Identity Theft and Credit Card Fraud: What You Can Do and How to Reduce Your Risk
T he bank which issued one of my credit cards sent an e-mail message yesterday claiming to have denied a charge from a company from which I have never heard. I was asked to click either a green Yes button to verify the legitimacy of that questionable charge; or a red No button to indeed verify that the charge was not legitimate.
I did what you are supposed to do: call the bank which issued the credit card and speak to a live person and never click on the link provided in the e-mail message nor respond to the e-mail message. I have received a lot of e-mail messages lately from what appear to be legitimate companies asking me to click on a link to either send them information or verify something; and almost always, I hover my cursor over the link for a second, which then ultimately reveals an unknown uniform resource locator — or URL — which has nothing to do with the legitimate company. This is the usual confirmation that the e-mail message is a “phishing” scam where a questionable entity is attempting to gather vital information from me — most likely for the sender to send a virus to my computer or be able to steal my identity.
Upon calling the telephone number on the rear of my credit card — which I did last night — the representative confirmed that the e-mail message was not only indeed legitimate; but there was another questionable charge posted to the account that was not initiated by me.
After answering a few more questions, the credit card was immediately deactivated; a new credit card number was assigned to it; and any credits earned by using that credit card will automatically be transferred to my new credit card number. In fact, the biggest inconvenience will be to use my new credit card number with companies — such as airlines and hotels — which have my old credit card number on record…
…but perhaps that is not a good idea — especially in light of the recent apparent security breach with the official Internet web site of the Hilton HHonors frequent guest loyalty program where the accounts of members were reportedly compromised.
Members of the Club Carlson frequent guest loyalty program were required to change their passwords on or after July 10, 2014 to meet the following guidelines, as the new passwords must:
- Be at least 8 characters and no more than 20
- Contain one number from [0 – 9]
- Contain one lowercase letter [a – z]
- Contain one uppercase letter [A – Z]
- Contain one of these special symbols ! @ # $ % ^ & * ( ) + ?
- Cannot be the same as one of your previous five passwords
A decision was implemented at Delta Air Lines to require its SkyMiles frequent flier loyalty program members to use passwords instead of the former method of using a four-digit personal identification number to log into their accounts. The policy change — which occurred on October 29, 2014 — was originally supposed to be implemented towards the end of the year.
As careful as I am with my credit cards, I still experienced fraudulent activity. When asked about how the credit card could have been compromised despite my vigilance in keeping my credit card as secure as possible, the representative of the bank which issued the credit card replied that whenever I use the credit card, the numbers get thrown out there into cyberspace.
I am not sure I completely buy that explanation; but it certainly is plausible — and yet unfortunate at the same time. I suppose that recent security breaches — such as with Target Corporation and The Home Depot — have not exactly helped matters. The numbers are staggering: tens of millions of credit card numbers and pieces of customer data were stolen just with Target alone; and the number might have been even greater with Home Depot. Almost $150 million have been spent by Target to resolve issues associated with the data breach.
Alas, ’tis the season for identity theft and credit card fraud — which are not necessarily mutually exclusive but are quite different from each other — as you can be most susceptible to both during what should be a joyous holiday season. Technology can be its own dichotomy when it pertains to identity theft, as it can both reduce and increase the risk of it happening to you.
It is a huge game where the stakes are high: when someone steals your identity through a number of different methods, that person can use your information to purchase just about anything they want — and simultaneously render your life miserable for years to come as you attempt to regain your identity.
That thankfully did not happen to me — but stealing the number of a credit card can be a logical first step towards full-blown identity theft if not noticed and caught in time. It ultimately did not cost me a single penny thanks to the protections afforded to holders of credit cards — as I already mentioned, there are inconveniences involved with having a credit card compromised — but it is still a serious problem.
Identity Theft: A Growing Problem
Identity theft has been increasing over the years. For example, the Internal Revenue Service of the United States reported in 2013 a significant increase in fraud which involved identity thieves who filed false claims for income tax refunds by stealing and using the Social Security number of someone else. However, the rate of investigations initiated appear to be leveling off as according to the chart shown below: as of October 9, 2014, the Internal Revenue Service had already launched 1,063 investigations concerning identity theft tax refund fraud for fiscal year 2014 — approaching the same rate of 1,492 investigations initiated for all of fiscal year 2013, and greater than six times the 224 investigations initiated for all of fiscal year 2010.
Interestingly, the number of those who committed fraud and were sentenced in 2014 is approaching approximately double the number of those who committed fraud and were sentenced in 2013 — and the increases in both the incarceration rate and the average months to serve thankfully increased in 2014 as well.
|Average Months to Serve||43||
*Incarceration includes confinement to federal prison, halfway house, home detention, or some combination thereof. Since actions on a specific investigation may cross fiscal years, the data shown in cases initiated may not always represent the same universe of cases shown in other actions within the same fiscal year. Data Source: Criminal Investigation Management Information System via the official Internet web site of the Internal Revenue Service of the United States.
Of those investigations initiated since fiscal year 2010, the incarceration rate ranges from 88.9 percent all the way to 100 percent, depending on the year.
Of course, income tax fraud is only one of a myriad of forms of identity theft. I point out the income tax fraud as an egregious example of identity theft for a person who may not travel…
…and — as you can imagine — travel can exacerbate the risk of identity theft for a variety of reasons.
According to Fifth Third Bank, there were 8.1 million new victims of identity theft in the United States in 2008, with a new person falling victim to identity theft every 3.8 seconds — and the most common way to fall victim to identity theft is by having your wallet, credit card or checkbook lost or stolen.
Here are ways you can mitigate the risk of you experiencing identity theft and credit card fraud — portions of which first appeared in this article posted on May 3, 2013:
Use Credit Cards When You Travel — Not Debit Cards
A debit card is simply a tool used as a method of withdrawing cash directly from your bank account — similar to a check but with almost instant results — and if a thief uses your debit card, consider that money to be gone forever. For that reason alone — and I have other reasons as well — I never use debit cards, as they serve no purpose for me.
However, a credit card offers you protection by setting the maximum limit for which you could be liable — at $50.00 on some credit cards, for example — if your credit card account is compromised. Even if $5,000.00 were charged to your credit card, chances are you will not have to pay most or all of it if you successfully dispute that you were not the one who used that credit card for those fraudulent transactions.
Also, credit card accounts can be closed as a preventive measure if you suspect fraud. One telephone call will usually close down the account and an investigation will usually be launched by the credit card company. Closing down a bank account to which a debit card is tied is not as easy to accomplish — and you will most likely have already lost money before you even know that fraud is indeed occurring.
Chip-and-pin credit cards — in use in many countries around the world — have been slow in arriving in the United States, where credit cards with magnetic stripes are more prevalent. According to this article written by Susan Johnston of U.S. News and World Report magazine, there should be a significantly greater number of the chip-and-pin credit cards — considered more secure than credit cards with magnetic strips — in the United States in October of 2015. Liability for fraud is expected to shift from credit card issuers in the United States to merchants if the merchants do nott upgrade their payment terminals to properly accept chip-and-pin credit cards — hopefully resulting in decreased credit card fraud overall in the United States.
It is important to note that banks will often issue cards which combine the functionalities of a debit card with the ability to use the card at an automated teller machine, or ATM for short. The card which I currently have is only for use at automated teller machines and not for debit card transactions. This is so that if the card ever gets lost or stolen, it can only be used at automated teller machines and not at stores or other commercial businesses. If a bank attempts to combine both functionalities onto one card, I recommend you refuse to allow that — due to the reasons listed above — and ask a representative of the bank for a card which can only be used at automated teller machines and not at retail stores.
If you must use a debit card, use it only for cash withdrawals at automated teller machines and for no other purpose while you are traveling.
Bring Your Automated Teller Machine Card For Cash Withdrawals
You want to attempt to carry as little cash as possible when you travel, as it is nearly impossible to recover if it is lost or stolen. Ensure that you use a card issued by your bank to use in automated teller machines when you travel. These cards usually require a four-digit personal identification number which you create for your protection and becomes useless to a potential thief.
Another reason for using an automated teller machine card when you travel is that it is usually less expensive to withdraw money from a bank than exchanging currency by using a currency exchange service while abroad — depending on the fees that you are charged by the bank that issued the card, of course. Sure, you can walk into the bank and exchange money for a favorable rate — if you are willing to carry cash and if the bank is open at the time you need the cash. Do your homework and figure out which is the least expensive way to procure foreign currency should you need it while traveling.
Do not use a credit card or debit card at an automated teller machine while traveling — especially if they have not been assigned a personal identification number, as thieves could use them to access money. Additionally, credit card companies consider cash withdrawals at an automated teller machine as a cash advance and will accordingly charge you significant fees. You may also be charged a currency conversion fee — typically three percent — on top of the cash advance fee.
The downside of an automated teller machine is that a device could unknowingly be attached to the machine by thieves to skim the data off of your card — whether it is an automated teller machine card, a credit card or a debit card. That data is just like giving the thieves your card and giving them the personal identification number attached to it. Try to withdraw cash during business hours at a bank or — if that is not possible and you really need the cash — consider using the automated teller machine at a reputable bank, as their employees most likely check the machine every day to ensure its integrity has not been compromised. Besides, automated teller machines at banks are usually behind locked doors, so you can process your transactions with a certain degree of security. Nevertheless, always be aware of your surroundings — and if you notice anything that is even the least bit suspicious to you, leave the area and immediately report it to the local authorities if necessary.
Before Departing on Your Trip
Contact your bank and credit card companies to alert them that you are traveling, along with dates and destinations. This way, your accounts will most likely be monitored for any suspicious activity — especially if something is being purchase in Rome while you are in Singapore, for example.
Your local post office is more than happy to hold your mail for three days or more. Simply fill out a card with the dates when you do not want for your mail to be delivered and either hand it personally to your postal carrier, or go to the post office which serves your neighborhood and hand the card over to a postal service employee there. You can even choose whether you want the accumulated mail delivered to your home or pick it up yourself at the post office.
Pay your bills before you leave on your trip. This way, you will not have to worry about paying possible late fees — and you might reduce the amount of mail you receive while you are gone. Better yet, sign up for electronic bill payment — especially if there is a financial incentive to do so — but first ensure that the company or institution to which you are paying has a secure way of ensuring that your electronic payment will not be compromised. If necessary, contact the companies from who you expect bills during your trip to apprise them of your schedule — they will most likely work out a plan with you at no additional cost to you.
Give the Impression That Someone is Home in Your House
Before I leave on a trip, I always set up at least two timers to automatically turn on and off lights inside my home after dusk. Each timer has a minimum of two cycles which you can program. You can also do the same for televisions and other electronic equipment.
Alert your neighbors to watch your house, if you trust them. They can pick up your mail if for whatever reason you do not want to stop delivery of your mail by the postal service — but if they do, ask them to collect it every other day so that it is not as obvious that you are not home. Have them water your lawn, use your garbage cans and place them by the curb to be emptied by the waste removal company, and perhaps even park a vehicle in your driveway to help give the impression that someone is home while you are traveling.
Miscellaneous Identity Theft Deterrents
If you have any garbage in those aforementioned garbage cans, ensure that there is no sensitive information from which a thief can steal your identity. I believe in minimizing as much waste as possible — as an example, what I do is cut out my name and address from credit card applications and use them as return address labels for other mailings. If I have any leftover information which can be deemed sensitive and potentially threatening to having my identity stolen, I simply tear or shred that information and separate it into two or three piles to dispose of them at different times — rendering piecing the torn or shredded information back together again for thieves to use virtually impossible.
Dispose of obsolete credit cards by cutting them up into little pieces. Just because your credit card is expired or the account has been closed does not mean that a thief could not steal your identity or unsuccessfully use the credit card for nefarious purposes. Again, separate the pieces into two or three piles to dispose of them at different times…
…and consider recycling the shreds of paper or pieces of plastic which do not contain sensitive information. Hey — every little bit helps to save and preserve the environment.
This may sound silly, but a simple sign alerting would-be thieves that you have an alarm system — even if you do not have one — can be an effective deterrent whether or not you are traveling. The same can be said for a video surveillance system — even if the system is merely a fake but looks real. Lights equipped with motion sensors which automatically activate when they detect a moving being within its vicinity can be quite effective as well.
Speaking of lights, the advancement of light-emitting diode — or LED — lights combined with solar panels allows you to have lighting in your yard or along your walkway or driveway which will automatically turn on brightly at night without using electricity or having to run a line to each light from your electric system within your home. Consider purchasing a single light or a kit where you can easily install your outdoor lighting system in minutes; and with no operating costs.
Barking dogs can also be effective — but they of course should not be left alone for extended periods of time. Then again, a sign which warns to BEWARE OF DOG in big red letters can act as a deterrent to would-be thieves as well — even if you do not have a dog.
Minimize What You Bring
I travel light — whether it comes to what is in my pockets or what is in my lone bag. Some people suggest that you compile a list of what you need to bring with you on your trip — and then actually take only half of those items with you, as there is simply no need to carry more of your belongings than you will use…
…and that includes credit cards and automated teller machine cards. In addition to a small amount of cash — perhaps $100.00, depending what I believe I might need just in case — I travel with two credit cards and one automated teller machine card. In my years of travel, I have never needed any more than that. Do not bring your checkbook, as it is more than likely that a personal check from you will not be accepted as a valid form of currency.
On the rare occasion where I know I will not be driving at all while traveling, I will not bring my driver’s license with me if I am already bringing my passport. Why carry more than I need — especially if those items which I may not use could increase my risk of identity theft, even if only minimally?
Use Your Frequent Travel Loyalty Program Luggage Tags
Do not put your address on your luggage tag. Use only your name and telephone number — especially these days where a telephone is usually not fixed to one location anymore. Why disclose more information than necessary? Do you really want potential thieves to know where you live?
If you really must insist on using an address on your luggage tags, consider using the address of where you are employed — with the permission of the company, of course.
Additionally, take a look at one of the luggage tags provided to you by your favorite frequent travel loyalty programs, as there may be a bar code on it. If so — and if your bag is found and turned in to an office of the airline or lodging company — they can call up your information on their computer systems, alert you that they have your bag and return it to you; or you can retrieve it.
Secure Your Sensitive Documents
I carry my credit cards, cash, government identification, keys and boarding passes — as boarding passes may contain sensitive information which could be potentially useful for thieves — in the front pockets of my pants. Never put anything in your back pocket while traveling — I still stand by this advice based on my personal experience despite recent comments to the contrary — as that significantly increases the ease of stealing your information by a thief or pickpocket without you even knowing about it until it is way too late. You also increase the risk of simply losing what is in your back pocket. I have never had anything lost or stolen in my front pockets — ever.
If you carry a handbag, ensure that you loop the straps at least once around a body part of yours — such as the upper part of your arm — and keep the handbag within your sight at all times. This renders stealing your handbag significantly more difficult for a thief to simply snatch it right out of your hands if it is anchored to a part of your body. For this reason, do not secure the strap around your neck — for you could be choking and possibly suffer from strangulation if a thief attempted to forcefully yank the handbag away from you.
Carry Contact Information For Your Sensitive Documents and Valuables
Create a list of addresses and telephone numbers for issuers of credit cards, the local embassies of the government of the country where you are based, as well as the four last digits of your credit card numbers — just in case your valuable and important cards or documents are lost or stolen.
The last thing you want to do when you find out that something important or valuable has been lost or stolen is frantically attempt to figure out how to report it. You do not want to be stranded without your passport in a foreign country; nor do you want to waste valuable time trying to figure out how to contact the credit card company to close down your account while a thief is running amok with your credit card account number, racking up purchases with zeal. Store that contact information separately from the actual important or valuable instruments. Time is of the essence to a thief — and he or she is not going to stand there and question you for a photocopy of your passport or your listing of the contact information of the local embassy of the country where you are based after pilfering your passport.
You may want to consider taking photographs or creating photocopies of important documents, such as your passport. If you have access to a secure remote site, store the electronic versions of your list and photocopies there where you can download them anywhere in the world if necessary. You could consider keeping them on a secure flash drive which requires a password to access its contents.
Ensure Your Electronic Devices are Up-to-Date — If You Did Not Leave Them At Home
Do you really need a laptop computer, a cellular telephone, a video camera and a digital camera to lug around with you on your trip? Unless you are a professional photographer or traveling on business, your cellular telephone may be all you need to access the Internet, place telephone calls and photographically document your trip. Many hotel properties offer computers and peripherals with high-speed Internet access for a fee — or, better yet, for no cost at all.
Contact your service provider for details about placing calls while outside of the country where you are based.
Ensure that your electronic devices have the latest versions of software to secure the information you have stored on them — such as anti-virus and anti-spyware software in case you access the Internet in a manner which is not considered secure, for example.
Use the Hotel Safe
Why carry around superfluous items while you are out — to dinner at a restaurant, for example — when you can store them in the hotel safe? I have never been charged for having my valuable items securely stored in the hotel safe if I did not need them at that moment.
Notice I wrote hotel safe and not the safe which may be in your room, as it has been demonstrated that the safe in your hotel room may not be as secure as you might think. If you would rather not store items in the hotel safe, you might be better off storing items in hidden obscure places in the hotel room — if you remember to retrieve them when you are ready to check out, of course. After all, you never know who may be looking through your personal belongings, as demonstrated in the video found here.
Be Careful With Your Cards and Documents
More and more credit cards, passports and licenses are equipped with Radio Frequency Identification — or RFID — technology which allows you to simply wave your card or document in front of a nearby scanner. This may increase the convenience while reducing the time of using these cards or documents — but it also increases the convenience of thieves using an unauthorized scanner nearby to capture your data without you even knowing it. Consider the purchase of a wallet or purse specifically designed to store your cards and documents while blocking the waves emitted by the Radio Frequency Identification technology.
Do Not Let Your Card Out of Your Sight
In order to expedite a purchase transaction more quickly, some people will whip out their card and hold it in plain view while waiting in line — but then what is to stop a thief from pulling out a portable electronic device such as a “smartphone” and quickly taking a photograph of the number of the card?
I leave my cards in my front pocket until I am absolutely ready to use them — and even then, when I pull a card out, I ensure that the important numbers are covered and quickly retrieve the card, placing it back in my front pocket as soon as possible.
If you really want to quicken the transaction, pull the card out of your wallet or purse in a private place beforehand and place it in your front pocket where it will be easily accessible by you when it is time to process the transaction. Immediately put it back in your front pocket when the transaction is done and wait until you reach a private place to store the card back in your wallet or purse.
This, of course, leads to the question of the checking at airport security checkpoints of identification officially issued by governments: is it effective; and is there a chance that this could lead to you possibly becoming a victim of identity theft — or, at least, overaggressive marketing?
Memorize Your Social Security Number
If you are an American citizen, memorize your Social Security Number or the equivalent if you live in a different country — for example, memorize your Social Insurance Number if you are Canadian. Carrying it around with you is unnecessary and only poses a significantly greater risk of exposing you to identity theft.
If you have any type of account which uses your Social Security number for either the account number or the password, get it changed as soon as possible.
Do Not Fall Victim to a “Phishing” Scam
If someone posing as a bank, airline, hotel company or other enterprise contacts you to provide or verify sensitive information — such as account numbers or passwords — be wary. Legitimate companies typically do not request this type of information through solicitations. If you receive such a request, contact or visit the bank, company or Internet web site directly as soon as possible and verify why the information is being requested. Never reply directly to an e-mail message — or click on a link embedded in it — telephone call or letter requesting sensitive information and data. While the request may seem legitimate — it is very easy these days to replicate an official logo or sound professional — the people behind the request may very well be potential identity thieves. Banks and companies usually ask for you to verify yourself — and they will not be insulted if you verify them in return. In fact, verification is encouraged.
While “phishing” is the act of attempting to acquire personal information and data — such as passwords and credit card details — by masquerading as a trustworthy entity in an electronic communication, “smishing” is a form of “phishing” where short message service — or SMS — technology used for text messaging is incorporated in the scam.
Check All of Your Accounts Upon Your Return
When I return home from traveling, I immediately log into my credit card accounts via the Internet and check to ensure that there are no unauthorized charges on any of them. You can also carefully check your credit card statements if you receive them by postal mail.
Use Complex Passwords Which You Can Easily Memorize
More and more, entities such as Delta Air Lines and Club Carlson are requiring passwords which contain upper-case and lower-case letters, numbers and even punctuation symbols. Choose your password wisely in a way which you can easily remember it — for example, I could use The Gate and my birthday in the form of TheGateatBoardingArea_02301998…
…and — as you may have already guessed — that is not my birthday. Nice try, though…
Wipe Out Information When Disposing of Electronic Equipment
Before you dispose of an old computer or electronic device, first be sure to wipe out or destroy the hard disk drive or flash drive. Believe it or not, simply deleting files — and even formatting the drive — leaves your data intact enough that even a novice thief could recover your information. Properly “wiping” the data from a physical drive requires special software. Better yet — remove your drive from the electronic device and completely destroy it in any way possible in order to sufficiently destroy the disk and its contents to render them completely unrecoverable.
It is almost impossible to trust anyone these days when it comes to identity theft — as demonstrated with the example of the employees of jetBlue Airways who were accused of committing identity theft back in the spring of 2007. It is equally almost impossible to completely prevent yourself from either becoming a victim of identity theft or having your credit card compromised, as had just happened to me despite my vigilance. However — by following the aforementioned list of recommended precautionary actions — you can significantly mitigate the risk.
Other than the occasional contact from an employee of the security department of any of the companies which issued my credit cards to inform me — after they have been verified, of course — that there is a possible fraud alert on my credit card account from someone attempting to abuse it, I have thankfully never been a victim of identity theft even though I have had my credit cards compromised several times. Unfortunately, many people are the prey of someone attempting to use their credit card account numbers fraudulently to purchase items — but fortunately, those issues are usually resolved quickly and easily, thanks to the proactive practices of the issuers of credit card. As I mentioned earlier in this article, losing the affected credit card account and opening a new one is an irritating though minor inconvenience at best — but it sure beats the alternative…
…and if you are already experiencing the alternative by having already unfortunately become the victim of identity theft, help is available: please be sure to contact the Identity Theft Resource Center toll-free at 1-888-400-5530. The services offered are at no cost to victims of identity theft. You can also find out additional information through the Federal Trade Commission of the United States.
I hope that this information has been helpful to you. If you have any additional helpful information to minimizing becoming a victim of identity theft, please add it in the Comments below. Thank you.