Hanson says.
Airports and hotels.
A cybercrook can fly away with your credit card
information while you’re waiting for your flight or lounging at the hotel pool.
Most airports and hotels offer free Wi-Fi, but it typically
is unsecured. This means credit card information you enter on your laptop
keyboard or smartphone screen is unencrypted and vulnerable to cyberthieves.
Free, unencrypted Wi-Fi service “is the path of
least resistance for those skilled in hacking Wi-Fi,” warns Robert Siciliano, a
security analyst with Hotspot Shield, which offers virtual private network
How to protect
yourself: Log on to a secured Wi-Fi network so your credit card
information will be encrypted (the data is scrambled and shielded from
unauthorized access). Siciliano also suggests using a VPN.
“VPNs create virtual tunnels that
encrypt all information being passed in and out of your device, protecting you
and your data from prying eyes,” Hanson says.
Also, whenever you’re online, look for “https://” preceding the
name of the site. Through encryption, an “https://” website protects your information.
Credit card numbers sent through a website preceded by “http://” are not encrypted.
When you toss something in the trash,
you don’t want it anymore. Some thieves, however, do want what you’ve thrown away.
Crooks will dig through the trash
container in front of your home, the dumpster at your apartment complex or the
business center in your hotel in search of discarded papers.
These dumpster divers could grab
preapproved credit card offers, credit card bills or bank statements to steal
your identity and set up accounts in your name, Hanson says.
How to protect yourself: Shred any
mail and other paperwork that contains sensitive information. Also, give the
fraudsters less time to steal your info: Take out the trash the morning of
pickup day, rather than the night before, Hanson says.
Around the world, about
269 billion emails were sent and received every day in 2017. And billions of those emails carry the potential
to steal our card information.
In many cases, the senders of those emails dupe us
through “phishing.” Fraudsters create what looks like a legitimate website and
email a link to it, says Rafael Amado, a strategy and research analyst at Digital
Shadows, a digital security company.
If you click on the link, you’re taken to a fake
site, where you’re asked to divulge information such as your credit card number.
Phishing scams also pop up in text
messages on mobile devices. This is known as SMS phishing, or “smishing.”
In addition, Hanson urges us to be
alert for voice phishing, or “vishing.” With vishing, a scammer calls and asks
for details, such as a card number and a PIN, because your card supposedly has
How to protect yourself: Don’t click on a link that looks even
the slightest bit suspicious. If you’re in doubt, contact the credit card
issuer or whichever company supposedly sent the email to confirm whether the
message is legitimate.
To avoid a
vishing scam, offer to call back before offering any security information. A
credit card issuer or bank will never ask for your PIN over the phone.
See related: Suspect card fraud? How to file a claim, Credit cards are top source of ID theft complaints, FTC says, Infographic: Credit cards bring new fraud trends, First-time fraud victims likely to be hit again